From e87bd0fbebd1b0b3c2060ba0dcf89f7a2d0cbfce Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Fri, 25 Jan 2019 00:56:50 +0000 Subject: [PATCH 01/30] Add InSpec support for backend service Signed-off-by: Modular Magician --- .../google_compute_backend_service.md | 91 ++++++++++++++ .../google_compute_backend_services.md | 45 +++++++ .../property/backendservice_backends.rb | 61 ++++++++++ .../backendservice_cache_key_policy.rb | 41 +++++++ .../property/backendservice_cdn_policy.rb | 30 +++++ .../backendservice_connection_draining.rb | 29 +++++ .../compute/property/backendservice_iap.rb | 38 ++++++ libraries/google_compute_backend_service.rb | 88 ++++++++++++++ libraries/google_compute_backend_services.rb | 114 ++++++++++++++++++ test/integration/build/gcp-mm.tf | 20 +++ .../configuration/mm-attributes.yml | 10 +- .../google_compute_backend_service.rb | 42 +++++++ .../google_compute_backend_services.rb | 37 ++++++ 13 files changed, 645 insertions(+), 1 deletion(-) create mode 100644 docs/resources/google_compute_backend_service.md create mode 100644 docs/resources/google_compute_backend_services.md create mode 100644 libraries/google/compute/property/backendservice_backends.rb create mode 100644 libraries/google/compute/property/backendservice_cache_key_policy.rb create mode 100644 libraries/google/compute/property/backendservice_cdn_policy.rb create mode 100644 libraries/google/compute/property/backendservice_connection_draining.rb create mode 100644 libraries/google/compute/property/backendservice_iap.rb create mode 100644 libraries/google_compute_backend_service.rb create mode 100644 libraries/google_compute_backend_services.rb create mode 100644 test/integration/verify/controls/google_compute_backend_service.rb create mode 100644 test/integration/verify/controls/google_compute_backend_services.rb diff --git a/docs/resources/google_compute_backend_service.md b/docs/resources/google_compute_backend_service.md new file mode 100644 index 000000000..a39c873c9 --- /dev/null +++ b/docs/resources/google_compute_backend_service.md @@ -0,0 +1,91 @@ +--- +title: About the BackendService resource +platform: gcp +--- + + +## Syntax +A `google_compute_backend_service` is used to test a Google BackendService resource + +## Examples +``` +describe google_compute_backend_service(project: 'chef-gcp-inspec', name: 'inspec-gcp-backend-service') do + it { should exist } + its('description') { should eq 'A description' } + its('port_name') { should eq 'http' } + its('protocol') { should eq 'HTTP' } + its('timeout_sec') { should eq '10' } + its('enable_cdn') { should eq 'true' } +end + +describe google_compute_backend_service(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_backend_service` resource: + + * `affinity_cookie_ttl_sec`: Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day. When the load balancing scheme is INTERNAL, this field is not used. + + * `backends`: The list of backends that serve this BackendService. + + * `balancingMode`: Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL). This cannot be used for internal load balancing. + + * `capacityScaler`: A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0]. This cannot be used for internal load balancing. + + * `description`: An optional description of this resource. Provide this property when you create the resource. + + * `group`: This instance group defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource. When the BackendService has load balancing scheme INTERNAL, the instance group must be in a zone within the same region as the BackendService. + + * `maxConnections`: The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set. This cannot be used for internal load balancing. + + * `maxConnectionsPerInstance`: The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set. This cannot be used for internal load balancing. + + * `maxRate`: The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or maxRatePerInstance must be set. This cannot be used for internal load balancing. + + * `maxRatePerInstance`: The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set. This cannot be used for internal load balancing. + + * `maxUtilization`: Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. The default is 0.8. Valid range is [0.0, 1.0]. This cannot be used for internal load balancing. + + * `cdn_policy`: Cloud CDN configuration for this BackendService. + + * `cacheKeyPolicy`: The CacheKeyPolicy for this CdnPolicy. + + * `connection_draining`: Settings for connection draining + + * `drainingTimeoutSec`: Time for which instance will be drained (not accept new connections, but still work to finish started). + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `description`: An optional description of this resource. + + * `enable_cdn`: If true, enable Cloud CDN for this BackendService. When the load balancing scheme is INTERNAL, this field is not used. + + * `health_checks`: The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified, and a health check is required. For internal load balancing, a URL to a HealthCheck resource must be specified instead. + + * `id`: The unique identifier for the resource. + + * `iap`: Settings for enabling Cloud Identity Aware Proxy + + * `enabled`: Enables IAP. + + * `oauth2ClientId`: OAuth2 Client ID for IAP + + * `oauth2ClientSecret`: OAuth2 Client Secret for IAP + + * `oauth2ClientSecretSha256`: OAuth2 Client Secret SHA-256 for IAP + + * `load_balancing_scheme`: Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. + + * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `port_name`: Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL. When the load balancing scheme is INTERNAL, this field is not used. + + * `protocol`: The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, TCP, and SSL. The default is HTTP. For internal load balancing, the possible values are TCP and UDP, and the default is TCP. + + * `region`: The region where the regional backend service resides. This field is not applicable to global backend services. + + * `session_affinity`: Type of session affinity to use. The default is NONE. When the load balancing scheme is EXTERNAL, can be NONE, CLIENT_IP, or GENERATED_COOKIE. When the load balancing scheme is INTERNAL, can be NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the protocol is UDP, this field is not used. + + * `timeout_sec`: How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds. Valid range is [1, 86400]. diff --git a/docs/resources/google_compute_backend_services.md b/docs/resources/google_compute_backend_services.md new file mode 100644 index 000000000..98ec3896d --- /dev/null +++ b/docs/resources/google_compute_backend_services.md @@ -0,0 +1,45 @@ +--- +title: About the BackendService resource +platform: gcp +--- + + +## Syntax +A `google_compute_backend_services` is used to test a Google BackendService resource + +## Examples +``` +describe google_compute_backend_services(project: 'chef-gcp-inspec') do + its('count') { should be >= 1 } + its('names') { should include 'inspec-gcp-backend-service' } + its('port_names') { should include 'http' } + its('protocols') { should include 'HTTP' } + its('timeout_secs') { should include '10' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_backend_services` resource: + +See [google_compute_backend_service.md](google_compute_backend_service.md) for more detailed information + * `affinity_cookie_ttl_secs`: an array of `google_compute_backend_service` affinity_cookie_ttl_sec + * `backends`: an array of `google_compute_backend_service` backends + * `cdn_policies`: an array of `google_compute_backend_service` cdn_policy + * `connection_drainings`: an array of `google_compute_backend_service` connection_draining + * `creation_timestamps`: an array of `google_compute_backend_service` creation_timestamp + * `descriptions`: an array of `google_compute_backend_service` description + * `enable_cdns`: an array of `google_compute_backend_service` enable_cdn + * `health_checks`: an array of `google_compute_backend_service` health_checks + * `ids`: an array of `google_compute_backend_service` id + * `iaps`: an array of `google_compute_backend_service` iap + * `load_balancing_schemes`: an array of `google_compute_backend_service` load_balancing_scheme + * `names`: an array of `google_compute_backend_service` name + * `port_names`: an array of `google_compute_backend_service` port_name + * `protocols`: an array of `google_compute_backend_service` protocol + * `regions`: an array of `google_compute_backend_service` region + * `session_affinities`: an array of `google_compute_backend_service` session_affinity + * `timeout_secs`: an array of `google_compute_backend_service` timeout_sec + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google/compute/property/backendservice_backends.rb b/libraries/google/compute/property/backendservice_backends.rb new file mode 100644 index 000000000..0089842f6 --- /dev/null +++ b/libraries/google/compute/property/backendservice_backends.rb @@ -0,0 +1,61 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class BackendServiceBackends + attr_reader :balancing_mode + + attr_reader :capacity_scaler + + attr_reader :description + + attr_reader :group + + attr_reader :max_connections + + attr_reader :max_connections_per_instance + + attr_reader :max_rate + + attr_reader :max_rate_per_instance + + attr_reader :max_utilization + + def initialize(args = nil) + return if args.nil? + @balancing_mode = args['balancingMode'] + @capacity_scaler = args['capacityScaler'] + @description = args['description'] + @group = args['group'] + @max_connections = args['maxConnections'] + @max_connections_per_instance = args['maxConnectionsPerInstance'] + @max_rate = args['maxRate'] + @max_rate_per_instance = args['maxRatePerInstance'] + @max_utilization = args['maxUtilization'] + end + end + + class BackendServiceBackendsArray + def self.parse(value) + return if value.nil? + return BackendServiceBackends.new(value) unless value.is_a?(::Array) + value.map { |v| BackendServiceBackends.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/backendservice_cache_key_policy.rb b/libraries/google/compute/property/backendservice_cache_key_policy.rb new file mode 100644 index 000000000..a0951f41e --- /dev/null +++ b/libraries/google/compute/property/backendservice_cache_key_policy.rb @@ -0,0 +1,41 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class BackendServiceCachekeypolicy + attr_reader :include_host + + attr_reader :include_protocol + + attr_reader :include_query_string + + attr_reader :query_string_blacklist + + attr_reader :query_string_whitelist + + def initialize(args = nil) + return if args.nil? + @include_host = args['includeHost'] + @include_protocol = args['includeProtocol'] + @include_query_string = args['includeQueryString'] + @query_string_blacklist = args['queryStringBlacklist'] + @query_string_whitelist = args['queryStringWhitelist'] + end + end + end + end +end diff --git a/libraries/google/compute/property/backendservice_cdn_policy.rb b/libraries/google/compute/property/backendservice_cdn_policy.rb new file mode 100644 index 000000000..f83d99d09 --- /dev/null +++ b/libraries/google/compute/property/backendservice_cdn_policy.rb @@ -0,0 +1,30 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/backendservice_cache_key_policy' +module GoogleInSpec + module Compute + module Property + class BackendServiceCdnpolicy + attr_reader :cache_key_policy + + def initialize(args = nil) + return if args.nil? + @cache_key_policy = GoogleInSpec::Compute::Property::BackendServiceCachekeypolicy.new(args['cacheKeyPolicy']) + end + end + end + end +end diff --git a/libraries/google/compute/property/backendservice_connection_draining.rb b/libraries/google/compute/property/backendservice_connection_draining.rb new file mode 100644 index 000000000..773c2297e --- /dev/null +++ b/libraries/google/compute/property/backendservice_connection_draining.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class BackendServiceConnectiondraining + attr_reader :draining_timeout_sec + + def initialize(args = nil) + return if args.nil? + @draining_timeout_sec = args['drainingTimeoutSec'] + end + end + end + end +end diff --git a/libraries/google/compute/property/backendservice_iap.rb b/libraries/google/compute/property/backendservice_iap.rb new file mode 100644 index 000000000..463d16371 --- /dev/null +++ b/libraries/google/compute/property/backendservice_iap.rb @@ -0,0 +1,38 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class BackendServiceIap + attr_reader :enabled + + attr_reader :oauth2_client_id + + attr_reader :oauth2_client_secret + + attr_reader :oauth2_client_secret_sha256 + + def initialize(args = nil) + return if args.nil? + @enabled = args['enabled'] + @oauth2_client_id = args['oauth2ClientId'] + @oauth2_client_secret = args['oauth2ClientSecret'] + @oauth2_client_secret_sha256 = args['oauth2ClientSecretSha256'] + end + end + end + end +end diff --git a/libraries/google_compute_backend_service.rb b/libraries/google_compute_backend_service.rb new file mode 100644 index 000000000..538de535d --- /dev/null +++ b/libraries/google_compute_backend_service.rb @@ -0,0 +1,88 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +require 'google/compute/property/backendservice_backends' +require 'google/compute/property/backendservice_cache_key_policy' +require 'google/compute/property/backendservice_cdn_policy' +require 'google/compute/property/backendservice_connection_draining' +require 'google/compute/property/backendservice_iap' + +# A provider to manage Google Compute Engine resources. +class BackendService < GcpResourceBase + name 'google_compute_backend_service' + desc 'BackendService' + supports platform: 'gcp' + + attr_reader :affinity_cookie_ttl_sec + attr_reader :backends + attr_reader :cdn_policy + attr_reader :connection_draining + attr_reader :creation_timestamp + attr_reader :description + attr_reader :enable_cdn + attr_reader :health_checks + attr_reader :id + attr_reader :iap + attr_reader :load_balancing_scheme + attr_reader :name + attr_reader :port_name + attr_reader :protocol + attr_reader :region + attr_reader :session_affinity + attr_reader :timeout_sec + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/backendServices/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @affinity_cookie_ttl_sec = @fetched['affinityCookieTtlSec'] + @backends = GoogleInSpec::Compute::Property::BackendServiceBackendsArray.parse(@fetched['backends']) + @cdn_policy = GoogleInSpec::Compute::Property::BackendServiceCdnpolicy.new(@fetched['cdnPolicy']) + @connection_draining = GoogleInSpec::Compute::Property::BackendServiceConnectiondraining.new(@fetched['connectionDraining']) + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @description = @fetched['description'] + @enable_cdn = @fetched['enableCDN'] + @health_checks = @fetched['healthChecks'] + @id = @fetched['id'] + @iap = GoogleInSpec::Compute::Property::BackendServiceIap.new(@fetched['iap']) + @load_balancing_scheme = @fetched['loadBalancingScheme'] + @name = @fetched['name'] + @port_name = @fetched['portName'] + @protocol = @fetched['protocol'] + @region = @fetched['region'] + @session_affinity = @fetched['sessionAffinity'] + @timeout_sec = @fetched['timeoutSec'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_backend_services.rb b/libraries/google_compute_backend_services.rb new file mode 100644 index 000000000..c689f61ee --- /dev/null +++ b/libraries/google_compute_backend_services.rb @@ -0,0 +1,114 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class BackendServices < GcpResourceBase + name 'google_compute_backend_services' + desc 'BackendService plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:affinity_cookie_ttl_secs, field: :affinity_cookie_ttl_sec) + filter_table_config.add(:backends, field: :backends) + filter_table_config.add(:cdn_policies, field: :cdn_policy) + filter_table_config.add(:connection_drainings, field: :connection_draining) + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:enable_cdns, field: :enable_cdn) + filter_table_config.add(:health_checks, field: :health_checks) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:iaps, field: :iap) + filter_table_config.add(:load_balancing_schemes, field: :load_balancing_scheme) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:port_names, field: :port_name) + filter_table_config.add(:protocols, field: :protocol) + filter_table_config.add(:regions, field: :region) + filter_table_config.add(:session_affinities, field: :session_affinity) + filter_table_config.add(:timeout_secs, field: :timeout_sec) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/backendServices' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'affinityCookieTtlSec' => ->(obj) { return :affinity_cookie_ttl_sec, obj['affinityCookieTtlSec'] }, + 'backends' => ->(obj) { return :backends, GoogleInSpec::Compute::Property::BackendServiceBackendsArray.parse(obj['backends']) }, + 'cdnPolicy' => ->(obj) { return :cdn_policy, GoogleInSpec::Compute::Property::BackendServiceCdnpolicy.new(obj['cdnPolicy']) }, + 'connectionDraining' => ->(obj) { return :connection_draining, GoogleInSpec::Compute::Property::BackendServiceConnectiondraining.new(obj['connectionDraining']) }, + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'enableCDN' => ->(obj) { return :enable_cdn, obj['enableCDN'] }, + 'healthChecks' => ->(obj) { return :health_checks, obj['healthChecks'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'iap' => ->(obj) { return :iap, GoogleInSpec::Compute::Property::BackendServiceIap.new(obj['iap']) }, + 'loadBalancingScheme' => ->(obj) { return :load_balancing_scheme, obj['loadBalancingScheme'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'portName' => ->(obj) { return :port_name, obj['portName'] }, + 'protocol' => ->(obj) { return :protocol, obj['protocol'] }, + 'region' => ->(obj) { return :region, obj['region'] }, + 'sessionAffinity' => ->(obj) { return :session_affinity, obj['sessionAffinity'] }, + 'timeoutSec' => ->(obj) { return :timeout_sec, obj['timeoutSec'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index 74402c25f..f9d9f9452 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -38,6 +38,10 @@ variable "health_check" { type = "map" } +variable "backend_service" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -140,4 +144,20 @@ resource "google_compute_health_check" "gcp-inspec-health-check" { tcp_health_check { port = "${var.health_check["tcp_health_check_port"]}" } +} + +resource "google_compute_backend_service" "gcp-inspec-backend-service" { + project = "${var.gcp_project_id}" + name = "${var.backend_service["name"]}" + description = "${var.backend_service["description"]}" + port_name = "${var.backend_service["port_name"]}" + protocol = "${var.backend_service["protocol"]}" + timeout_sec = "${var.backend_service["timeout_sec"]}" + enable_cdn = "${var.backend_service["enable_cdn"]}" + + backend { + group = "${google_compute_instance_group_manager.gcp-inspec-igm.instance_group}" + } + + health_checks = ["${google_compute_health_check.gcp-inspec-health-check.self_link}"] } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index e59e95e9a..a7755e4e0 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -52,4 +52,12 @@ health_check: name: inspec-gcp-health-check timeout_sec: 10 check_interval_sec: 10 - tcp_health_check_port: 80 \ No newline at end of file + tcp_health_check_port: 80 + +backend_service: + name: inspec-gcp-backend-service + description: A description + port_name: http + protocol: HTTP + timeout_sec: 10 + enable_cdn: true \ No newline at end of file diff --git a/test/integration/verify/controls/google_compute_backend_service.rb b/test/integration/verify/controls/google_compute_backend_service.rb new file mode 100644 index 000000000..0845cf4c5 --- /dev/null +++ b/test/integration/verify/controls/google_compute_backend_service.rb @@ -0,0 +1,42 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_backend_service resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +backend_service = attribute('backend_service', default: { + "name": "inspec-gcp-backend-service", + "description": "A description", + "port_name": "http", + "protocol": "HTTP", + "timeout_sec": 10, + "enable_cdn": true +}, description: 'Backend service definition') +control 'google_compute_backend_service-1.0' do + impact 1.0 + title 'google_compute_backend_service resource test' + + describe google_compute_backend_service(project: gcp_project_id, name: backend_service['name']) do + it { should exist } + its('description') { should eq backend_service['description'] } + its('port_name') { should eq backend_service['port_name'] } + its('protocol') { should eq backend_service['protocol'] } + its('timeout_sec') { should eq backend_service['timeout_sec'] } + its('enable_cdn') { should eq backend_service['enable_cdn'] } + end + + describe google_compute_backend_service(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_backend_services.rb b/test/integration/verify/controls/google_compute_backend_services.rb new file mode 100644 index 000000000..9b4d11af9 --- /dev/null +++ b/test/integration/verify/controls/google_compute_backend_services.rb @@ -0,0 +1,37 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_backend_services resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +backend_service = attribute('backend_service', default: { + "name": "inspec-gcp-backend-service", + "description": "A description", + "port_name": "http", + "protocol": "HTTP", + "timeout_sec": 10, + "enable_cdn": true +}, description: 'Backend service definition') +control 'google_compute_backend_services-1.0' do + impact 1.0 + title 'google_compute_backend_services resource test' + + describe google_compute_backend_services(project: gcp_project_id) do + its('count') { should be >= 1 } + its('names') { should include backend_service['name'] } + its('port_names') { should include backend_service['port_name'] } + its('protocols') { should include backend_service['protocol'] } + its('timeout_secs') { should include backend_service['timeout_sec'] } + end +end From 9ecfaaaef1be04ee57a041d0a58178970eeb6398 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Fri, 25 Jan 2019 21:56:13 +0000 Subject: [PATCH 02/30] Add HTTP health check for InSpec Signed-off-by: Modular Magician --- .../google_compute_http_health_check.md | 47 ++++++++ .../google_compute_http_health_checks.md | 37 +++++++ libraries/google_compute_http_health_check.rb | 71 ++++++++++++ .../google_compute_http_health_checks.rb | 102 ++++++++++++++++++ test/integration/build/gcp-mm.tf | 13 +++ .../configuration/mm-attributes.yml | 8 +- .../google_compute_http_health_check.rb | 38 +++++++ .../google_compute_http_health_checks.rb | 33 ++++++ 8 files changed, 348 insertions(+), 1 deletion(-) create mode 100644 docs/resources/google_compute_http_health_check.md create mode 100644 docs/resources/google_compute_http_health_checks.md create mode 100644 libraries/google_compute_http_health_check.rb create mode 100644 libraries/google_compute_http_health_checks.rb create mode 100644 test/integration/verify/controls/google_compute_http_health_check.rb create mode 100644 test/integration/verify/controls/google_compute_http_health_checks.rb diff --git a/docs/resources/google_compute_http_health_check.md b/docs/resources/google_compute_http_health_check.md new file mode 100644 index 000000000..ffeaeb4e9 --- /dev/null +++ b/docs/resources/google_compute_http_health_check.md @@ -0,0 +1,47 @@ +--- +title: About the HttpHealthCheck resource +platform: gcp +--- + + +## Syntax +A `google_compute_http_health_check` is used to test a Google HttpHealthCheck resource + +## Examples +``` +describe google_compute_http_health_check(project: 'chef-gcp-inspec', name: 'inspec-gcp-http-health-check') do + it { should exist } + its('timeout_sec') { should eq '20' } + its('request_path') { should eq '/health_check' } + its('check_interval_sec') { should eq '20' } +end + +describe google_compute_http_health_check(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_http_health_check` resource: + + * `check_interval_sec`: How often (in seconds) to send a health check. The default value is 5 seconds. + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `description`: An optional description of this resource. Provide this property when you create the resource. + + * `healthy_threshold`: A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2. + + * `host`: The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. + + * `id`: The unique identifier for the resource. This identifier is defined by the server. + + * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `port`: The TCP port number for the HTTP health check request. The default value is 80. + + * `request_path`: The request path of the HTTP health check request. The default value is /. + + * `timeout_sec`: How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec. + + * `unhealthy_threshold`: A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2. diff --git a/docs/resources/google_compute_http_health_checks.md b/docs/resources/google_compute_http_health_checks.md new file mode 100644 index 000000000..68be3ca4c --- /dev/null +++ b/docs/resources/google_compute_http_health_checks.md @@ -0,0 +1,37 @@ +--- +title: About the HttpHealthCheck resource +platform: gcp +--- + + +## Syntax +A `google_compute_http_health_checks` is used to test a Google HttpHealthCheck resource + +## Examples +``` +describe google_compute_http_health_checks(project: 'chef-gcp-inspec') do + its('names') { should include 'inspec-gcp-http-health-check' } + its('timeout_secs') { should include '20' } + its('check_interval_secs') { should include '20' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_http_health_checks` resource: + +See [google_compute_http_health_check.md](google_compute_http_health_check.md) for more detailed information + * `check_interval_secs`: an array of `google_compute_http_health_check` check_interval_sec + * `creation_timestamps`: an array of `google_compute_http_health_check` creation_timestamp + * `descriptions`: an array of `google_compute_http_health_check` description + * `healthy_thresholds`: an array of `google_compute_http_health_check` healthy_threshold + * `hosts`: an array of `google_compute_http_health_check` host + * `ids`: an array of `google_compute_http_health_check` id + * `names`: an array of `google_compute_http_health_check` name + * `ports`: an array of `google_compute_http_health_check` port + * `request_paths`: an array of `google_compute_http_health_check` request_path + * `timeout_secs`: an array of `google_compute_http_health_check` timeout_sec + * `unhealthy_thresholds`: an array of `google_compute_http_health_check` unhealthy_threshold + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google_compute_http_health_check.rb b/libraries/google_compute_http_health_check.rb new file mode 100644 index 000000000..55136b30e --- /dev/null +++ b/libraries/google_compute_http_health_check.rb @@ -0,0 +1,71 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' + +# A provider to manage Google Compute Engine resources. +class HttpHealthCheck < GcpResourceBase + name 'google_compute_http_health_check' + desc 'HttpHealthCheck' + supports platform: 'gcp' + + attr_reader :check_interval_sec + attr_reader :creation_timestamp + attr_reader :description + attr_reader :healthy_threshold + attr_reader :host + attr_reader :id + attr_reader :name + attr_reader :port + attr_reader :request_path + attr_reader :timeout_sec + attr_reader :unhealthy_threshold + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/httpHealthChecks/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @check_interval_sec = @fetched['checkIntervalSec'] + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @description = @fetched['description'] + @healthy_threshold = @fetched['healthyThreshold'] + @host = @fetched['host'] + @id = @fetched['id'] + @name = @fetched['name'] + @port = @fetched['port'] + @request_path = @fetched['requestPath'] + @timeout_sec = @fetched['timeoutSec'] + @unhealthy_threshold = @fetched['unhealthyThreshold'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_http_health_checks.rb b/libraries/google_compute_http_health_checks.rb new file mode 100644 index 000000000..d313de253 --- /dev/null +++ b/libraries/google_compute_http_health_checks.rb @@ -0,0 +1,102 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class HttpHealthChecks < GcpResourceBase + name 'google_compute_http_health_checks' + desc 'HttpHealthCheck plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:check_interval_secs, field: :check_interval_sec) + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:healthy_thresholds, field: :healthy_threshold) + filter_table_config.add(:hosts, field: :host) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:ports, field: :port) + filter_table_config.add(:request_paths, field: :request_path) + filter_table_config.add(:timeout_secs, field: :timeout_sec) + filter_table_config.add(:unhealthy_thresholds, field: :unhealthy_threshold) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/httpHealthChecks' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'checkIntervalSec' => ->(obj) { return :check_interval_sec, obj['checkIntervalSec'] }, + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'healthyThreshold' => ->(obj) { return :healthy_threshold, obj['healthyThreshold'] }, + 'host' => ->(obj) { return :host, obj['host'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'port' => ->(obj) { return :port, obj['port'] }, + 'requestPath' => ->(obj) { return :request_path, obj['requestPath'] }, + 'timeoutSec' => ->(obj) { return :timeout_sec, obj['timeoutSec'] }, + 'unhealthyThreshold' => ->(obj) { return :unhealthy_threshold, obj['unhealthyThreshold'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index f9d9f9452..c41cda6ad 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -42,6 +42,10 @@ variable "backend_service" { type = "map" } +variable "http_health_check" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -160,4 +164,13 @@ resource "google_compute_backend_service" "gcp-inspec-backend-service" { } health_checks = ["${google_compute_health_check.gcp-inspec-health-check.self_link}"] +} + +resource "google_compute_http_health_check" "gcp-inspec-http-health-check" { + project = "${var.gcp_project_id}" + name = "${var.http_health_check["name"]}" + request_path = "${var.http_health_check["request_path"]}" + + timeout_sec = "${var.http_health_check["timeout_sec"]}" + check_interval_sec = "${var.http_health_check["check_interval_sec"]}" } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index a7755e4e0..38742e372 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -60,4 +60,10 @@ backend_service: port_name: http protocol: HTTP timeout_sec: 10 - enable_cdn: true \ No newline at end of file + enable_cdn: true + +http_health_check: + name: inspec-gcp-http-health-check + request_path: /health_check + timeout_sec: 20 + check_interval_sec: 20 \ No newline at end of file diff --git a/test/integration/verify/controls/google_compute_http_health_check.rb b/test/integration/verify/controls/google_compute_http_health_check.rb new file mode 100644 index 000000000..0539503b9 --- /dev/null +++ b/test/integration/verify/controls/google_compute_http_health_check.rb @@ -0,0 +1,38 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_http_health_check resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +http_health_check = attribute('http_health_check', default: { + "name": "inspec-gcp-http-health-check", + "request_path": "/health_check", + "timeout_sec": 20, + "check_interval_sec": 20 +}, description: 'HTTP health check definition') +control 'google_compute_http_health_check-1.0' do + impact 1.0 + title 'google_compute_http_health_check resource test' + + describe google_compute_http_health_check(project: gcp_project_id, name: http_health_check['name']) do + it { should exist } + its('timeout_sec') { should eq http_health_check['timeout_sec'] } + its('request_path') { should eq http_health_check['request_path'] } + its('check_interval_sec') { should eq http_health_check['check_interval_sec'] } + end + + describe google_compute_http_health_check(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_http_health_checks.rb b/test/integration/verify/controls/google_compute_http_health_checks.rb new file mode 100644 index 000000000..e8894c15d --- /dev/null +++ b/test/integration/verify/controls/google_compute_http_health_checks.rb @@ -0,0 +1,33 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_http_health_checks resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +http_health_check = attribute('http_health_check', default: { + "name": "inspec-gcp-http-health-check", + "request_path": "/health_check", + "timeout_sec": 20, + "check_interval_sec": 20 +}, description: 'HTTP health check definition') +control 'google_compute_http_health_checks-1.0' do + impact 1.0 + title 'google_compute_http_health_checks resource test' + + describe google_compute_http_health_checks(project: gcp_project_id) do + its('names') { should include http_health_check['name'] } + its('timeout_secs') { should include http_health_check['timeout_sec'] } + its('check_interval_secs') { should include http_health_check['check_interval_sec'] } + end +end From 98a2d36fe22b078477985d364c48ac73f76cd7bd Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Fri, 25 Jan 2019 22:30:18 +0000 Subject: [PATCH 03/30] Add HTTPS health check to InSpec Signed-off-by: Modular Magician --- .../google_compute_https_health_check.md | 48 +++++++++ .../google_compute_https_health_checks.md | 37 +++++++ .../google_compute_https_health_check.rb | 71 ++++++++++++ .../google_compute_https_health_checks.rb | 102 ++++++++++++++++++ test/integration/build/gcp-mm.tf | 14 +++ .../configuration/mm-attributes.yml | 9 +- .../google_compute_https_health_check.rb | 40 +++++++ .../google_compute_https_health_checks.rb | 34 ++++++ 8 files changed, 354 insertions(+), 1 deletion(-) create mode 100644 docs/resources/google_compute_https_health_check.md create mode 100644 docs/resources/google_compute_https_health_checks.md create mode 100644 libraries/google_compute_https_health_check.rb create mode 100644 libraries/google_compute_https_health_checks.rb create mode 100644 test/integration/verify/controls/google_compute_https_health_check.rb create mode 100644 test/integration/verify/controls/google_compute_https_health_checks.rb diff --git a/docs/resources/google_compute_https_health_check.md b/docs/resources/google_compute_https_health_check.md new file mode 100644 index 000000000..300688155 --- /dev/null +++ b/docs/resources/google_compute_https_health_check.md @@ -0,0 +1,48 @@ +--- +title: About the HttpsHealthCheck resource +platform: gcp +--- + + +## Syntax +A `google_compute_https_health_check` is used to test a Google HttpsHealthCheck resource + +## Examples +``` +describe google_compute_https_health_check(project: 'chef-gcp-inspec', name: 'inspec-gcp-https-health-check') do + it { should exist } + its('timeout_sec') { should eq '15' } + its('request_path') { should eq '/https_health_check' } + its('check_interval_sec') { should eq '15' } + its('unhealthy_threshold') { should eq '3' } +end + +describe google_compute_https_health_check(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_https_health_check` resource: + + * `check_interval_sec`: How often (in seconds) to send a health check. The default value is 5 seconds. + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `description`: An optional description of this resource. Provide this property when you create the resource. + + * `healthy_threshold`: A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2. + + * `host`: The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used. + + * `id`: The unique identifier for the resource. This identifier is defined by the server. + + * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `port`: The TCP port number for the HTTPS health check request. The default value is 80. + + * `request_path`: The request path of the HTTPS health check request. The default value is /. + + * `timeout_sec`: How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec. + + * `unhealthy_threshold`: A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2. diff --git a/docs/resources/google_compute_https_health_checks.md b/docs/resources/google_compute_https_health_checks.md new file mode 100644 index 000000000..9ef01d5f8 --- /dev/null +++ b/docs/resources/google_compute_https_health_checks.md @@ -0,0 +1,37 @@ +--- +title: About the HttpsHealthCheck resource +platform: gcp +--- + + +## Syntax +A `google_compute_https_health_checks` is used to test a Google HttpsHealthCheck resource + +## Examples +``` +describe google_compute_https_health_checks(project: 'chef-gcp-inspec') do + its('names') { should include 'inspec-gcp-https-health-check' } + its('timeout_secs') { should include '15' } + its('check_interval_secs') { should include '15' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_https_health_checks` resource: + +See [google_compute_https_health_check.md](google_compute_https_health_check.md) for more detailed information + * `check_interval_secs`: an array of `google_compute_https_health_check` check_interval_sec + * `creation_timestamps`: an array of `google_compute_https_health_check` creation_timestamp + * `descriptions`: an array of `google_compute_https_health_check` description + * `healthy_thresholds`: an array of `google_compute_https_health_check` healthy_threshold + * `hosts`: an array of `google_compute_https_health_check` host + * `ids`: an array of `google_compute_https_health_check` id + * `names`: an array of `google_compute_https_health_check` name + * `ports`: an array of `google_compute_https_health_check` port + * `request_paths`: an array of `google_compute_https_health_check` request_path + * `timeout_secs`: an array of `google_compute_https_health_check` timeout_sec + * `unhealthy_thresholds`: an array of `google_compute_https_health_check` unhealthy_threshold + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google_compute_https_health_check.rb b/libraries/google_compute_https_health_check.rb new file mode 100644 index 000000000..104278916 --- /dev/null +++ b/libraries/google_compute_https_health_check.rb @@ -0,0 +1,71 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' + +# A provider to manage Google Compute Engine resources. +class HttpsHealthCheck < GcpResourceBase + name 'google_compute_https_health_check' + desc 'HttpsHealthCheck' + supports platform: 'gcp' + + attr_reader :check_interval_sec + attr_reader :creation_timestamp + attr_reader :description + attr_reader :healthy_threshold + attr_reader :host + attr_reader :id + attr_reader :name + attr_reader :port + attr_reader :request_path + attr_reader :timeout_sec + attr_reader :unhealthy_threshold + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/httpsHealthChecks/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @check_interval_sec = @fetched['checkIntervalSec'] + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @description = @fetched['description'] + @healthy_threshold = @fetched['healthyThreshold'] + @host = @fetched['host'] + @id = @fetched['id'] + @name = @fetched['name'] + @port = @fetched['port'] + @request_path = @fetched['requestPath'] + @timeout_sec = @fetched['timeoutSec'] + @unhealthy_threshold = @fetched['unhealthyThreshold'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_https_health_checks.rb b/libraries/google_compute_https_health_checks.rb new file mode 100644 index 000000000..dc4fa7907 --- /dev/null +++ b/libraries/google_compute_https_health_checks.rb @@ -0,0 +1,102 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class HttpsHealthChecks < GcpResourceBase + name 'google_compute_https_health_checks' + desc 'HttpsHealthCheck plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:check_interval_secs, field: :check_interval_sec) + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:healthy_thresholds, field: :healthy_threshold) + filter_table_config.add(:hosts, field: :host) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:ports, field: :port) + filter_table_config.add(:request_paths, field: :request_path) + filter_table_config.add(:timeout_secs, field: :timeout_sec) + filter_table_config.add(:unhealthy_thresholds, field: :unhealthy_threshold) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/httpsHealthChecks' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'checkIntervalSec' => ->(obj) { return :check_interval_sec, obj['checkIntervalSec'] }, + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'healthyThreshold' => ->(obj) { return :healthy_threshold, obj['healthyThreshold'] }, + 'host' => ->(obj) { return :host, obj['host'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'port' => ->(obj) { return :port, obj['port'] }, + 'requestPath' => ->(obj) { return :request_path, obj['requestPath'] }, + 'timeoutSec' => ->(obj) { return :timeout_sec, obj['timeoutSec'] }, + 'unhealthyThreshold' => ->(obj) { return :unhealthy_threshold, obj['unhealthyThreshold'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index c41cda6ad..9901bcb9e 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -46,6 +46,10 @@ variable "http_health_check" { type = "map" } +variable "https_health_check" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -173,4 +177,14 @@ resource "google_compute_http_health_check" "gcp-inspec-http-health-check" { timeout_sec = "${var.http_health_check["timeout_sec"]}" check_interval_sec = "${var.http_health_check["check_interval_sec"]}" +} + +resource "google_compute_https_health_check" "gcp-inspec-https-health-check" { + project = "${var.gcp_project_id}" + name = "${var.https_health_check["name"]}" + request_path = "${var.https_health_check["request_path"]}" + + timeout_sec = "${var.https_health_check["timeout_sec"]}" + check_interval_sec = "${var.https_health_check["check_interval_sec"]}" + unhealthy_threshold = "${var.https_health_check["unhealthy_threshold"]}" } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index 38742e372..c81af3529 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -66,4 +66,11 @@ http_health_check: name: inspec-gcp-http-health-check request_path: /health_check timeout_sec: 20 - check_interval_sec: 20 \ No newline at end of file + check_interval_sec: 20 + +https_health_check: + name: inspec-gcp-https-health-check + request_path: /https_health_check + timeout_sec: 15 + check_interval_sec: 15 + unhealthy_threshold: 3 diff --git a/test/integration/verify/controls/google_compute_https_health_check.rb b/test/integration/verify/controls/google_compute_https_health_check.rb new file mode 100644 index 000000000..395f0583f --- /dev/null +++ b/test/integration/verify/controls/google_compute_https_health_check.rb @@ -0,0 +1,40 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_https_health_check resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +https_health_check = attribute('https_health_check', default: { + "name": "inspec-gcp-https-health-check", + "request_path": "/https_health_check", + "timeout_sec": 15, + "check_interval_sec": 15, + "unhealthy_threshold": 3 +}, description: 'HTTPS health check definition') +control 'google_compute_https_health_check-1.0' do + impact 1.0 + title 'google_compute_https_health_check resource test' + + describe google_compute_https_health_check(project: gcp_project_id, name: https_health_check['name']) do + it { should exist } + its('timeout_sec') { should eq https_health_check['timeout_sec'] } + its('request_path') { should eq https_health_check['request_path'] } + its('check_interval_sec') { should eq https_health_check['check_interval_sec'] } + its('unhealthy_threshold') { should eq https_health_check['unhealthy_threshold'] } + end + + describe google_compute_https_health_check(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_https_health_checks.rb b/test/integration/verify/controls/google_compute_https_health_checks.rb new file mode 100644 index 000000000..2e191ce50 --- /dev/null +++ b/test/integration/verify/controls/google_compute_https_health_checks.rb @@ -0,0 +1,34 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_https_health_checks resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +https_health_check = attribute('https_health_check', default: { + "name": "inspec-gcp-https-health-check", + "request_path": "/https_health_check", + "timeout_sec": 15, + "check_interval_sec": 15, + "unhealthy_threshold": 3 +}, description: 'HTTPS health check definition') +control 'google_compute_https_health_checks-1.0' do + impact 1.0 + title 'google_compute_https_health_checks resource test' + + describe google_compute_https_health_checks(project: gcp_project_id) do + its('names') { should include https_health_check['name'] } + its('timeout_secs') { should include https_health_check['timeout_sec'] } + its('check_interval_secs') { should include https_health_check['check_interval_sec'] } + end +end From e4f5d3e2aaa0f83d12ff87fae28a0729a81fe900 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Sat, 26 Jan 2019 01:14:42 +0000 Subject: [PATCH 04/30] Add compute instance template for InSpec Signed-off-by: Modular Magician --- .../google_compute_instance_template.md | 63 +++++++++++++ .../google_compute_instance_templates.md | 29 ++++++ .../instancetemplate_access_configs.rb | 43 +++++++++ .../instancetemplate_alias_ip_ranges.rb | 40 +++++++++ .../instancetemplate_disk_encryption_key.rb | 35 ++++++++ .../property/instancetemplate_disks.rb | 67 ++++++++++++++ .../instancetemplate_guest_accelerators.rb | 40 +++++++++ .../instancetemplate_initialize_params.rb | 42 +++++++++ .../instancetemplate_network_interfaces.rb | 54 +++++++++++ .../property/instancetemplate_properties.rb | 65 ++++++++++++++ .../property/instancetemplate_scheduling.rb | 35 ++++++++ .../instancetemplate_service_accounts.rb | 40 +++++++++ ...ncetemplate_source_image_encryption_key.rb | 32 +++++++ .../compute/property/instancetemplate_tags.rb | 32 +++++++ libraries/google_compute_instance_template.rb | 66 ++++++++++++++ .../google_compute_instance_templates.rb | 90 +++++++++++++++++++ test/integration/build/gcp-mm.tf | 36 ++++++++ .../configuration/mm-attributes.yml | 15 ++++ .../google_compute_instance_template.rb | 53 +++++++++++ .../google_compute_instance_templates.rb | 40 +++++++++ 20 files changed, 917 insertions(+) create mode 100644 docs/resources/google_compute_instance_template.md create mode 100644 docs/resources/google_compute_instance_templates.md create mode 100644 libraries/google/compute/property/instancetemplate_access_configs.rb create mode 100644 libraries/google/compute/property/instancetemplate_alias_ip_ranges.rb create mode 100644 libraries/google/compute/property/instancetemplate_disk_encryption_key.rb create mode 100644 libraries/google/compute/property/instancetemplate_disks.rb create mode 100644 libraries/google/compute/property/instancetemplate_guest_accelerators.rb create mode 100644 libraries/google/compute/property/instancetemplate_initialize_params.rb create mode 100644 libraries/google/compute/property/instancetemplate_network_interfaces.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties.rb create mode 100644 libraries/google/compute/property/instancetemplate_scheduling.rb create mode 100644 libraries/google/compute/property/instancetemplate_service_accounts.rb create mode 100644 libraries/google/compute/property/instancetemplate_source_image_encryption_key.rb create mode 100644 libraries/google/compute/property/instancetemplate_tags.rb create mode 100644 libraries/google_compute_instance_template.rb create mode 100644 libraries/google_compute_instance_templates.rb create mode 100644 test/integration/verify/controls/google_compute_instance_template.rb create mode 100644 test/integration/verify/controls/google_compute_instance_templates.rb diff --git a/docs/resources/google_compute_instance_template.md b/docs/resources/google_compute_instance_template.md new file mode 100644 index 000000000..be2c516ec --- /dev/null +++ b/docs/resources/google_compute_instance_template.md @@ -0,0 +1,63 @@ +--- +title: About the InstanceTemplate resource +platform: gcp +--- + + +## Syntax +A `google_compute_instance_template` is used to test a Google InstanceTemplate resource + +## Examples +``` +describe google_compute_instance_template(project: 'chef-gcp-inspec', name: 'inspec-gcp-instance-template') do + it { should exist } + its('description') { should eq 'A description of the instance template' } + its('properties.description') { should eq 'A description of the instance itself' } + its('properties.machine_type') { should eq 'n1-standard-1' } + its('properties.tags.items') { should include 'foo' } + its('properties.disks.count') { should eq 1 } + its('properties.disks.first.auto_delete') { should eq 'true' } + its('properties.disks.first.boot') { should eq 'true' } + its('properties.network_interfaces.count') { should eq 1 } + its('properties.service_accounts.count') { should eq 1 } +end + +describe google_compute_instance_template(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_instance_template` resource: + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `description`: An optional description of this resource. Provide this property when you create the resource. + + * `id`: The unique identifier for the resource. This identifier is defined by the server. + + * `name`: Name of the resource. The name is 1-63 characters long and complies with RFC1035. + + * `properties`: The instance properties for this instance template. + + * `canIpForward`: Enables instances created based on this template to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. + + * `description`: An optional text description for the instances that are created from this instance template. + + * `disks`: An array of disks that are associated with the instances that are created from this template. + + * `machineType`: The machine type to use in the VM instance template. + + * `minCpuPlatform`: Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms + + * `metadata`: The metadata key/value pairs to assign to instances that are created from this template. These pairs can consist of custom metadata or predefined keys. + + * `guestAccelerators`: List of the type and count of accelerator cards attached to the instance + + * `networkInterfaces`: An array of configurations for this interface. This specifies how this interface is configured to interact with other network services, such as connecting to the internet. Only one network interface is supported per instance. + + * `scheduling`: Sets the scheduling options for this instance. + + * `serviceAccounts`: A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. + + * `tags`: A list of tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. diff --git a/docs/resources/google_compute_instance_templates.md b/docs/resources/google_compute_instance_templates.md new file mode 100644 index 000000000..abc173421 --- /dev/null +++ b/docs/resources/google_compute_instance_templates.md @@ -0,0 +1,29 @@ +--- +title: About the InstanceTemplate resource +platform: gcp +--- + + +## Syntax +A `google_compute_instance_templates` is used to test a Google InstanceTemplate resource + +## Examples +``` +describe google_compute_instance_templates(project: 'chef-gcp-inspec') do + its('names') { should include 'inspec-gcp-instance-template' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_instance_templates` resource: + +See [google_compute_instance_template.md](google_compute_instance_template.md) for more detailed information + * `creation_timestamps`: an array of `google_compute_instance_template` creation_timestamp + * `descriptions`: an array of `google_compute_instance_template` description + * `ids`: an array of `google_compute_instance_template` id + * `names`: an array of `google_compute_instance_template` name + * `properties`: an array of `google_compute_instance_template` properties + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google/compute/property/instancetemplate_access_configs.rb b/libraries/google/compute/property/instancetemplate_access_configs.rb new file mode 100644 index 000000000..f5a0a904c --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_access_configs.rb @@ -0,0 +1,43 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateAccessconfigs + attr_reader :name + + attr_reader :nat_ip + + attr_reader :type + + def initialize(args = nil) + return if args.nil? + @name = args['name'] + @nat_ip = args['natIP'] + @type = args['type'] + end + end + + class InstanceTemplateAccessconfigsArray + def self.parse(value) + return if value.nil? + return InstanceTemplateAccessconfigs.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplateAccessconfigs.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_alias_ip_ranges.rb b/libraries/google/compute/property/instancetemplate_alias_ip_ranges.rb new file mode 100644 index 000000000..3f4f0d3c9 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_alias_ip_ranges.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateAliasipranges + attr_reader :ip_cidr_range + + attr_reader :subnetwork_range_name + + def initialize(args = nil) + return if args.nil? + @ip_cidr_range = args['ipCidrRange'] + @subnetwork_range_name = args['subnetworkRangeName'] + end + end + + class InstanceTemplateAliasiprangesArray + def self.parse(value) + return if value.nil? + return InstanceTemplateAliasipranges.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplateAliasipranges.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_disk_encryption_key.rb b/libraries/google/compute/property/instancetemplate_disk_encryption_key.rb new file mode 100644 index 000000000..f48e897f2 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_disk_encryption_key.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateDiskencryptionkey + attr_reader :raw_key + + attr_reader :rsa_encrypted_key + + attr_reader :sha256 + + def initialize(args = nil) + return if args.nil? + @raw_key = args['rawKey'] + @rsa_encrypted_key = args['rsaEncryptedKey'] + @sha256 = args['sha256'] + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_disks.rb b/libraries/google/compute/property/instancetemplate_disks.rb new file mode 100644 index 000000000..8b35a6224 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_disks.rb @@ -0,0 +1,67 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/instancetemplate_disk_encryption_key' +require 'google/compute/property/instancetemplate_initialize_params' +require 'google/compute/property/instancetemplate_source_image_encryption_key' +module GoogleInSpec + module Compute + module Property + class InstanceTemplateDisks + attr_reader :auto_delete + + attr_reader :boot + + attr_reader :device_name + + attr_reader :disk_encryption_key + + attr_reader :index + + attr_reader :initialize_params + + attr_reader :interface + + attr_reader :mode + + attr_reader :source + + attr_reader :type + + def initialize(args = nil) + return if args.nil? + @auto_delete = args['autoDelete'] + @boot = args['boot'] + @device_name = args['deviceName'] + @disk_encryption_key = GoogleInSpec::Compute::Property::InstanceTemplateDiskencryptionkey.new(args['diskEncryptionKey']) + @index = args['index'] + @initialize_params = GoogleInSpec::Compute::Property::InstanceTemplateInitializeparams.new(args['initializeParams']) + @interface = args['interface'] + @mode = args['mode'] + @source = args['source'] + @type = args['type'] + end + end + + class InstanceTemplateDisksArray + def self.parse(value) + return if value.nil? + return InstanceTemplateDisks.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplateDisks.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_guest_accelerators.rb b/libraries/google/compute/property/instancetemplate_guest_accelerators.rb new file mode 100644 index 000000000..5182be9dc --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_guest_accelerators.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateGuestaccelerators + attr_reader :accelerator_count + + attr_reader :accelerator_type + + def initialize(args = nil) + return if args.nil? + @accelerator_count = args['acceleratorCount'] + @accelerator_type = args['acceleratorType'] + end + end + + class InstanceTemplateGuestacceleratorsArray + def self.parse(value) + return if value.nil? + return InstanceTemplateGuestaccelerators.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplateGuestaccelerators.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_initialize_params.rb b/libraries/google/compute/property/instancetemplate_initialize_params.rb new file mode 100644 index 000000000..f7d77bc37 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_initialize_params.rb @@ -0,0 +1,42 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/instancetemplate_source_image_encryption_key' +module GoogleInSpec + module Compute + module Property + class InstanceTemplateInitializeparams + attr_reader :disk_name + + attr_reader :disk_size_gb + + attr_reader :disk_type + + attr_reader :source_image + + attr_reader :source_image_encryption_key + + def initialize(args = nil) + return if args.nil? + @disk_name = args['diskName'] + @disk_size_gb = args['diskSizeGb'] + @disk_type = args['diskType'] + @source_image = args['sourceImage'] + @source_image_encryption_key = GoogleInSpec::Compute::Property::InstanceTemplateSourceimageencryptionkey.new(args['sourceImageEncryptionKey']) + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_network_interfaces.rb b/libraries/google/compute/property/instancetemplate_network_interfaces.rb new file mode 100644 index 000000000..69140847f --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_network_interfaces.rb @@ -0,0 +1,54 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/instancetemplate_access_configs' +require 'google/compute/property/instancetemplate_alias_ip_ranges' +module GoogleInSpec + module Compute + module Property + class InstanceTemplateNetworkinterfaces + attr_reader :access_configs + + attr_reader :alias_ip_ranges + + attr_reader :name + + attr_reader :network + + attr_reader :network_ip + + attr_reader :subnetwork + + def initialize(args = nil) + return if args.nil? + @access_configs = GoogleInSpec::Compute::Property::InstanceTemplateAccessconfigsArray.parse(args['accessConfigs']) + @alias_ip_ranges = GoogleInSpec::Compute::Property::InstanceTemplateAliasiprangesArray.parse(args['aliasIpRanges']) + @name = args['name'] + @network = args['network'] + @network_ip = args['networkIP'] + @subnetwork = args['subnetwork'] + end + end + + class InstanceTemplateNetworkinterfacesArray + def self.parse(value) + return if value.nil? + return InstanceTemplateNetworkinterfaces.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplateNetworkinterfaces.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_properties.rb b/libraries/google/compute/property/instancetemplate_properties.rb new file mode 100644 index 000000000..c3b637ff1 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties.rb @@ -0,0 +1,65 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/instancetemplate_disks' +require 'google/compute/property/instancetemplate_guest_accelerators' +require 'google/compute/property/instancetemplate_network_interfaces' +require 'google/compute/property/instancetemplate_scheduling' +require 'google/compute/property/instancetemplate_service_accounts' +require 'google/compute/property/instancetemplate_tags' +module GoogleInSpec + module Compute + module Property + class InstanceTemplateProperties + attr_reader :can_ip_forward + + attr_reader :description + + attr_reader :disks + + attr_reader :machine_type + + attr_reader :min_cpu_platform + + attr_reader :metadata + + attr_reader :guest_accelerators + + attr_reader :network_interfaces + + attr_reader :scheduling + + attr_reader :service_accounts + + attr_reader :tags + + def initialize(args = nil) + return if args.nil? + @can_ip_forward = args['canIpForward'] + @description = args['description'] + @disks = GoogleInSpec::Compute::Property::InstanceTemplateDisksArray.parse(args['disks']) + @machine_type = args['machineType'] + @min_cpu_platform = args['minCpuPlatform'] + @metadata = args['metadata'] + @guest_accelerators = GoogleInSpec::Compute::Property::InstanceTemplateGuestacceleratorsArray.parse(args['guestAccelerators']) + @network_interfaces = GoogleInSpec::Compute::Property::InstanceTemplateNetworkinterfacesArray.parse(args['networkInterfaces']) + @scheduling = GoogleInSpec::Compute::Property::InstanceTemplateScheduling.new(args['scheduling']) + @service_accounts = GoogleInSpec::Compute::Property::InstanceTemplateServiceaccountsArray.parse(args['serviceAccounts']) + @tags = GoogleInSpec::Compute::Property::InstanceTemplateTags.new(args['tags']) + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_scheduling.rb b/libraries/google/compute/property/instancetemplate_scheduling.rb new file mode 100644 index 000000000..33a95de09 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_scheduling.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateScheduling + attr_reader :automatic_restart + + attr_reader :on_host_maintenance + + attr_reader :preemptible + + def initialize(args = nil) + return if args.nil? + @automatic_restart = args['automaticRestart'] + @on_host_maintenance = args['onHostMaintenance'] + @preemptible = args['preemptible'] + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_service_accounts.rb b/libraries/google/compute/property/instancetemplate_service_accounts.rb new file mode 100644 index 000000000..f48d2da81 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_service_accounts.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateServiceaccounts + attr_reader :email + + attr_reader :scopes + + def initialize(args = nil) + return if args.nil? + @email = args['email'] + @scopes = args['scopes'] + end + end + + class InstanceTemplateServiceaccountsArray + def self.parse(value) + return if value.nil? + return InstanceTemplateServiceaccounts.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplateServiceaccounts.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_source_image_encryption_key.rb b/libraries/google/compute/property/instancetemplate_source_image_encryption_key.rb new file mode 100644 index 000000000..3e0543c7c --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_source_image_encryption_key.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateSourceimageencryptionkey + attr_reader :raw_key + + attr_reader :sha256 + + def initialize(args = nil) + return if args.nil? + @raw_key = args['rawKey'] + @sha256 = args['sha256'] + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_tags.rb b/libraries/google/compute/property/instancetemplate_tags.rb new file mode 100644 index 000000000..65d7b1a1e --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_tags.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateTags + attr_reader :fingerprint + + attr_reader :items + + def initialize(args = nil) + return if args.nil? + @fingerprint = args['fingerprint'] + @items = args['items'] + end + end + end + end +end diff --git a/libraries/google_compute_instance_template.rb b/libraries/google_compute_instance_template.rb new file mode 100644 index 000000000..3f68e55b2 --- /dev/null +++ b/libraries/google_compute_instance_template.rb @@ -0,0 +1,66 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +require 'google/compute/property/instancetemplate_disks' +require 'google/compute/property/instancetemplate_guest_accelerators' +require 'google/compute/property/instancetemplate_network_interfaces' +require 'google/compute/property/instancetemplate_properties' +require 'google/compute/property/instancetemplate_scheduling' +require 'google/compute/property/instancetemplate_service_accounts' +require 'google/compute/property/instancetemplate_tags' + +# A provider to manage Google Compute Engine resources. +class InstanceTemplate < GcpResourceBase + name 'google_compute_instance_template' + desc 'InstanceTemplate' + supports platform: 'gcp' + + attr_reader :creation_timestamp + attr_reader :description + attr_reader :id + attr_reader :name + attr_reader :properties + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/instanceTemplates/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @description = @fetched['description'] + @id = @fetched['id'] + @name = @fetched['name'] + @properties = GoogleInSpec::Compute::Property::InstanceTemplateProperties.new(@fetched['properties']) + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_instance_templates.rb b/libraries/google_compute_instance_templates.rb new file mode 100644 index 000000000..bd5248bc6 --- /dev/null +++ b/libraries/google_compute_instance_templates.rb @@ -0,0 +1,90 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class InstanceTemplates < GcpResourceBase + name 'google_compute_instance_templates' + desc 'InstanceTemplate plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:properties, field: :properties) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/instanceTemplates' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'properties' => ->(obj) { return :properties, GoogleInSpec::Compute::Property::InstanceTemplateProperties.new(obj['properties']) }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index 9901bcb9e..b5f7f6fa4 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -50,6 +50,10 @@ variable "https_health_check" { type = "map" } +variable "instance_template" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -187,4 +191,36 @@ resource "google_compute_https_health_check" "gcp-inspec-https-health-check" { timeout_sec = "${var.https_health_check["timeout_sec"]}" check_interval_sec = "${var.https_health_check["check_interval_sec"]}" unhealthy_threshold = "${var.https_health_check["unhealthy_threshold"]}" +} + +resource "google_compute_instance_template" "gcp-inspec-instance-template" { + project = "${var.gcp_project_id}" + name = "${var.instance_template["name"]}" + description = "${var.instance_template["description"]}" + + tags = ["${var.instance_template["tag"]}"] + + instance_description = "${var.instance_template["instance_description"]}" + machine_type = "${var.instance_template["machine_type"]}" + can_ip_forward = "${var.instance_template["can_ip_forward"]}" + + scheduling { + automatic_restart = "${var.instance_template["scheduling_automatic_restart"]}" + on_host_maintenance = "${var.instance_template["scheduling_on_host_maintenance"]}" + } + + // Create a new boot disk from an image + disk { + source_image = "${var.instance_template["disk_source_image"]}" + auto_delete = "${var.instance_template["disk_auto_delete"]}" + boot = "${var.instance_template["disk_boot"]}" + } + + network_interface { + network = "${var.instance_template["network_interface_network"]}" + } + + service_account { + scopes = ["${var.instance_template["service_account_scope"]}"] + } } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index c81af3529..e4e34dc6d 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -74,3 +74,18 @@ https_health_check: timeout_sec: 15 check_interval_sec: 15 unhealthy_threshold: 3 + +instance_template: + name: inspec-gcp-instance-template + description: A description of the instance template + instance_description: A description of the instance itself + machine_type: n1-standard-1 + tag: foo + can_ip_forward: false + scheduling_automatic_restart: true + scheduling_on_host_maintenance: MIGRATE + disk_source_image: debian-cloud/debian-9 + disk_auto_delete: true + disk_boot: true + network_interface_network: default + service_account_scope: storage-ro \ No newline at end of file diff --git a/test/integration/verify/controls/google_compute_instance_template.rb b/test/integration/verify/controls/google_compute_instance_template.rb new file mode 100644 index 000000000..5c159d01e --- /dev/null +++ b/test/integration/verify/controls/google_compute_instance_template.rb @@ -0,0 +1,53 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_instance_template resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +instance_template = attribute('instance_template', default: { + "name": "inspec-gcp-instance-template", + "description": "A description of the instance template", + "instance_description": "A description of the instance itself", + "machine_type": "n1-standard-1", + "tag": "foo", + "can_ip_forward": false, + "scheduling_automatic_restart": true, + "scheduling_on_host_maintenance": "MIGRATE", + "disk_source_image": "debian-cloud/debian-9", + "disk_auto_delete": true, + "disk_boot": true, + "network_interface_network": "default", + "service_account_scope": "storage-ro" +}, description: 'An instance template definition') +control 'google_compute_instance_template-1.0' do + impact 1.0 + title 'google_compute_instance_template resource test' + + describe google_compute_instance_template(project: gcp_project_id, name: instance_template['name']) do + it { should exist } + its('description') { should eq instance_template['description'] } + its('properties.description') { should eq instance_template['instance_description'] } + its('properties.machine_type') { should eq instance_template['machine_type'] } + its('properties.tags.items') { should include instance_template['tag'] } + its('properties.disks.count') { should eq 1 } + its('properties.disks.first.auto_delete') { should eq instance_template['disk_auto_delete'] } + its('properties.disks.first.boot') { should eq instance_template['disk_boot'] } + its('properties.network_interfaces.count') { should eq 1 } + its('properties.service_accounts.count') { should eq 1 } + end + + describe google_compute_instance_template(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_instance_templates.rb b/test/integration/verify/controls/google_compute_instance_templates.rb new file mode 100644 index 000000000..8708cb0b3 --- /dev/null +++ b/test/integration/verify/controls/google_compute_instance_templates.rb @@ -0,0 +1,40 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_instance_templates resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +instance_template = attribute('instance_template', default: { + "name": "inspec-gcp-instance-template", + "description": "A description of the instance template", + "instance_description": "A description of the instance itself", + "machine_type": "n1-standard-1", + "tag": "foo", + "can_ip_forward": false, + "scheduling_automatic_restart": true, + "scheduling_on_host_maintenance": "MIGRATE", + "disk_source_image": "debian-cloud/debian-9", + "disk_auto_delete": true, + "disk_boot": true, + "network_interface_network": "default", + "service_account_scope": "storage-ro" +}, description: 'An instance template definition') +control 'google_compute_instance_templates-1.0' do + impact 1.0 + title 'google_compute_instance_templates resource test' + + describe google_compute_instance_templates(project: gcp_project_id) do + its('names') { should include instance_template['name'] } + end +end From 0a10a32f0d6d093f12ec5e165ff7413e9a5227fc Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Mon, 28 Jan 2019 21:06:13 +0000 Subject: [PATCH 05/30] Add compute global address to InSpec Signed-off-by: Modular Magician --- .../google_compute_global_address.md | 39 ++++++++ .../google_compute_global_addresses.md | 34 +++++++ libraries/google_compute_global_address.rb | 65 +++++++++++++ libraries/google_compute_global_addresses.rb | 96 +++++++++++++++++++ test/integration/build/gcp-mm.tf | 10 ++ .../configuration/mm-attributes.yml | 6 +- .../controls/google_compute_global_address.rb | 34 +++++++ .../google_compute_global_addresses.rb | 31 ++++++ 8 files changed, 314 insertions(+), 1 deletion(-) create mode 100644 docs/resources/google_compute_global_address.md create mode 100644 docs/resources/google_compute_global_addresses.md create mode 100644 libraries/google_compute_global_address.rb create mode 100644 libraries/google_compute_global_addresses.rb create mode 100644 test/integration/verify/controls/google_compute_global_address.rb create mode 100644 test/integration/verify/controls/google_compute_global_addresses.rb diff --git a/docs/resources/google_compute_global_address.md b/docs/resources/google_compute_global_address.md new file mode 100644 index 000000000..85c913ad6 --- /dev/null +++ b/docs/resources/google_compute_global_address.md @@ -0,0 +1,39 @@ +--- +title: About the GlobalAddress resource +platform: gcp +--- + + +## Syntax +A `google_compute_global_address` is used to test a Google GlobalAddress resource + +## Examples +``` +describe google_compute_global_address(project: 'chef-gcp-inspec', name: 'inspec-gcp-global-address') do + it { should exist } + its('ip_version') { should eq 'IPV6' } +end + +describe google_compute_global_address(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_global_address` resource: + + * `address`: The static external IP address represented by this resource. + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `description`: An optional description of this resource. Provide this property when you create the resource. + + * `id`: The unique identifier for the resource. This identifier is defined by the server. + + * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `ip_version`: The IP Version that will be used by this address. Valid options are IPV4 or IPV6. The default value is IPV4. + + * `region`: A reference to the region where the regional address resides. + + * `address_type`: The type of the address to reserve, default is EXTERNAL. * EXTERNAL indicates public/external single IP address. * INTERNAL indicates internal IP ranges belonging to some network. diff --git a/docs/resources/google_compute_global_addresses.md b/docs/resources/google_compute_global_addresses.md new file mode 100644 index 000000000..c4d45ac12 --- /dev/null +++ b/docs/resources/google_compute_global_addresses.md @@ -0,0 +1,34 @@ +--- +title: About the GlobalAddress resource +platform: gcp +--- + + +## Syntax +A `google_compute_global_addresses` is used to test a Google GlobalAddress resource + +## Examples +``` +describe google_compute_global_addresses(project: 'chef-gcp-inspec', name: 'inspec-gcp-global-address') do + its('count') { should be >= 1 } + its('names') { should include 'inspec-gcp-global-address' } + its('ip_versions') { should include 'IPV6' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_global_addresses` resource: + +See [google_compute_global_address.md](google_compute_global_address.md) for more detailed information + * `addresses`: an array of `google_compute_global_address` address + * `creation_timestamps`: an array of `google_compute_global_address` creation_timestamp + * `descriptions`: an array of `google_compute_global_address` description + * `ids`: an array of `google_compute_global_address` id + * `names`: an array of `google_compute_global_address` name + * `ip_versions`: an array of `google_compute_global_address` ip_version + * `regions`: an array of `google_compute_global_address` region + * `address_types`: an array of `google_compute_global_address` address_type + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google_compute_global_address.rb b/libraries/google_compute_global_address.rb new file mode 100644 index 000000000..43da4d631 --- /dev/null +++ b/libraries/google_compute_global_address.rb @@ -0,0 +1,65 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' + +# A provider to manage Google Compute Engine resources. +class GlobalAddress < GcpResourceBase + name 'google_compute_global_address' + desc 'GlobalAddress' + supports platform: 'gcp' + + attr_reader :address + attr_reader :creation_timestamp + attr_reader :description + attr_reader :id + attr_reader :name + attr_reader :ip_version + attr_reader :region + attr_reader :address_type + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/addresses/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @address = @fetched['address'] + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @description = @fetched['description'] + @id = @fetched['id'] + @name = @fetched['name'] + @ip_version = @fetched['ipVersion'] + @region = @fetched['region'] + @address_type = @fetched['addressType'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_global_addresses.rb b/libraries/google_compute_global_addresses.rb new file mode 100644 index 000000000..34f7eff0c --- /dev/null +++ b/libraries/google_compute_global_addresses.rb @@ -0,0 +1,96 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class GlobalAddresss < GcpResourceBase + name 'google_compute_global_addresses' + desc 'GlobalAddress plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:addresses, field: :address) + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:ip_versions, field: :ip_version) + filter_table_config.add(:regions, field: :region) + filter_table_config.add(:address_types, field: :address_type) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/addresses' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'address' => ->(obj) { return :address, obj['address'] }, + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'ipVersion' => ->(obj) { return :ip_version, obj['ipVersion'] }, + 'region' => ->(obj) { return :region, obj['region'] }, + 'addressType' => ->(obj) { return :address_type, obj['addressType'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index b5f7f6fa4..659f5a8fd 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -54,6 +54,10 @@ variable "instance_template" { type = "map" } +variable "global_address" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -223,4 +227,10 @@ resource "google_compute_instance_template" "gcp-inspec-instance-template" { service_account { scopes = ["${var.instance_template["service_account_scope"]}"] } +} + +resource "google_compute_global_address" "gcp-inspec-global-address" { + project = "${var.gcp_project_id}" + name = "${var.global_address["name"]}" + ip_version = "${var.global_address["ip_version"]}" } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index e4e34dc6d..b76e843e7 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -88,4 +88,8 @@ instance_template: disk_auto_delete: true disk_boot: true network_interface_network: default - service_account_scope: storage-ro \ No newline at end of file + service_account_scope: storage-ro + +global_address: + name: inspec-gcp-global-address + ip_version: IPV6 diff --git a/test/integration/verify/controls/google_compute_global_address.rb b/test/integration/verify/controls/google_compute_global_address.rb new file mode 100644 index 000000000..9af08a8b3 --- /dev/null +++ b/test/integration/verify/controls/google_compute_global_address.rb @@ -0,0 +1,34 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_global_address resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +global_address = attribute('global_address', default: { + "name": "inspec-gcp-global-address", + "ip_version": "IPV6" +}, description: 'Compute Global Address definition') +control 'google_compute_global_address-1.0' do + impact 1.0 + title 'google_compute_global_address resource test' + + describe google_compute_global_address(project: gcp_project_id, name: global_address['name']) do + it { should exist } + its('ip_version') { should eq global_address['ip_version'] } + end + + describe google_compute_global_address(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_global_addresses.rb b/test/integration/verify/controls/google_compute_global_addresses.rb new file mode 100644 index 000000000..d63e225f2 --- /dev/null +++ b/test/integration/verify/controls/google_compute_global_addresses.rb @@ -0,0 +1,31 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_global_addresses resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +global_address = attribute('global_address', default: { + "name": "inspec-gcp-global-address", + "ip_version": "IPV6" +}, description: 'Compute Global Address definition') +control 'google_compute_global_addresses-1.0' do + impact 1.0 + title 'google_compute_global_addresses resource test' + + describe google_compute_global_addresses(project: gcp_project_id, name: global_address['name']) do + its('count') { should be >= 1 } + its('names') { should include global_address['name'] } + its('ip_versions') { should include global_address['ip_version'] } + end +end From 2f6ded5caf5eb2af2d2052fa357fdbb636eba008 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Mon, 28 Jan 2019 21:35:55 +0000 Subject: [PATCH 06/30] Inspec url map Signed-off-by: Modular Magician --- docs/resources/google_compute_url_map.md | 71 ++++++++++++++ docs/resources/google_compute_url_maps.md | 33 +++++++ .../compute/property/urlmap_host_rules.rb | 43 ++++++++ .../compute/property/urlmap_path_matchers.rb | 47 +++++++++ .../compute/property/urlmap_path_rules.rb | 40 ++++++++ .../google/compute/property/urlmap_tests.rb | 46 +++++++++ libraries/google_compute_url_map.rb | 70 +++++++++++++ libraries/google_compute_url_maps.rb | 98 +++++++++++++++++++ test/integration/build/gcp-mm.tf | 33 +++++++ .../configuration/mm-attributes.yml | 9 ++ .../verify/controls/google_compute_url_map.rb | 55 +++++++++++ .../controls/google_compute_url_maps.rb | 42 ++++++++ 12 files changed, 587 insertions(+) create mode 100644 docs/resources/google_compute_url_map.md create mode 100644 docs/resources/google_compute_url_maps.md create mode 100644 libraries/google/compute/property/urlmap_host_rules.rb create mode 100644 libraries/google/compute/property/urlmap_path_matchers.rb create mode 100644 libraries/google/compute/property/urlmap_path_rules.rb create mode 100644 libraries/google/compute/property/urlmap_tests.rb create mode 100644 libraries/google_compute_url_map.rb create mode 100644 libraries/google_compute_url_maps.rb create mode 100644 test/integration/verify/controls/google_compute_url_map.rb create mode 100644 test/integration/verify/controls/google_compute_url_maps.rb diff --git a/docs/resources/google_compute_url_map.md b/docs/resources/google_compute_url_map.md new file mode 100644 index 000000000..be31db359 --- /dev/null +++ b/docs/resources/google_compute_url_map.md @@ -0,0 +1,71 @@ +--- +title: About the UrlMap resource +platform: gcp +--- + + +## Syntax +A `google_compute_url_map` is used to test a Google UrlMap resource + +## Examples +``` +describe google_compute_url_map(project: 'chef-gcp-inspec', name: 'inspec-gcp-url-map') do + it { should exist } + its('description') { should eq 'URL map description' } + its('default_service') { should match /\/inspec-gcp-backend-service$/ } + its('host_rules.count') { should eq 1 } + its('host_rules.first.hosts') { should include 'site.com' } + its('path_matchers.count') { should eq 1 } + its('path_matchers.first.default_service') { should match /\/inspec-gcp-backend-service$/ } + its('tests.count') { should eq 1 } + its('tests.first.host') { should eq 'test.com' } + its('tests.first.path') { should eq '/home' } +end + +describe google_compute_url_map(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_url_map` resource: + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `default_service`: A reference to BackendService resource if none of the hostRules match. + + * `description`: An optional description of this resource. Provide this property when you create the resource. + + * `host_rules`: The list of HostRules to use against the URL. + + * `description`: An optional description of this HostRule. Provide this property when you create the resource. + + * `hosts`: The list of host patterns to match. They must be valid hostnames, except * will match any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or .. + + * `pathMatcher`: The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion. + + * `id`: The unique identifier for the resource. + + * `fingerprint`: Fingerprint of this resource. This field is used internally during updates of this resource. + + * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `path_matchers`: The list of named PathMatchers to use against the URL. + + * `defaultService`: A reference to a BackendService resource. This will be used if none of the pathRules defined by this PathMatcher is matched by the URL's path portion. + + * `description`: An optional description of this resource. + + * `name`: The name to which this PathMatcher is referred by the HostRule. + + * `pathRules`: The list of path rules. + + * `tests`: The list of expected URL mappings. Requests to update this UrlMap will succeed only if all of the test cases pass. + + * `description`: Description of this test case. + + * `host`: Host portion of the URL. + + * `path`: Path portion of the URL. + + * `service`: A reference to expected BackendService resource the given URL should be mapped to. diff --git a/docs/resources/google_compute_url_maps.md b/docs/resources/google_compute_url_maps.md new file mode 100644 index 000000000..5c2b4fd46 --- /dev/null +++ b/docs/resources/google_compute_url_maps.md @@ -0,0 +1,33 @@ +--- +title: About the UrlMap resource +platform: gcp +--- + + +## Syntax +A `google_compute_url_maps` is used to test a Google UrlMap resource + +## Examples +``` +describe google_compute_url_maps(project: 'chef-gcp-inspec') do + its('names') { should include 'inspec-gcp-url-map' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_url_maps` resource: + +See [google_compute_url_map.md](google_compute_url_map.md) for more detailed information + * `creation_timestamps`: an array of `google_compute_url_map` creation_timestamp + * `default_services`: an array of `google_compute_url_map` default_service + * `descriptions`: an array of `google_compute_url_map` description + * `host_rules`: an array of `google_compute_url_map` host_rules + * `ids`: an array of `google_compute_url_map` id + * `fingerprints`: an array of `google_compute_url_map` fingerprint + * `names`: an array of `google_compute_url_map` name + * `path_matchers`: an array of `google_compute_url_map` path_matchers + * `tests`: an array of `google_compute_url_map` tests + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google/compute/property/urlmap_host_rules.rb b/libraries/google/compute/property/urlmap_host_rules.rb new file mode 100644 index 000000000..dbe4e38de --- /dev/null +++ b/libraries/google/compute/property/urlmap_host_rules.rb @@ -0,0 +1,43 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class UrlMapHostrules + attr_reader :description + + attr_reader :hosts + + attr_reader :path_matcher + + def initialize(args = nil) + return if args.nil? + @description = args['description'] + @hosts = args['hosts'] + @path_matcher = args['pathMatcher'] + end + end + + class UrlMapHostrulesArray + def self.parse(value) + return if value.nil? + return UrlMapHostrules.new(value) unless value.is_a?(::Array) + value.map { |v| UrlMapHostrules.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/urlmap_path_matchers.rb b/libraries/google/compute/property/urlmap_path_matchers.rb new file mode 100644 index 000000000..ecd46328e --- /dev/null +++ b/libraries/google/compute/property/urlmap_path_matchers.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/urlmap_path_rules' +module GoogleInSpec + module Compute + module Property + class UrlMapPathmatchers + attr_reader :default_service + + attr_reader :description + + attr_reader :name + + attr_reader :path_rules + + def initialize(args = nil) + return if args.nil? + @default_service = args['defaultService'] + @description = args['description'] + @name = args['name'] + @path_rules = GoogleInSpec::Compute::Property::UrlMapPathrulesArray.parse(args['pathRules']) + end + end + + class UrlMapPathmatchersArray + def self.parse(value) + return if value.nil? + return UrlMapPathmatchers.new(value) unless value.is_a?(::Array) + value.map { |v| UrlMapPathmatchers.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/urlmap_path_rules.rb b/libraries/google/compute/property/urlmap_path_rules.rb new file mode 100644 index 000000000..e2c6b2f69 --- /dev/null +++ b/libraries/google/compute/property/urlmap_path_rules.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class UrlMapPathrules + attr_reader :paths + + attr_reader :service + + def initialize(args = nil) + return if args.nil? + @paths = args['paths'] + @service = args['service'] + end + end + + class UrlMapPathrulesArray + def self.parse(value) + return if value.nil? + return UrlMapPathrules.new(value) unless value.is_a?(::Array) + value.map { |v| UrlMapPathrules.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/urlmap_tests.rb b/libraries/google/compute/property/urlmap_tests.rb new file mode 100644 index 000000000..96251ca26 --- /dev/null +++ b/libraries/google/compute/property/urlmap_tests.rb @@ -0,0 +1,46 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class UrlMapTests + attr_reader :description + + attr_reader :host + + attr_reader :path + + attr_reader :service + + def initialize(args = nil) + return if args.nil? + @description = args['description'] + @host = args['host'] + @path = args['path'] + @service = args['service'] + end + end + + class UrlMapTestsArray + def self.parse(value) + return if value.nil? + return UrlMapTests.new(value) unless value.is_a?(::Array) + value.map { |v| UrlMapTests.new(v) } + end + end + end + end +end diff --git a/libraries/google_compute_url_map.rb b/libraries/google_compute_url_map.rb new file mode 100644 index 000000000..bb3f84fdc --- /dev/null +++ b/libraries/google_compute_url_map.rb @@ -0,0 +1,70 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +require 'google/compute/property/urlmap_host_rules' +require 'google/compute/property/urlmap_path_matchers' +require 'google/compute/property/urlmap_tests' + +# A provider to manage Google Compute Engine resources. +class UrlMap < GcpResourceBase + name 'google_compute_url_map' + desc 'UrlMap' + supports platform: 'gcp' + + attr_reader :creation_timestamp + attr_reader :default_service + attr_reader :description + attr_reader :host_rules + attr_reader :id + attr_reader :fingerprint + attr_reader :name + attr_reader :path_matchers + attr_reader :tests + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/urlMaps/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @default_service = @fetched['defaultService'] + @description = @fetched['description'] + @host_rules = GoogleInSpec::Compute::Property::UrlMapHostrulesArray.parse(@fetched['hostRules']) + @id = @fetched['id'] + @fingerprint = @fetched['fingerprint'] + @name = @fetched['name'] + @path_matchers = GoogleInSpec::Compute::Property::UrlMapPathmatchersArray.parse(@fetched['pathMatchers']) + @tests = GoogleInSpec::Compute::Property::UrlMapTestsArray.parse(@fetched['tests']) + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_url_maps.rb b/libraries/google_compute_url_maps.rb new file mode 100644 index 000000000..48a4fd6c9 --- /dev/null +++ b/libraries/google_compute_url_maps.rb @@ -0,0 +1,98 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class UrlMaps < GcpResourceBase + name 'google_compute_url_maps' + desc 'UrlMap plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:default_services, field: :default_service) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:host_rules, field: :host_rules) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:fingerprints, field: :fingerprint) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:path_matchers, field: :path_matchers) + filter_table_config.add(:tests, field: :tests) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/urlMaps' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'defaultService' => ->(obj) { return :default_service, obj['defaultService'] }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'hostRules' => ->(obj) { return :host_rules, GoogleInSpec::Compute::Property::UrlMapHostrulesArray.parse(obj['hostRules']) }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'fingerprint' => ->(obj) { return :fingerprint, obj['fingerprint'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'pathMatchers' => ->(obj) { return :path_matchers, GoogleInSpec::Compute::Property::UrlMapPathmatchersArray.parse(obj['pathMatchers']) }, + 'tests' => ->(obj) { return :tests, GoogleInSpec::Compute::Property::UrlMapTestsArray.parse(obj['tests']) }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index 659f5a8fd..b6865c281 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -58,6 +58,10 @@ variable "global_address" { type = "map" } +variable "url_map" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -233,4 +237,33 @@ resource "google_compute_global_address" "gcp-inspec-global-address" { project = "${var.gcp_project_id}" name = "${var.global_address["name"]}" ip_version = "${var.global_address["ip_version"]}" +} + +resource "google_compute_url_map" "gcp-inspec-url-map" { + project = "${var.gcp_project_id}" + name = "${var.url_map["name"]}" + description = "${var.url_map["description"]}" + + default_service = "${google_compute_backend_service.gcp-inspec-backend-service.self_link}" + + host_rule { + hosts = ["${var.url_map["host_rule_host"]}"] + path_matcher = "${var.url_map["path_matcher_name"]}" + } + + path_matcher { + name = "${var.url_map["path_matcher_name"]}" + default_service = "${google_compute_backend_service.gcp-inspec-backend-service.self_link}" + + path_rule { + paths = ["${var.url_map["path_rule_path"]}"] + service = "${google_compute_backend_service.gcp-inspec-backend-service.self_link}" + } + } + + test { + service = "${google_compute_backend_service.gcp-inspec-backend-service.self_link}" + host = "${var.url_map["test_host"]}" + path = "${var.url_map["test_path"]}" + } } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index b76e843e7..19d7b9419 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -93,3 +93,12 @@ instance_template: global_address: name: inspec-gcp-global-address ip_version: IPV6 + +url_map: + name: inspec-gcp-url-map + description: URL map description + host_rule_host: site.com + path_matcher_name: allpaths + path_rule_path: /home + test_host: test.com + test_path: /home diff --git a/test/integration/verify/controls/google_compute_url_map.rb b/test/integration/verify/controls/google_compute_url_map.rb new file mode 100644 index 000000000..264ea8798 --- /dev/null +++ b/test/integration/verify/controls/google_compute_url_map.rb @@ -0,0 +1,55 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_url_map resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +url_map = attribute('url_map', default: { + "name": "inspec-gcp-url-map", + "description": "URL map description", + "host_rule_host": "site.com", + "path_matcher_name": "allpaths", + "path_rule_path": "/home", + "test_host": "test.com", + "test_path": "/home" +}, description: 'Compute URL map definition') +backend_service = attribute('backend_service', default: { + "name": "inspec-gcp-backend-service", + "description": "A description", + "port_name": "http", + "protocol": "HTTP", + "timeout_sec": 10, + "enable_cdn": true +}, description: 'Backend service definition') +control 'google_compute_url_map-1.0' do + impact 1.0 + title 'google_compute_url_map resource test' + + describe google_compute_url_map(project: gcp_project_id, name: url_map['name']) do + it { should exist } + its('description') { should eq url_map['description'] } + its('default_service') { should match /\/inspec-gcp-backend-service$/ } + its('host_rules.count') { should eq 1 } + its('host_rules.first.hosts') { should include url_map['host_rule_host'] } + its('path_matchers.count') { should eq 1 } + its('path_matchers.first.default_service') { should match /\/inspec-gcp-backend-service$/ } + its('tests.count') { should eq 1 } + its('tests.first.host') { should eq url_map['test_host'] } + its('tests.first.path') { should eq url_map['test_path'] } + end + + describe google_compute_url_map(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_url_maps.rb b/test/integration/verify/controls/google_compute_url_maps.rb new file mode 100644 index 000000000..2c85519c6 --- /dev/null +++ b/test/integration/verify/controls/google_compute_url_maps.rb @@ -0,0 +1,42 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_url_maps resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +url_map = attribute('url_map', default: { + "name": "inspec-gcp-url-map", + "description": "URL map description", + "host_rule_host": "site.com", + "path_matcher_name": "allpaths", + "path_rule_path": "/home", + "test_host": "test.com", + "test_path": "/home" +}, description: 'Compute URL map definition') +backend_service = attribute('backend_service', default: { + "name": "inspec-gcp-backend-service", + "description": "A description", + "port_name": "http", + "protocol": "HTTP", + "timeout_sec": 10, + "enable_cdn": true +}, description: 'Backend service definition') +control 'google_compute_url_maps-1.0' do + impact 1.0 + title 'google_compute_url_maps resource test' + + describe google_compute_url_maps(project: gcp_project_id) do + its('names') { should include url_map['name'] } + end +end From adb5a426e3bdb67067502672963c6077a82cff73 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Mon, 28 Jan 2019 22:27:40 +0000 Subject: [PATCH 07/30] Add InSpec support for HTTP proxy Signed-off-by: Modular Magician --- .../google_compute_target_http_proxies.md | 30 +++++++ .../google_compute_target_http_proxy.md | 34 +++++++ .../google_compute_target_http_proxies.rb | 90 +++++++++++++++++++ libraries/google_compute_target_http_proxy.rb | 59 ++++++++++++ test/integration/build/gcp-mm.tf | 11 +++ .../configuration/mm-attributes.yml | 4 + .../google_compute_target_http_proxies.rb | 30 +++++++ .../google_compute_target_http_proxy.rb | 35 ++++++++ 8 files changed, 293 insertions(+) create mode 100644 docs/resources/google_compute_target_http_proxies.md create mode 100644 docs/resources/google_compute_target_http_proxy.md create mode 100644 libraries/google_compute_target_http_proxies.rb create mode 100644 libraries/google_compute_target_http_proxy.rb create mode 100644 test/integration/verify/controls/google_compute_target_http_proxies.rb create mode 100644 test/integration/verify/controls/google_compute_target_http_proxy.rb diff --git a/docs/resources/google_compute_target_http_proxies.md b/docs/resources/google_compute_target_http_proxies.md new file mode 100644 index 000000000..9a5c0f7c7 --- /dev/null +++ b/docs/resources/google_compute_target_http_proxies.md @@ -0,0 +1,30 @@ +--- +title: About the TargetHttpProxy resource +platform: gcp +--- + + +## Syntax +A `google_compute_target_http_proxies` is used to test a Google TargetHttpProxy resource + +## Examples +``` +describe google_compute_target_http_proxies(project: 'chef-gcp-inspec') do + its('names') { should include 'inspec-gcp-http-proxy' } + its('descriptions') { should include 'A HTTP proxy' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_target_http_proxies` resource: + +See [google_compute_target_http_proxy.md](google_compute_target_http_proxy.md) for more detailed information + * `creation_timestamps`: an array of `google_compute_target_http_proxy` creation_timestamp + * `descriptions`: an array of `google_compute_target_http_proxy` description + * `ids`: an array of `google_compute_target_http_proxy` id + * `names`: an array of `google_compute_target_http_proxy` name + * `url_maps`: an array of `google_compute_target_http_proxy` url_map + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/docs/resources/google_compute_target_http_proxy.md b/docs/resources/google_compute_target_http_proxy.md new file mode 100644 index 000000000..3ca7b2c93 --- /dev/null +++ b/docs/resources/google_compute_target_http_proxy.md @@ -0,0 +1,34 @@ +--- +title: About the TargetHttpProxy resource +platform: gcp +--- + + +## Syntax +A `google_compute_target_http_proxy` is used to test a Google TargetHttpProxy resource + +## Examples +``` +describe google_compute_target_http_proxy(project: 'chef-gcp-inspec', name: 'inspec-gcp-http-proxy') do + it { should exist } + its('description') { should eq 'A HTTP proxy' } + its('url_map') { should match /\/inspec-gcp-url-map$/ } +end + +describe google_compute_target_http_proxy(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_target_http_proxy` resource: + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `description`: An optional description of this resource. + + * `id`: The unique identifier for the resource. + + * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `url_map`: A reference to the UrlMap resource that defines the mapping from URL to the BackendService. diff --git a/libraries/google_compute_target_http_proxies.rb b/libraries/google_compute_target_http_proxies.rb new file mode 100644 index 000000000..956e5b13b --- /dev/null +++ b/libraries/google_compute_target_http_proxies.rb @@ -0,0 +1,90 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class TargetHttpProxys < GcpResourceBase + name 'google_compute_target_http_proxies' + desc 'TargetHttpProxy plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:url_maps, field: :url_map) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/targetHttpProxies' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'urlMap' => ->(obj) { return :url_map, obj['urlMap'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/libraries/google_compute_target_http_proxy.rb b/libraries/google_compute_target_http_proxy.rb new file mode 100644 index 000000000..54bd90cda --- /dev/null +++ b/libraries/google_compute_target_http_proxy.rb @@ -0,0 +1,59 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' + +# A provider to manage Google Compute Engine resources. +class TargetHttpProxy < GcpResourceBase + name 'google_compute_target_http_proxy' + desc 'TargetHttpProxy' + supports platform: 'gcp' + + attr_reader :creation_timestamp + attr_reader :description + attr_reader :id + attr_reader :name + attr_reader :url_map + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/targetHttpProxies/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @description = @fetched['description'] + @id = @fetched['id'] + @name = @fetched['name'] + @url_map = @fetched['urlMap'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index b6865c281..9420d8e4a 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -62,6 +62,10 @@ variable "url_map" { type = "map" } +variable "http_proxy" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -266,4 +270,11 @@ resource "google_compute_url_map" "gcp-inspec-url-map" { host = "${var.url_map["test_host"]}" path = "${var.url_map["test_path"]}" } +} + +resource "google_compute_target_http_proxy" "gcp-inspec-http-proxy" { + project = "${var.gcp_project_id}" + name = "${var.http_proxy["name"]}" + url_map = "${google_compute_url_map.gcp-inspec-url-map.self_link}" + description = "${var.http_proxy["description"]}" } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index 19d7b9419..afb998ff0 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -102,3 +102,7 @@ url_map: path_rule_path: /home test_host: test.com test_path: /home + +http_proxy: + name: inspec-gcp-http-proxy + description: A HTTP proxy diff --git a/test/integration/verify/controls/google_compute_target_http_proxies.rb b/test/integration/verify/controls/google_compute_target_http_proxies.rb new file mode 100644 index 000000000..6973cc111 --- /dev/null +++ b/test/integration/verify/controls/google_compute_target_http_proxies.rb @@ -0,0 +1,30 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_target_http_proxies resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +http_proxy = attribute('http_proxy', default: { + "name": "inspec-gcp-http-proxy", + "description": "A HTTP proxy" +}, description: 'Compute HTTP proxy definition') +control 'google_compute_target_http_proxies-1.0' do + impact 1.0 + title 'google_compute_target_http_proxies resource test' + + describe google_compute_target_http_proxies(project: gcp_project_id) do + its('names') { should include http_proxy['name'] } + its('descriptions') { should include http_proxy['description'] } + end +end diff --git a/test/integration/verify/controls/google_compute_target_http_proxy.rb b/test/integration/verify/controls/google_compute_target_http_proxy.rb new file mode 100644 index 000000000..c6b36adfd --- /dev/null +++ b/test/integration/verify/controls/google_compute_target_http_proxy.rb @@ -0,0 +1,35 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_target_http_proxy resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +http_proxy = attribute('http_proxy', default: { + "name": "inspec-gcp-http-proxy", + "description": "A HTTP proxy" +}, description: 'Compute HTTP proxy definition') +control 'google_compute_target_http_proxy-1.0' do + impact 1.0 + title 'google_compute_target_http_proxy resource test' + + describe google_compute_target_http_proxy(project: gcp_project_id, name: http_proxy['name']) do + it { should exist } + its('description') { should eq http_proxy['description'] } + its('url_map') { should match /\/inspec-gcp-url-map$/ } + end + + describe google_compute_target_http_proxy(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end From 67a85822fc6d85ca31271fdd88137d59fecff476 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Tue, 29 Jan 2019 19:14:28 +0000 Subject: [PATCH 08/30] Add global forwarding rule generation to InSpec Signed-off-by: Modular Magician --- .../google_compute_global_forwarding_rule.md | 54 +++++++++ .../google_compute_global_forwarding_rules.md | 40 +++++++ .../google_compute_global_forwarding_rule.rb | 79 +++++++++++++ .../google_compute_global_forwarding_rules.rb | 110 ++++++++++++++++++ test/integration/build/gcp-mm.tf | 11 ++ .../configuration/mm-attributes.yml | 4 + .../google_compute_global_forwarding_rule.rb | 35 ++++++ .../google_compute_global_forwarding_rules.rb | 30 +++++ 8 files changed, 363 insertions(+) create mode 100644 docs/resources/google_compute_global_forwarding_rule.md create mode 100644 docs/resources/google_compute_global_forwarding_rules.md create mode 100644 libraries/google_compute_global_forwarding_rule.rb create mode 100644 libraries/google_compute_global_forwarding_rules.rb create mode 100644 test/integration/verify/controls/google_compute_global_forwarding_rule.rb create mode 100644 test/integration/verify/controls/google_compute_global_forwarding_rules.rb diff --git a/docs/resources/google_compute_global_forwarding_rule.md b/docs/resources/google_compute_global_forwarding_rule.md new file mode 100644 index 000000000..4642d5dd8 --- /dev/null +++ b/docs/resources/google_compute_global_forwarding_rule.md @@ -0,0 +1,54 @@ +--- +title: About the GlobalForwardingRule resource +platform: gcp +--- + + +## Syntax +A `google_compute_global_forwarding_rule` is used to test a Google GlobalForwardingRule resource + +## Examples +``` +describe google_compute_global_forwarding_rule(project: 'chef-gcp-inspec', name: 'inspec-gcp-global-forwarding-rule') do + it { should exist } + its('port_range') { should eq '80-80' } + its('target') { should match /\/inspec-gcp-http-proxy$/ } +end + +describe google_compute_global_forwarding_rule(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_global_forwarding_rule` resource: + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `description`: An optional description of this resource. Provide this property when you create the resource. + + * `id`: The unique identifier for the resource. + + * `ip_address`: The IP address that this forwarding rule is serving on behalf of. Addresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional). When the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6. When the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule. An address can be specified either by a literal IP address or a URL reference to an existing Address resource. The following examples are all valid: * 100.1.2.3 * https://www.googleapis.com/compute/v1/projects/project/regions/ region/addresses/address * projects/project/regions/region/addresses/address * regions/region/addresses/address * global/addresses/address * address + + * `ip_protocol`: The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP, AH, SCTP or ICMP. When the load balancing scheme is INTERNAL, only TCP and UDP are valid. + + * `backend_service`: A reference to a BackendService to receive the matched traffic. This is used for internal load balancing. (not used for external load balancing) + + * `ip_version`: The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for a global forwarding rule. + + * `load_balancing_scheme`: This signifies what the ForwardingRule will be used for and can only take the following values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy) + + * `name`: Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `network`: For internal load balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used. This field is not used for external load balancing. + + * `port_range`: This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance. Applicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges. Some types of forwarding target have constraints on the acceptable ports: * TargetHttpProxy: 80, 8080 * TargetHttpsProxy: 443 * TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 * TargetVpnGateway: 500, 4500 + + * `ports`: This field is used along with the backend_service field for internal load balancing. When the load balancing scheme is INTERNAL, a single port or a comma separated list of ports can be configured. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule. You may specify a maximum of up to 5 ports. + + * `subnetwork`: A reference to a subnetwork. For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule. If the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified. This field is not used for external load balancing. + + * `region`: A reference to the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. + + * `target`: This target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object. Valid types: HTTP_PROXY, HTTPS_PROXY, SSL_PROXY, TCP_PROXY diff --git a/docs/resources/google_compute_global_forwarding_rules.md b/docs/resources/google_compute_global_forwarding_rules.md new file mode 100644 index 000000000..5c451c975 --- /dev/null +++ b/docs/resources/google_compute_global_forwarding_rules.md @@ -0,0 +1,40 @@ +--- +title: About the GlobalForwardingRule resource +platform: gcp +--- + + +## Syntax +A `google_compute_global_forwarding_rules` is used to test a Google GlobalForwardingRule resource + +## Examples +``` +describe google_compute_global_forwarding_rules(project: 'chef-gcp-inspec') do + its('count') { should be >= 1 } + its('port_ranges') { should include '80-80' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_global_forwarding_rules` resource: + +See [google_compute_global_forwarding_rule.md](google_compute_global_forwarding_rule.md) for more detailed information + * `creation_timestamps`: an array of `google_compute_global_forwarding_rule` creation_timestamp + * `descriptions`: an array of `google_compute_global_forwarding_rule` description + * `ids`: an array of `google_compute_global_forwarding_rule` id + * `ip_addresses`: an array of `google_compute_global_forwarding_rule` ip_address + * `ip_protocols`: an array of `google_compute_global_forwarding_rule` ip_protocol + * `backend_services`: an array of `google_compute_global_forwarding_rule` backend_service + * `ip_versions`: an array of `google_compute_global_forwarding_rule` ip_version + * `load_balancing_schemes`: an array of `google_compute_global_forwarding_rule` load_balancing_scheme + * `names`: an array of `google_compute_global_forwarding_rule` name + * `networks`: an array of `google_compute_global_forwarding_rule` network + * `port_ranges`: an array of `google_compute_global_forwarding_rule` port_range + * `ports`: an array of `google_compute_global_forwarding_rule` ports + * `subnetworks`: an array of `google_compute_global_forwarding_rule` subnetwork + * `regions`: an array of `google_compute_global_forwarding_rule` region + * `targets`: an array of `google_compute_global_forwarding_rule` target + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google_compute_global_forwarding_rule.rb b/libraries/google_compute_global_forwarding_rule.rb new file mode 100644 index 000000000..27d1b7ce1 --- /dev/null +++ b/libraries/google_compute_global_forwarding_rule.rb @@ -0,0 +1,79 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' + +# A provider to manage Google Compute Engine resources. +class GlobalForwardingRule < GcpResourceBase + name 'google_compute_global_forwarding_rule' + desc 'GlobalForwardingRule' + supports platform: 'gcp' + + attr_reader :creation_timestamp + attr_reader :description + attr_reader :id + attr_reader :ip_address + attr_reader :ip_protocol + attr_reader :backend_service + attr_reader :ip_version + attr_reader :load_balancing_scheme + attr_reader :name + attr_reader :network + attr_reader :port_range + attr_reader :ports + attr_reader :subnetwork + attr_reader :region + attr_reader :target + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/forwardingRules/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @description = @fetched['description'] + @id = @fetched['id'] + @ip_address = @fetched['IPAddress'] + @ip_protocol = @fetched['IPProtocol'] + @backend_service = @fetched['backendService'] + @ip_version = @fetched['ipVersion'] + @load_balancing_scheme = @fetched['loadBalancingScheme'] + @name = @fetched['name'] + @network = @fetched['network'] + @port_range = @fetched['portRange'] + @ports = @fetched['ports'] + @subnetwork = @fetched['subnetwork'] + @region = @fetched['region'] + @target = @fetched['target'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_global_forwarding_rules.rb b/libraries/google_compute_global_forwarding_rules.rb new file mode 100644 index 000000000..9f2f8f3a5 --- /dev/null +++ b/libraries/google_compute_global_forwarding_rules.rb @@ -0,0 +1,110 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class GlobalForwardingRules < GcpResourceBase + name 'google_compute_global_forwarding_rules' + desc 'GlobalForwardingRule plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:ip_addresses, field: :ip_address) + filter_table_config.add(:ip_protocols, field: :ip_protocol) + filter_table_config.add(:backend_services, field: :backend_service) + filter_table_config.add(:ip_versions, field: :ip_version) + filter_table_config.add(:load_balancing_schemes, field: :load_balancing_scheme) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:networks, field: :network) + filter_table_config.add(:port_ranges, field: :port_range) + filter_table_config.add(:ports, field: :ports) + filter_table_config.add(:subnetworks, field: :subnetwork) + filter_table_config.add(:regions, field: :region) + filter_table_config.add(:targets, field: :target) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/forwardingRules' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'IPAddress' => ->(obj) { return :ip_address, obj['IPAddress'] }, + 'IPProtocol' => ->(obj) { return :ip_protocol, obj['IPProtocol'] }, + 'backendService' => ->(obj) { return :backend_service, obj['backendService'] }, + 'ipVersion' => ->(obj) { return :ip_version, obj['ipVersion'] }, + 'loadBalancingScheme' => ->(obj) { return :load_balancing_scheme, obj['loadBalancingScheme'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'network' => ->(obj) { return :network, obj['network'] }, + 'portRange' => ->(obj) { return :port_range, obj['portRange'] }, + 'ports' => ->(obj) { return :ports, obj['ports'] }, + 'subnetwork' => ->(obj) { return :subnetwork, obj['subnetwork'] }, + 'region' => ->(obj) { return :region, obj['region'] }, + 'target' => ->(obj) { return :target, obj['target'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index 9420d8e4a..c214ce736 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -66,6 +66,10 @@ variable "http_proxy" { type = "map" } +variable "global_forwarding_rule" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -277,4 +281,11 @@ resource "google_compute_target_http_proxy" "gcp-inspec-http-proxy" { name = "${var.http_proxy["name"]}" url_map = "${google_compute_url_map.gcp-inspec-url-map.self_link}" description = "${var.http_proxy["description"]}" +} + +resource "google_compute_global_forwarding_rule" "gcp-inspec-global-forwarding-rule" { + project = "${var.gcp_project_id}" + name = "${var.global_forwarding_rule["name"]}" + target = "${google_compute_target_http_proxy.gcp-inspec-http-proxy.self_link}" + port_range = "${var.global_forwarding_rule["port_range"]}" } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index afb998ff0..76bf03a26 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -106,3 +106,7 @@ url_map: http_proxy: name: inspec-gcp-http-proxy description: A HTTP proxy + +global_forwarding_rule: + name: inspec-gcp-global-forwarding-rule + port_range: 80-80 \ No newline at end of file diff --git a/test/integration/verify/controls/google_compute_global_forwarding_rule.rb b/test/integration/verify/controls/google_compute_global_forwarding_rule.rb new file mode 100644 index 000000000..257f83960 --- /dev/null +++ b/test/integration/verify/controls/google_compute_global_forwarding_rule.rb @@ -0,0 +1,35 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_global_forwarding_rule resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +global_forwarding_rule = attribute('global_forwarding_rule', default: { + "name": "inspec-gcp-global-forwarding-rule", + "port_range": "80-80" +}, description: 'Compute global forwarding rule definition') +control 'google_compute_global_forwarding_rule-1.0' do + impact 1.0 + title 'google_compute_global_forwarding_rule resource test' + + describe google_compute_global_forwarding_rule(project: gcp_project_id, name: global_forwarding_rule['name']) do + it { should exist } + its('port_range') { should eq global_forwarding_rule['port_range'] } + its('target') { should match /\/inspec-gcp-http-proxy$/ } + end + + describe google_compute_global_forwarding_rule(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_global_forwarding_rules.rb b/test/integration/verify/controls/google_compute_global_forwarding_rules.rb new file mode 100644 index 000000000..17902fac9 --- /dev/null +++ b/test/integration/verify/controls/google_compute_global_forwarding_rules.rb @@ -0,0 +1,30 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_global_forwarding_rules resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +global_forwarding_rule = attribute('global_forwarding_rule', default: { + "name": "inspec-gcp-global-forwarding-rule", + "port_range": "80-80" +}, description: 'Compute global forwarding rule definition') +control 'google_compute_global_forwarding_rules-1.0' do + impact 1.0 + title 'google_compute_global_forwarding_rules resource test' + + describe google_compute_global_forwarding_rules(project: gcp_project_id) do + its('count') { should be >= 1 } + its('port_ranges') { should include global_forwarding_rule['port_range'] } + end +end From 9ce89f7d0ce42cfd45e2f8843fad806a57b1749f Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Tue, 29 Jan 2019 22:38:16 +0000 Subject: [PATCH 09/30] Add support for target TCP proxy in InSpec Signed-off-by: Modular Magician --- .../google_compute_target_tcp_proxies.md | 31 +++++++ .../google_compute_target_tcp_proxy.md | 36 ++++++++ .../google_compute_target_tcp_proxies.rb | 92 +++++++++++++++++++ libraries/google_compute_target_tcp_proxy.rb | 61 ++++++++++++ test/integration/build/gcp-mm.tf | 20 ++++ .../configuration/mm-attributes.yml | 7 +- .../google_compute_target_tcp_proxies.rb | 31 +++++++ .../google_compute_target_tcp_proxy.rb | 36 ++++++++ 8 files changed, 313 insertions(+), 1 deletion(-) create mode 100644 docs/resources/google_compute_target_tcp_proxies.md create mode 100644 docs/resources/google_compute_target_tcp_proxy.md create mode 100644 libraries/google_compute_target_tcp_proxies.rb create mode 100644 libraries/google_compute_target_tcp_proxy.rb create mode 100644 test/integration/verify/controls/google_compute_target_tcp_proxies.rb create mode 100644 test/integration/verify/controls/google_compute_target_tcp_proxy.rb diff --git a/docs/resources/google_compute_target_tcp_proxies.md b/docs/resources/google_compute_target_tcp_proxies.md new file mode 100644 index 000000000..7a240dece --- /dev/null +++ b/docs/resources/google_compute_target_tcp_proxies.md @@ -0,0 +1,31 @@ +--- +title: About the TargetTcpProxy resource +platform: gcp +--- + + +## Syntax +A `google_compute_target_tcp_proxies` is used to test a Google TargetTcpProxy resource + +## Examples +``` +describe google_compute_target_tcp_proxies(project: 'chef-gcp-inspec') do + its('names') { should include 'inspec-gcp-target-tcp-proxy' } + its('proxy_headers') { should include 'NONE' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_target_tcp_proxies` resource: + +See [google_compute_target_tcp_proxy.md](google_compute_target_tcp_proxy.md) for more detailed information + * `creation_timestamps`: an array of `google_compute_target_tcp_proxy` creation_timestamp + * `descriptions`: an array of `google_compute_target_tcp_proxy` description + * `ids`: an array of `google_compute_target_tcp_proxy` id + * `names`: an array of `google_compute_target_tcp_proxy` name + * `proxy_headers`: an array of `google_compute_target_tcp_proxy` proxy_header + * `services`: an array of `google_compute_target_tcp_proxy` service + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/docs/resources/google_compute_target_tcp_proxy.md b/docs/resources/google_compute_target_tcp_proxy.md new file mode 100644 index 000000000..4a515d082 --- /dev/null +++ b/docs/resources/google_compute_target_tcp_proxy.md @@ -0,0 +1,36 @@ +--- +title: About the TargetTcpProxy resource +platform: gcp +--- + + +## Syntax +A `google_compute_target_tcp_proxy` is used to test a Google TargetTcpProxy resource + +## Examples +``` +describe google_compute_target_tcp_proxy(project: 'chef-gcp-inspec', name: 'inspec-gcp-target-tcp-proxy') do + it { should exist } + its('proxy_header') { should eq 'NONE' } + its('service') { should match /\/gcp-inspec-tcp-backend-service$/ } +end + +describe google_compute_target_tcp_proxy(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_target_tcp_proxy` resource: + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `description`: An optional description of this resource. + + * `id`: The unique identifier for the resource. + + * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `proxy_header`: Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE. + + * `service`: A reference to the BackendService resource. diff --git a/libraries/google_compute_target_tcp_proxies.rb b/libraries/google_compute_target_tcp_proxies.rb new file mode 100644 index 000000000..d3678bb91 --- /dev/null +++ b/libraries/google_compute_target_tcp_proxies.rb @@ -0,0 +1,92 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class TargetTcpProxys < GcpResourceBase + name 'google_compute_target_tcp_proxies' + desc 'TargetTcpProxy plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:proxy_headers, field: :proxy_header) + filter_table_config.add(:services, field: :service) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/targetTcpProxies' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'proxyHeader' => ->(obj) { return :proxy_header, obj['proxyHeader'] }, + 'service' => ->(obj) { return :service, obj['service'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/libraries/google_compute_target_tcp_proxy.rb b/libraries/google_compute_target_tcp_proxy.rb new file mode 100644 index 000000000..5927fe7a9 --- /dev/null +++ b/libraries/google_compute_target_tcp_proxy.rb @@ -0,0 +1,61 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' + +# A provider to manage Google Compute Engine resources. +class TargetTcpProxy < GcpResourceBase + name 'google_compute_target_tcp_proxy' + desc 'TargetTcpProxy' + supports platform: 'gcp' + + attr_reader :creation_timestamp + attr_reader :description + attr_reader :id + attr_reader :name + attr_reader :proxy_header + attr_reader :service + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/targetTcpProxies/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @description = @fetched['description'] + @id = @fetched['id'] + @name = @fetched['name'] + @proxy_header = @fetched['proxyHeader'] + @service = @fetched['service'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index c214ce736..1977b3f0b 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -70,6 +70,10 @@ variable "global_forwarding_rule" { type = "map" } +variable "target_tcp_proxy" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -288,4 +292,20 @@ resource "google_compute_global_forwarding_rule" "gcp-inspec-global-forwarding-r name = "${var.global_forwarding_rule["name"]}" target = "${google_compute_target_http_proxy.gcp-inspec-http-proxy.self_link}" port_range = "${var.global_forwarding_rule["port_range"]}" +} + +resource "google_compute_backend_service" "gcp-inspec-tcp-backend-service" { + project = "${var.gcp_project_id}" + name = "${var.target_tcp_proxy["tcp_backend_service_name"]}" + protocol = "TCP" + timeout_sec = 10 + + health_checks = ["${google_compute_health_check.gcp-inspec-health-check.self_link}"] +} + +resource "google_compute_target_tcp_proxy" "gcp-inspec-target-tcp-proxy" { + project = "${var.gcp_project_id}" + name = "${var.target_tcp_proxy["name"]}" + proxy_header = "${var.target_tcp_proxy["proxy_header"]}" + backend_service = "${google_compute_backend_service.gcp-inspec-tcp-backend-service.self_link}" } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index 76bf03a26..db11d1e32 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -109,4 +109,9 @@ http_proxy: global_forwarding_rule: name: inspec-gcp-global-forwarding-rule - port_range: 80-80 \ No newline at end of file + port_range: 80-80 + +target_tcp_proxy: + name: inspec-gcp-target-tcp-proxy + proxy_header: NONE + tcp_backend_service_name: gcp-inspec-tcp-backend-service \ No newline at end of file diff --git a/test/integration/verify/controls/google_compute_target_tcp_proxies.rb b/test/integration/verify/controls/google_compute_target_tcp_proxies.rb new file mode 100644 index 000000000..12223ffcb --- /dev/null +++ b/test/integration/verify/controls/google_compute_target_tcp_proxies.rb @@ -0,0 +1,31 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_target_tcp_proxies resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +target_tcp_proxy = attribute('target_tcp_proxy', default: { + "name": "inspec-gcp-target-tcp-proxy", + "proxy_header": "NONE", + "tcp_backend_service_name": "gcp-inspec-tcp-backend-service" +}, description: 'Compute TCP proxy definition') +control 'google_compute_target_tcp_proxies-1.0' do + impact 1.0 + title 'google_compute_target_tcp_proxies resource test' + + describe google_compute_target_tcp_proxies(project: gcp_project_id) do + its('names') { should include target_tcp_proxy['name'] } + its('proxy_headers') { should include target_tcp_proxy['proxy_header'] } + end +end diff --git a/test/integration/verify/controls/google_compute_target_tcp_proxy.rb b/test/integration/verify/controls/google_compute_target_tcp_proxy.rb new file mode 100644 index 000000000..e40b6ecea --- /dev/null +++ b/test/integration/verify/controls/google_compute_target_tcp_proxy.rb @@ -0,0 +1,36 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_target_tcp_proxy resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +target_tcp_proxy = attribute('target_tcp_proxy', default: { + "name": "inspec-gcp-target-tcp-proxy", + "proxy_header": "NONE", + "tcp_backend_service_name": "gcp-inspec-tcp-backend-service" +}, description: 'Compute TCP proxy definition') +control 'google_compute_target_tcp_proxy-1.0' do + impact 1.0 + title 'google_compute_target_tcp_proxy resource test' + + describe google_compute_target_tcp_proxy(project: gcp_project_id, name: target_tcp_proxy['name']) do + it { should exist } + its('proxy_header') { should eq target_tcp_proxy['proxy_header'] } + its('service') { should match /\/gcp-inspec-tcp-backend-service$/ } + end + + describe google_compute_target_tcp_proxy(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end From bf0e504c0e7882b2f058ea68e30438301a93a8df Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Wed, 30 Jan 2019 21:18:39 +0000 Subject: [PATCH 10/30] Inspec regional cluster Signed-off-by: Modular Magician --- .../google_container_regional_cluster.md | 100 ++++++++++++++ .../google_container_regional_clusters.md | 47 +++++++ .../property/regionalcluster_addons_config.rb | 34 +++++ ...ionalcluster_horizontal_pod_autoscaling.rb | 29 +++++ .../regionalcluster_http_load_balancing.rb | 29 +++++ .../property/regionalcluster_master_auth.rb | 41 ++++++ .../property/regionalcluster_node_config.rb | 56 ++++++++ .../google_container_regional_cluster.rb | 96 ++++++++++++++ .../google_container_regional_clusters.rb | 122 ++++++++++++++++++ test/integration/build/gcp-mm.tf | 11 ++ .../configuration/mm-attributes.yml | 7 +- .../google_container_regional_cluster.rb | 36 ++++++ .../google_container_regional_clusters.rb | 32 +++++ 13 files changed, 639 insertions(+), 1 deletion(-) create mode 100644 docs/resources/google_container_regional_cluster.md create mode 100644 docs/resources/google_container_regional_clusters.md create mode 100644 libraries/google/container/property/regionalcluster_addons_config.rb create mode 100644 libraries/google/container/property/regionalcluster_horizontal_pod_autoscaling.rb create mode 100644 libraries/google/container/property/regionalcluster_http_load_balancing.rb create mode 100644 libraries/google/container/property/regionalcluster_master_auth.rb create mode 100644 libraries/google/container/property/regionalcluster_node_config.rb create mode 100644 libraries/google_container_regional_cluster.rb create mode 100644 libraries/google_container_regional_clusters.rb create mode 100644 test/integration/verify/controls/google_container_regional_cluster.rb create mode 100644 test/integration/verify/controls/google_container_regional_clusters.rb diff --git a/docs/resources/google_container_regional_cluster.md b/docs/resources/google_container_regional_cluster.md new file mode 100644 index 000000000..40bf6a58c --- /dev/null +++ b/docs/resources/google_container_regional_cluster.md @@ -0,0 +1,100 @@ +--- +title: About the RegionalCluster resource +platform: gcp +--- + + +## Syntax +A `google_container_regional_cluster` is used to test a Google RegionalCluster resource + +## Examples +``` +describe google_container_regional_cluster(project: 'chef-gcp-inspec', location: 'europe-west2', name: 'inspec-gcp-regional-cluster') do + it { should exist } + its('initial_node_count') { should eq '1'} + its('location') { should eq 'europe-west2'} +end + +describe google_container_regional_cluster(project: 'chef-gcp-inspec', location: 'europe-west2', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_container_regional_cluster` resource: + + * `name`: The name of this cluster. The name must be unique within this project and location, and can be up to 40 characters. Must be Lowercase letters, numbers, and hyphens only. Must start with a letter. Must end with a number or a letter. + + * `description`: An optional description of this cluster. + + * `initial_node_count`: The number of nodes to create in this cluster. You must ensure that your Compute Engine resource quota is sufficient for this number of instances. You must also have available firewall and routes quota. For requests, this field should only be used in lieu of a "nodePool" object, since this configuration (along with the "nodeConfig") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a nodePool at the same time. + + * `node_config`: Parameters used in creating the cluster's nodes. For requests, this field should only be used in lieu of a "nodePool" object, since this configuration (along with the "initialNodeCount") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a nodePool at the same time. For responses, this field will be populated with the node configuration of the first node pool. If unspecified, the defaults are used. + + * `machineType`: The name of a Google Compute Engine machine type (e.g. n1-standard-1). If unspecified, the default machine type is n1-standard-1. + + * `diskSizeGb`: Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. + + * `oauthScopes`: The set of Google API scopes to be made available on all of the node VMs under the "default" service account. The following scopes are recommended, but not required, and by default are not included: https://www.googleapis.com/auth/compute is required for mounting persistent storage on your nodes. https://www.googleapis.com/auth/devstorage.read_only is required for communicating with gcr.io (the Google Container Registry). If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are enabled, in which case their required scopes will be added. + + * `serviceAccount`: The Google Cloud Platform Service Account to be used by the node VMs. If no Service Account is specified, the "default" service account is used. + + * `metadata`: The metadata key/value pairs assigned to instances in the cluster. Keys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes in length. These are reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project or be one of the four reserved keys: "instance-template", "kube-env", "startup-script", and "user-data" Values are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on them is that each value's size must be less than or equal to 32 KB. The total size of all keys and values must be less than 512 KB. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + + * `imageType`: The image type to use for this node. Note that for a given image type, the latest version of it will be used. + + * `labels`: The map of Kubernetes labels (key/value pairs) to be applied to each node. These will added in addition to any default label(s) that Kubernetes may apply to the node. In case of conflict in label keys, the applied set may differ depending on the Kubernetes version -- it's best to assume the behavior is undefined and conflicts should be avoided. For more information, including usage and the valid values, see: http://kubernetes.io/v1.1/docs/user-guide/labels.html An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. + + * `localSsdCount`: The number of local SSD disks to be attached to the node. The limit for this value is dependant upon the maximum number of disks available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits for more information. + + * `tags`: The list of instance tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during cluster or node pool creation. Each tag within the list must comply with RFC1035. + + * `preemptible`: Whether the nodes are created as preemptible VM instances. See: https://cloud.google.com/compute/docs/instances/preemptible for more information about preemptible VM instances. + + * `master_auth`: The authentication information for accessing the master endpoint. + + * `username`: The username to use for HTTP basic authentication to the master endpoint. + + * `password`: The password to use for HTTP basic authentication to the master endpoint. Because the master endpoint is open to the Internet, you should create a strong password. + + * `clusterCaCertificate`: Base64-encoded public certificate that is the root of trust for the cluster. + + * `clientCertificate`: Base64-encoded public certificate used by clients to authenticate to the cluster endpoint. + + * `clientKey`: Base64-encoded private key used by clients to authenticate to the cluster endpoint. + + * `logging_service`: The logging service the cluster should use to write logs. Currently available options: logging.googleapis.com - the Google Cloud Logging service. none - no logs will be exported from the cluster. if left as an empty string,logging.googleapis.com will be used. + + * `monitoring_service`: The monitoring service the cluster should use to write metrics. Currently available options: monitoring.googleapis.com - the Google Cloud Monitoring service. none - no metrics will be exported from the cluster. if left as an empty string, monitoring.googleapis.com will be used. + + * `network`: The name of the Google Compute Engine network to which the cluster is connected. If left unspecified, the default network will be used. + + * `cluster_ipv4_cidr`: The IP address range of the container pods in this cluster, in CIDR notation (e.g. 10.96.0.0/14). Leave blank to have one automatically chosen or specify a /14 block in 10.0.0.0/8. + + * `addons_config`: Configurations for the various addons available to run in the cluster. + + * `httpLoadBalancing`: Configuration for the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster. + + * `horizontalPodAutoscaling`: Configuration for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods. + + * `subnetwork`: The name of the Google Compute Engine subnetwork to which the cluster is connected. + + * `endpoint`: The IP address of this cluster's master endpoint. The endpoint can be accessed from the internet at https://username:password@endpoint/ See the masterAuth property of this resource for username and password information. + + * `initial_cluster_version`: The software version of the master endpoint and kubelets used in the cluster when it was first created. The version can be upgraded over time. + + * `current_master_version`: The current software version of the master endpoint. + + * `current_node_version`: The current version of the node software components. If they are currently at multiple versions because they're in the process of being upgraded, this reflects the minimum version of all nodes. + + * `create_time`: The time the cluster was created, in RFC3339 text format. + + * `node_ipv4_cidr_size`: The size of the address space on each node for hosting containers. This is provisioned from within the container_ipv4_cidr range. + + * `services_ipv4_cidr`: The IP address range of the Kubernetes services in this cluster, in CIDR notation (e.g. 1.2.3.4/29). Service addresses are typically put in the last /16 from the container CIDR. + + * `current_node_count`: The number of nodes currently in the cluster. + + * `expire_time`: The time the cluster will be automatically deleted in RFC3339 text format. + + * `location`: The location where the cluster is deployed diff --git a/docs/resources/google_container_regional_clusters.md b/docs/resources/google_container_regional_clusters.md new file mode 100644 index 000000000..f8b280ecb --- /dev/null +++ b/docs/resources/google_container_regional_clusters.md @@ -0,0 +1,47 @@ +--- +title: About the RegionalCluster resource +platform: gcp +--- + + +## Syntax +A `google_container_regional_clusters` is used to test a Google RegionalCluster resource + +## Examples +``` +describe google_container_regional_clusters(project: 'chef-gcp-inspec', location: 'europe-west2') do + its('count') { should be >= 1 } + its('names') { should include 'inspec-gcp-regional-cluster' } + its('initial_node_counts') { should include '1'} +end +``` + +## Properties +Properties that can be accessed from the `google_container_regional_clusters` resource: + +See [google_container_regional_cluster.md](google_container_regional_cluster.md) for more detailed information + * `names`: an array of `google_container_regional_cluster` name + * `descriptions`: an array of `google_container_regional_cluster` description + * `initial_node_counts`: an array of `google_container_regional_cluster` initial_node_count + * `node_configs`: an array of `google_container_regional_cluster` node_config + * `master_auths`: an array of `google_container_regional_cluster` master_auth + * `logging_services`: an array of `google_container_regional_cluster` logging_service + * `monitoring_services`: an array of `google_container_regional_cluster` monitoring_service + * `networks`: an array of `google_container_regional_cluster` network + * `cluster_ipv4_cidrs`: an array of `google_container_regional_cluster` cluster_ipv4_cidr + * `addons_configs`: an array of `google_container_regional_cluster` addons_config + * `subnetworks`: an array of `google_container_regional_cluster` subnetwork + * `endpoints`: an array of `google_container_regional_cluster` endpoint + * `initial_cluster_versions`: an array of `google_container_regional_cluster` initial_cluster_version + * `current_master_versions`: an array of `google_container_regional_cluster` current_master_version + * `current_node_versions`: an array of `google_container_regional_cluster` current_node_version + * `create_times`: an array of `google_container_regional_cluster` create_time + * `node_ipv4_cidr_sizes`: an array of `google_container_regional_cluster` node_ipv4_cidr_size + * `services_ipv4_cidrs`: an array of `google_container_regional_cluster` services_ipv4_cidr + * `current_node_counts`: an array of `google_container_regional_cluster` current_node_count + * `expire_times`: an array of `google_container_regional_cluster` expire_time + * `locations`: an array of `google_container_regional_cluster` location + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google/container/property/regionalcluster_addons_config.rb b/libraries/google/container/property/regionalcluster_addons_config.rb new file mode 100644 index 000000000..f604c6109 --- /dev/null +++ b/libraries/google/container/property/regionalcluster_addons_config.rb @@ -0,0 +1,34 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/container/property/regionalcluster_horizontal_pod_autoscaling' +require 'google/container/property/regionalcluster_http_load_balancing' +module GoogleInSpec + module Container + module Property + class RegionalClusterAddonsconfig + attr_reader :http_load_balancing + + attr_reader :horizontal_pod_autoscaling + + def initialize(args = nil) + return if args.nil? + @http_load_balancing = GoogleInSpec::Container::Property::RegionalClusterHttploadbalancing.new(args['httpLoadBalancing']) + @horizontal_pod_autoscaling = GoogleInSpec::Container::Property::RegionalClusterHorizontalpodautoscaling.new(args['horizontalPodAutoscaling']) + end + end + end + end +end diff --git a/libraries/google/container/property/regionalcluster_horizontal_pod_autoscaling.rb b/libraries/google/container/property/regionalcluster_horizontal_pod_autoscaling.rb new file mode 100644 index 000000000..499901d34 --- /dev/null +++ b/libraries/google/container/property/regionalcluster_horizontal_pod_autoscaling.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Container + module Property + class RegionalClusterHorizontalpodautoscaling + attr_reader :disabled + + def initialize(args = nil) + return if args.nil? + @disabled = args['disabled'] + end + end + end + end +end diff --git a/libraries/google/container/property/regionalcluster_http_load_balancing.rb b/libraries/google/container/property/regionalcluster_http_load_balancing.rb new file mode 100644 index 000000000..08b5da8ae --- /dev/null +++ b/libraries/google/container/property/regionalcluster_http_load_balancing.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Container + module Property + class RegionalClusterHttploadbalancing + attr_reader :disabled + + def initialize(args = nil) + return if args.nil? + @disabled = args['disabled'] + end + end + end + end +end diff --git a/libraries/google/container/property/regionalcluster_master_auth.rb b/libraries/google/container/property/regionalcluster_master_auth.rb new file mode 100644 index 000000000..63ae6c527 --- /dev/null +++ b/libraries/google/container/property/regionalcluster_master_auth.rb @@ -0,0 +1,41 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Container + module Property + class RegionalClusterMasterauth + attr_reader :username + + attr_reader :password + + attr_reader :cluster_ca_certificate + + attr_reader :client_certificate + + attr_reader :client_key + + def initialize(args = nil) + return if args.nil? + @username = args['username'] + @password = args['password'] + @cluster_ca_certificate = args['clusterCaCertificate'] + @client_certificate = args['clientCertificate'] + @client_key = args['clientKey'] + end + end + end + end +end diff --git a/libraries/google/container/property/regionalcluster_node_config.rb b/libraries/google/container/property/regionalcluster_node_config.rb new file mode 100644 index 000000000..c75148f4d --- /dev/null +++ b/libraries/google/container/property/regionalcluster_node_config.rb @@ -0,0 +1,56 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Container + module Property + class RegionalClusterNodeconfig + attr_reader :machine_type + + attr_reader :disk_size_gb + + attr_reader :oauth_scopes + + attr_reader :service_account + + attr_reader :metadata + + attr_reader :image_type + + attr_reader :labels + + attr_reader :local_ssd_count + + attr_reader :tags + + attr_reader :preemptible + + def initialize(args = nil) + return if args.nil? + @machine_type = args['machineType'] + @disk_size_gb = args['diskSizeGb'] + @oauth_scopes = args['oauthScopes'] + @service_account = args['serviceAccount'] + @metadata = args['metadata'] + @image_type = args['imageType'] + @labels = args['labels'] + @local_ssd_count = args['localSsdCount'] + @tags = args['tags'] + @preemptible = args['preemptible'] + end + end + end + end +end diff --git a/libraries/google_container_regional_cluster.rb b/libraries/google_container_regional_cluster.rb new file mode 100644 index 000000000..c255f3505 --- /dev/null +++ b/libraries/google_container_regional_cluster.rb @@ -0,0 +1,96 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +require 'google/container/property/regionalcluster_addons_config' +require 'google/container/property/regionalcluster_horizontal_pod_autoscaling' +require 'google/container/property/regionalcluster_http_load_balancing' +require 'google/container/property/regionalcluster_master_auth' +require 'google/container/property/regionalcluster_node_config' + +# A provider to manage Google Kubernetes Engine resources. +class RegionalCluster < GcpResourceBase + name 'google_container_regional_cluster' + desc 'RegionalCluster' + supports platform: 'gcp' + + attr_reader :name + attr_reader :description + attr_reader :initial_node_count + attr_reader :node_config + attr_reader :master_auth + attr_reader :logging_service + attr_reader :monitoring_service + attr_reader :network + attr_reader :cluster_ipv4_cidr + attr_reader :addons_config + attr_reader :subnetwork + attr_reader :endpoint + attr_reader :initial_cluster_version + attr_reader :current_master_version + attr_reader :current_node_version + attr_reader :create_time + attr_reader :node_ipv4_cidr_size + attr_reader :services_ipv4_cidr + attr_reader :current_node_count + attr_reader :expire_time + attr_reader :location + def base + 'https://container.googleapis.com/v1/' + end + + def url + 'projects/{{project}}/locations/{{location}}/clusters/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @name = @fetched['name'] + @description = @fetched['description'] + @initial_node_count = @fetched['initialNodeCount'] + @node_config = GoogleInSpec::Container::Property::RegionalClusterNodeconfig.new(@fetched['nodeConfig']) + @master_auth = GoogleInSpec::Container::Property::RegionalClusterMasterauth.new(@fetched['masterAuth']) + @logging_service = @fetched['loggingService'] + @monitoring_service = @fetched['monitoringService'] + @network = @fetched['network'] + @cluster_ipv4_cidr = @fetched['clusterIpv4Cidr'] + @addons_config = GoogleInSpec::Container::Property::RegionalClusterAddonsconfig.new(@fetched['addonsConfig']) + @subnetwork = @fetched['subnetwork'] + @endpoint = @fetched['endpoint'] + @initial_cluster_version = @fetched['initialClusterVersion'] + @current_master_version = @fetched['currentMasterVersion'] + @current_node_version = @fetched['currentNodeVersion'] + @create_time = parse_time_string(@fetched['createTime']) + @node_ipv4_cidr_size = @fetched['nodeIpv4CidrSize'] + @services_ipv4_cidr = @fetched['servicesIpv4Cidr'] + @current_node_count = @fetched['currentNodeCount'] + @expire_time = parse_time_string(@fetched['expireTime']) + @location = @fetched['location'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_container_regional_clusters.rb b/libraries/google_container_regional_clusters.rb new file mode 100644 index 000000000..89bf16ec6 --- /dev/null +++ b/libraries/google_container_regional_clusters.rb @@ -0,0 +1,122 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class RegionalClusters < GcpResourceBase + name 'google_container_regional_clusters' + desc 'RegionalCluster plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:names, field: :name) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:initial_node_counts, field: :initial_node_count) + filter_table_config.add(:node_configs, field: :node_config) + filter_table_config.add(:master_auths, field: :master_auth) + filter_table_config.add(:logging_services, field: :logging_service) + filter_table_config.add(:monitoring_services, field: :monitoring_service) + filter_table_config.add(:networks, field: :network) + filter_table_config.add(:cluster_ipv4_cidrs, field: :cluster_ipv4_cidr) + filter_table_config.add(:addons_configs, field: :addons_config) + filter_table_config.add(:subnetworks, field: :subnetwork) + filter_table_config.add(:endpoints, field: :endpoint) + filter_table_config.add(:initial_cluster_versions, field: :initial_cluster_version) + filter_table_config.add(:current_master_versions, field: :current_master_version) + filter_table_config.add(:current_node_versions, field: :current_node_version) + filter_table_config.add(:create_times, field: :create_time) + filter_table_config.add(:node_ipv4_cidr_sizes, field: :node_ipv4_cidr_size) + filter_table_config.add(:services_ipv4_cidrs, field: :services_ipv4_cidr) + filter_table_config.add(:current_node_counts, field: :current_node_count) + filter_table_config.add(:expire_times, field: :expire_time) + filter_table_config.add(:locations, field: :location) + + filter_table_config.connect(self, :table) + + def base + 'https://container.googleapis.com/v1/' + end + + def url + 'projects/{{project}}/locations/{{location}}/clusters' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('clusters') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'name' => ->(obj) { return :name, obj['name'] }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'initialNodeCount' => ->(obj) { return :initial_node_count, obj['initialNodeCount'] }, + 'nodeConfig' => ->(obj) { return :node_config, GoogleInSpec::Container::Property::RegionalClusterNodeconfig.new(obj['nodeConfig']) }, + 'masterAuth' => ->(obj) { return :master_auth, GoogleInSpec::Container::Property::RegionalClusterMasterauth.new(obj['masterAuth']) }, + 'loggingService' => ->(obj) { return :logging_service, obj['loggingService'] }, + 'monitoringService' => ->(obj) { return :monitoring_service, obj['monitoringService'] }, + 'network' => ->(obj) { return :network, obj['network'] }, + 'clusterIpv4Cidr' => ->(obj) { return :cluster_ipv4_cidr, obj['clusterIpv4Cidr'] }, + 'addonsConfig' => ->(obj) { return :addons_config, GoogleInSpec::Container::Property::RegionalClusterAddonsconfig.new(obj['addonsConfig']) }, + 'subnetwork' => ->(obj) { return :subnetwork, obj['subnetwork'] }, + 'endpoint' => ->(obj) { return :endpoint, obj['endpoint'] }, + 'initialClusterVersion' => ->(obj) { return :initial_cluster_version, obj['initialClusterVersion'] }, + 'currentMasterVersion' => ->(obj) { return :current_master_version, obj['currentMasterVersion'] }, + 'currentNodeVersion' => ->(obj) { return :current_node_version, obj['currentNodeVersion'] }, + 'createTime' => ->(obj) { return :create_time, parse_time_string(obj['createTime']) }, + 'nodeIpv4CidrSize' => ->(obj) { return :node_ipv4_cidr_size, obj['nodeIpv4CidrSize'] }, + 'servicesIpv4Cidr' => ->(obj) { return :services_ipv4_cidr, obj['servicesIpv4Cidr'] }, + 'currentNodeCount' => ->(obj) { return :current_node_count, obj['currentNodeCount'] }, + 'expireTime' => ->(obj) { return :expire_time, parse_time_string(obj['expireTime']) }, + 'location' => ->(obj) { return :location, obj['location'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index 1977b3f0b..f220f4fe3 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -74,6 +74,10 @@ variable "target_tcp_proxy" { type = "map" } +variable "regional_cluster" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -308,4 +312,11 @@ resource "google_compute_target_tcp_proxy" "gcp-inspec-target-tcp-proxy" { name = "${var.target_tcp_proxy["name"]}" proxy_header = "${var.target_tcp_proxy["proxy_header"]}" backend_service = "${google_compute_backend_service.gcp-inspec-tcp-backend-service.self_link}" +} + +resource "google_container_cluster" "gcp-inspec-regional-cluster" { + project = "${var.gcp_project_id}" + name = "${var.regional_cluster["name"]}" + region = "${var.regional_cluster["region"]}" + initial_node_count = "${var.regional_cluster["initial_node_count"]}" } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index db11d1e32..0cd8e33ef 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -114,4 +114,9 @@ global_forwarding_rule: target_tcp_proxy: name: inspec-gcp-target-tcp-proxy proxy_header: NONE - tcp_backend_service_name: gcp-inspec-tcp-backend-service \ No newline at end of file + tcp_backend_service_name: gcp-inspec-tcp-backend-service + +regional_cluster: + name: inspec-gcp-regional-cluster + region: europe-west2 + initial_node_count: 1 diff --git a/test/integration/verify/controls/google_container_regional_cluster.rb b/test/integration/verify/controls/google_container_regional_cluster.rb new file mode 100644 index 000000000..14bc5e0dc --- /dev/null +++ b/test/integration/verify/controls/google_container_regional_cluster.rb @@ -0,0 +1,36 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_container_regional_cluster resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +regional_cluster = attribute('regional_cluster', default: { + "name": "inspec-gcp-regional-cluster", + "region": "europe-west2", + "initial_node_count": 1 +}, description: 'Regional container cluster definition') +control 'google_container_regional_cluster-1.0' do + impact 1.0 + title 'google_container_regional_cluster resource test' + + describe google_container_regional_cluster(project: gcp_project_id, location: regional_cluster['region'], name: regional_cluster['name']) do + it { should exist } + its('initial_node_count') { should eq regional_cluster['initial_node_count']} + its('location') { should eq regional_cluster['region']} + end + + describe google_container_regional_cluster(project: gcp_project_id, location: regional_cluster['region'], name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_container_regional_clusters.rb b/test/integration/verify/controls/google_container_regional_clusters.rb new file mode 100644 index 000000000..33da71ca9 --- /dev/null +++ b/test/integration/verify/controls/google_container_regional_clusters.rb @@ -0,0 +1,32 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_container_regional_clusters resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +regional_cluster = attribute('regional_cluster', default: { + "name": "inspec-gcp-regional-cluster", + "region": "europe-west2", + "initial_node_count": 1 +}, description: 'Regional container cluster definition') +control 'google_container_regional_clusters-1.0' do + impact 1.0 + title 'google_container_regional_clusters resource test' + + describe google_container_regional_clusters(project: gcp_project_id, location: regional_cluster['region']) do + its('count') { should be >= 1 } + its('names') { should include regional_cluster['name'] } + its('initial_node_counts') { should include regional_cluster['initial_node_count']} + end +end From ec04e25b773f8c0d79281d26085232711041765d Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Wed, 30 Jan 2019 23:40:46 +0000 Subject: [PATCH 11/30] Add InSpec support for compute routes Signed-off-by: Modular Magician --- docs/resources/google_compute_route.md | 48 +++++++++ docs/resources/google_compute_routes.md | 38 +++++++ libraries/google_compute_route.rb | 71 ++++++++++++ libraries/google_compute_routes.rb | 102 ++++++++++++++++++ test/integration/build/gcp-mm.tf | 14 +++ .../configuration/mm-attributes.yml | 6 ++ .../verify/controls/google_compute_route.rb | 40 +++++++ .../verify/controls/google_compute_routes.rb | 35 ++++++ 8 files changed, 354 insertions(+) create mode 100644 docs/resources/google_compute_route.md create mode 100644 docs/resources/google_compute_routes.md create mode 100644 libraries/google_compute_route.rb create mode 100644 libraries/google_compute_routes.rb create mode 100644 test/integration/verify/controls/google_compute_route.rb create mode 100644 test/integration/verify/controls/google_compute_routes.rb diff --git a/docs/resources/google_compute_route.md b/docs/resources/google_compute_route.md new file mode 100644 index 000000000..787b385bb --- /dev/null +++ b/docs/resources/google_compute_route.md @@ -0,0 +1,48 @@ +--- +title: About the Route resource +platform: gcp +--- + + +## Syntax +A `google_compute_route` is used to test a Google Route resource + +## Examples +``` +describe google_compute_route(project: 'chef-gcp-inspec', name: 'inspec-gcp-route') do + it { should exist } + its('dest_range') { should eq '15.0.0.0/24' } + its('network') { should match /\/gcp-inspec-network$/ } + its('next_hop_ip') { should eq '10.2.0.1' } + its('priority') { should eq '100' } +end + +describe google_compute_route(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_route` resource: + + * `dest_range`: The destination range of outgoing packets that this route applies to. Only IPv4 is supported. + + * `description`: An optional description of this resource. Provide this property when you create the resource. + + * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `network`: The network that this route applies to. + + * `priority`: The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. In the case of two routes with equal prefix length, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535. + + * `tags`: A list of instance tags to which this route applies. + + * `next_hop_gateway`: URL to a gateway that should handle matching packets. Currently, you can only specify the internet gateway, using a full or partial valid URL: * https://www.googleapis.com/compute/v1/projects/project/ global/gateways/default-internet-gateway * projects/project/global/gateways/default-internet-gateway * global/gateways/default-internet-gateway + + * `next_hop_instance`: URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example: * https://www.googleapis.com/compute/v1/projects/project/zones/zone/ instances/instance * projects/project/zones/zone/instances/instance * zones/zone/instances/instance + + * `next_hop_ip`: Network IP address of an instance that should handle matching packets. + + * `next_hop_vpn_tunnel`: URL to a VpnTunnel that should handle matching packets. + + * `next_hop_network`: URL to a Network that should handle matching packets. diff --git a/docs/resources/google_compute_routes.md b/docs/resources/google_compute_routes.md new file mode 100644 index 000000000..d79db273c --- /dev/null +++ b/docs/resources/google_compute_routes.md @@ -0,0 +1,38 @@ +--- +title: About the Route resource +platform: gcp +--- + + +## Syntax +A `google_compute_routes` is used to test a Google Route resource + +## Examples +``` +describe google_compute_routes(project: 'chef-gcp-inspec') do + its('count') { should be >= 1 } + its('dest_ranges') { should include '15.0.0.0/24' } + its('next_hop_ips') { should include '10.2.0.1' } + its('priorities') { should include '100' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_routes` resource: + +See [google_compute_route.md](google_compute_route.md) for more detailed information + * `dest_ranges`: an array of `google_compute_route` dest_range + * `descriptions`: an array of `google_compute_route` description + * `names`: an array of `google_compute_route` name + * `networks`: an array of `google_compute_route` network + * `priorities`: an array of `google_compute_route` priority + * `tags`: an array of `google_compute_route` tags + * `next_hop_gateways`: an array of `google_compute_route` next_hop_gateway + * `next_hop_instances`: an array of `google_compute_route` next_hop_instance + * `next_hop_ips`: an array of `google_compute_route` next_hop_ip + * `next_hop_vpn_tunnels`: an array of `google_compute_route` next_hop_vpn_tunnel + * `next_hop_networks`: an array of `google_compute_route` next_hop_network + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google_compute_route.rb b/libraries/google_compute_route.rb new file mode 100644 index 000000000..27da100a3 --- /dev/null +++ b/libraries/google_compute_route.rb @@ -0,0 +1,71 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' + +# A provider to manage Google Compute Engine resources. +class Route < GcpResourceBase + name 'google_compute_route' + desc 'Route' + supports platform: 'gcp' + + attr_reader :dest_range + attr_reader :description + attr_reader :name + attr_reader :network + attr_reader :priority + attr_reader :tags + attr_reader :next_hop_gateway + attr_reader :next_hop_instance + attr_reader :next_hop_ip + attr_reader :next_hop_vpn_tunnel + attr_reader :next_hop_network + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/routes/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @dest_range = @fetched['destRange'] + @description = @fetched['description'] + @name = @fetched['name'] + @network = @fetched['network'] + @priority = @fetched['priority'] + @tags = @fetched['tags'] + @next_hop_gateway = @fetched['nextHopGateway'] + @next_hop_instance = @fetched['nextHopInstance'] + @next_hop_ip = @fetched['nextHopIp'] + @next_hop_vpn_tunnel = @fetched['nextHopVpnTunnel'] + @next_hop_network = @fetched['nextHopNetwork'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_routes.rb b/libraries/google_compute_routes.rb new file mode 100644 index 000000000..af08fcf63 --- /dev/null +++ b/libraries/google_compute_routes.rb @@ -0,0 +1,102 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class Routes < GcpResourceBase + name 'google_compute_routes' + desc 'Route plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:dest_ranges, field: :dest_range) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:networks, field: :network) + filter_table_config.add(:priorities, field: :priority) + filter_table_config.add(:tags, field: :tags) + filter_table_config.add(:next_hop_gateways, field: :next_hop_gateway) + filter_table_config.add(:next_hop_instances, field: :next_hop_instance) + filter_table_config.add(:next_hop_ips, field: :next_hop_ip) + filter_table_config.add(:next_hop_vpn_tunnels, field: :next_hop_vpn_tunnel) + filter_table_config.add(:next_hop_networks, field: :next_hop_network) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/routes' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'destRange' => ->(obj) { return :dest_range, obj['destRange'] }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'network' => ->(obj) { return :network, obj['network'] }, + 'priority' => ->(obj) { return :priority, obj['priority'] }, + 'tags' => ->(obj) { return :tags, obj['tags'] }, + 'nextHopGateway' => ->(obj) { return :next_hop_gateway, obj['nextHopGateway'] }, + 'nextHopInstance' => ->(obj) { return :next_hop_instance, obj['nextHopInstance'] }, + 'nextHopIp' => ->(obj) { return :next_hop_ip, obj['nextHopIp'] }, + 'nextHopVpnTunnel' => ->(obj) { return :next_hop_vpn_tunnel, obj['nextHopVpnTunnel'] }, + 'nextHopNetwork' => ->(obj) { return :next_hop_network, obj['nextHopNetwork'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index f220f4fe3..515866644 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -78,6 +78,10 @@ variable "regional_cluster" { type = "map" } +variable "route" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -319,4 +323,14 @@ resource "google_container_cluster" "gcp-inspec-regional-cluster" { name = "${var.regional_cluster["name"]}" region = "${var.regional_cluster["region"]}" initial_node_count = "${var.regional_cluster["initial_node_count"]}" +} + +resource "google_compute_route" "gcp-inspec-route" { + project = "${var.gcp_project_id}" + name = "${var.route["name"]}" + dest_range = "${var.route["dest_range"]}" + network = "${google_compute_network.inspec-gcp-network.name}" + next_hop_ip = "${var.route["next_hop_ip"]}" + priority = "${var.route["priority"]}" + depends_on = ["google_compute_subnetwork.inspec-gcp-subnetwork"] } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index 0cd8e33ef..374183d97 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -120,3 +120,9 @@ regional_cluster: name: inspec-gcp-regional-cluster region: europe-west2 initial_node_count: 1 + +route: + name: inspec-gcp-route + dest_range: 15.0.0.0/24 + next_hop_ip: 10.2.0.1 + priority: 100 diff --git a/test/integration/verify/controls/google_compute_route.rb b/test/integration/verify/controls/google_compute_route.rb new file mode 100644 index 000000000..7792f1816 --- /dev/null +++ b/test/integration/verify/controls/google_compute_route.rb @@ -0,0 +1,40 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_route resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +route = attribute('route', default: { + "name": "inspec-gcp-route", + "dest_range": "15.0.0.0/24", + "next_hop_ip": "10.2.0.1", + "priority": 100 +}, description: 'Compute route description') +gcp_network_name = attribute(:gcp_network_name, default: 'gcp_network_name', description: 'GCP network name') +control 'google_compute_route-1.0' do + impact 1.0 + title 'google_compute_route resource test' + + describe google_compute_route(project: gcp_project_id, name: route['name']) do + it { should exist } + its('dest_range') { should eq route['dest_range'] } + its('network') { should match /\/#{gcp_network_name}$/ } + its('next_hop_ip') { should eq route['next_hop_ip'] } + its('priority') { should eq route['priority'] } + end + + describe google_compute_route(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_routes.rb b/test/integration/verify/controls/google_compute_routes.rb new file mode 100644 index 000000000..29ce688a0 --- /dev/null +++ b/test/integration/verify/controls/google_compute_routes.rb @@ -0,0 +1,35 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_routes resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +route = attribute('route', default: { + "name": "inspec-gcp-route", + "dest_range": "15.0.0.0/24", + "next_hop_ip": "10.2.0.1", + "priority": 100 +}, description: 'Compute route description') +gcp_network_name = attribute(:gcp_network_name, default: 'gcp_network_name', description: 'GCP network name') +control 'google_compute_routes-1.0' do + impact 1.0 + title 'google_compute_routes resource test' + + describe google_compute_routes(project: gcp_project_id) do + its('count') { should be >= 1 } + its('dest_ranges') { should include route['dest_range'] } + its('next_hop_ips') { should include route['next_hop_ip'] } + its('priorities') { should include route['priority'] } + end +end From a167f4ccb4ae114311fb3241806553d654316239 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Thu, 31 Jan 2019 18:07:02 +0000 Subject: [PATCH 12/30] Update InSpec doc template to use underscored name in title box Signed-off-by: Modular Magician --- docs/resources/google_cloudbuild_trigger.md | 3 +-- docs/resources/google_cloudbuild_triggers.md | 3 +-- docs/resources/google_compute_autoscaler.md | 3 +-- docs/resources/google_compute_autoscalers.md | 3 +-- docs/resources/google_compute_backend_service.md | 3 +-- docs/resources/google_compute_backend_services.md | 3 +-- docs/resources/google_compute_disk.md | 3 +-- docs/resources/google_compute_disks.md | 3 +-- docs/resources/google_compute_global_address.md | 3 +-- docs/resources/google_compute_global_addresses.md | 3 +-- docs/resources/google_compute_global_forwarding_rule.md | 3 +-- docs/resources/google_compute_global_forwarding_rules.md | 3 +-- docs/resources/google_compute_health_check.md | 3 +-- docs/resources/google_compute_health_checks.md | 3 +-- docs/resources/google_compute_http_health_check.md | 3 +-- docs/resources/google_compute_http_health_checks.md | 3 +-- docs/resources/google_compute_https_health_check.md | 3 +-- docs/resources/google_compute_https_health_checks.md | 3 +-- docs/resources/google_compute_instance_group_manager.md | 3 +-- docs/resources/google_compute_instance_group_managers.md | 3 +-- docs/resources/google_compute_instance_template.md | 3 +-- docs/resources/google_compute_instance_templates.md | 3 +-- docs/resources/google_compute_route.md | 3 +-- docs/resources/google_compute_routes.md | 3 +-- docs/resources/google_compute_ssl_policies.md | 3 +-- docs/resources/google_compute_ssl_policy.md | 3 +-- docs/resources/google_compute_target_http_proxies.md | 3 +-- docs/resources/google_compute_target_http_proxy.md | 3 +-- docs/resources/google_compute_target_pool.md | 3 +-- docs/resources/google_compute_target_pools.md | 3 +-- docs/resources/google_compute_target_tcp_proxies.md | 3 +-- docs/resources/google_compute_target_tcp_proxy.md | 3 +-- docs/resources/google_compute_url_map.md | 3 +-- docs/resources/google_compute_url_maps.md | 3 +-- docs/resources/google_container_regional_cluster.md | 3 +-- docs/resources/google_container_regional_clusters.md | 3 +-- docs/resources/google_dns_resource_record_set.md | 3 +-- docs/resources/google_dns_resource_record_sets.md | 3 +-- docs/resources/google_pubsub_subscription.md | 3 +-- docs/resources/google_pubsub_subscriptions.md | 3 +-- docs/resources/google_pubsub_topic.md | 3 +-- docs/resources/google_pubsub_topics.md | 3 +-- test/integration/build/gcp-mm.tf | 4 ++++ 43 files changed, 46 insertions(+), 84 deletions(-) diff --git a/docs/resources/google_cloudbuild_trigger.md b/docs/resources/google_cloudbuild_trigger.md index 5cefb56d9..0cb4e3f4a 100644 --- a/docs/resources/google_cloudbuild_trigger.md +++ b/docs/resources/google_cloudbuild_trigger.md @@ -1,9 +1,8 @@ --- -title: About the Trigger resource +title: About the google_cloudbuild_trigger resource platform: gcp --- - ## Syntax A `google_cloudbuild_trigger` is used to test a Google Trigger resource diff --git a/docs/resources/google_cloudbuild_triggers.md b/docs/resources/google_cloudbuild_triggers.md index c501ddc93..65b56a458 100644 --- a/docs/resources/google_cloudbuild_triggers.md +++ b/docs/resources/google_cloudbuild_triggers.md @@ -1,9 +1,8 @@ --- -title: About the Trigger resource +title: About the google_cloudbuild_triggers resource platform: gcp --- - ## Syntax A `google_cloudbuild_triggers` is used to test a Google Trigger resource diff --git a/docs/resources/google_compute_autoscaler.md b/docs/resources/google_compute_autoscaler.md index 8ce7f1302..080cb7b69 100644 --- a/docs/resources/google_compute_autoscaler.md +++ b/docs/resources/google_compute_autoscaler.md @@ -1,9 +1,8 @@ --- -title: About the Autoscaler resource +title: About the google_compute_autoscaler resource platform: gcp --- - ## Syntax A `google_compute_autoscaler` is used to test a Google Autoscaler resource diff --git a/docs/resources/google_compute_autoscalers.md b/docs/resources/google_compute_autoscalers.md index 0f076076e..5012cc96b 100644 --- a/docs/resources/google_compute_autoscalers.md +++ b/docs/resources/google_compute_autoscalers.md @@ -1,9 +1,8 @@ --- -title: About the Autoscaler resource +title: About the google_compute_autoscalers resource platform: gcp --- - ## Syntax A `google_compute_autoscalers` is used to test a Google Autoscaler resource diff --git a/docs/resources/google_compute_backend_service.md b/docs/resources/google_compute_backend_service.md index a39c873c9..8a7d426eb 100644 --- a/docs/resources/google_compute_backend_service.md +++ b/docs/resources/google_compute_backend_service.md @@ -1,9 +1,8 @@ --- -title: About the BackendService resource +title: About the google_compute_backend_service resource platform: gcp --- - ## Syntax A `google_compute_backend_service` is used to test a Google BackendService resource diff --git a/docs/resources/google_compute_backend_services.md b/docs/resources/google_compute_backend_services.md index 98ec3896d..c8373da98 100644 --- a/docs/resources/google_compute_backend_services.md +++ b/docs/resources/google_compute_backend_services.md @@ -1,9 +1,8 @@ --- -title: About the BackendService resource +title: About the google_compute_backend_services resource platform: gcp --- - ## Syntax A `google_compute_backend_services` is used to test a Google BackendService resource diff --git a/docs/resources/google_compute_disk.md b/docs/resources/google_compute_disk.md index f1a0a8f7e..bfada18ce 100644 --- a/docs/resources/google_compute_disk.md +++ b/docs/resources/google_compute_disk.md @@ -1,9 +1,8 @@ --- -title: About the Disk resource +title: About the google_compute_disk resource platform: gcp --- - ## Syntax A `google_compute_disk` is used to test a Google Disk resource diff --git a/docs/resources/google_compute_disks.md b/docs/resources/google_compute_disks.md index e9442c5ac..b9c7e43fc 100644 --- a/docs/resources/google_compute_disks.md +++ b/docs/resources/google_compute_disks.md @@ -1,9 +1,8 @@ --- -title: About the Disk resource +title: About the google_compute_disks resource platform: gcp --- - ## Syntax A `google_compute_disks` is used to test a Google Disk resource diff --git a/docs/resources/google_compute_global_address.md b/docs/resources/google_compute_global_address.md index 85c913ad6..b00f2ce7e 100644 --- a/docs/resources/google_compute_global_address.md +++ b/docs/resources/google_compute_global_address.md @@ -1,9 +1,8 @@ --- -title: About the GlobalAddress resource +title: About the google_compute_global_address resource platform: gcp --- - ## Syntax A `google_compute_global_address` is used to test a Google GlobalAddress resource diff --git a/docs/resources/google_compute_global_addresses.md b/docs/resources/google_compute_global_addresses.md index c4d45ac12..4c9a7530f 100644 --- a/docs/resources/google_compute_global_addresses.md +++ b/docs/resources/google_compute_global_addresses.md @@ -1,9 +1,8 @@ --- -title: About the GlobalAddress resource +title: About the google_compute_global_addresses resource platform: gcp --- - ## Syntax A `google_compute_global_addresses` is used to test a Google GlobalAddress resource diff --git a/docs/resources/google_compute_global_forwarding_rule.md b/docs/resources/google_compute_global_forwarding_rule.md index 4642d5dd8..f6256481e 100644 --- a/docs/resources/google_compute_global_forwarding_rule.md +++ b/docs/resources/google_compute_global_forwarding_rule.md @@ -1,9 +1,8 @@ --- -title: About the GlobalForwardingRule resource +title: About the google_compute_global_forwarding_rule resource platform: gcp --- - ## Syntax A `google_compute_global_forwarding_rule` is used to test a Google GlobalForwardingRule resource diff --git a/docs/resources/google_compute_global_forwarding_rules.md b/docs/resources/google_compute_global_forwarding_rules.md index 5c451c975..e48105f97 100644 --- a/docs/resources/google_compute_global_forwarding_rules.md +++ b/docs/resources/google_compute_global_forwarding_rules.md @@ -1,9 +1,8 @@ --- -title: About the GlobalForwardingRule resource +title: About the google_compute_global_forwarding_rules resource platform: gcp --- - ## Syntax A `google_compute_global_forwarding_rules` is used to test a Google GlobalForwardingRule resource diff --git a/docs/resources/google_compute_health_check.md b/docs/resources/google_compute_health_check.md index 8f0e68b56..5687272c5 100644 --- a/docs/resources/google_compute_health_check.md +++ b/docs/resources/google_compute_health_check.md @@ -1,9 +1,8 @@ --- -title: About the HealthCheck resource +title: About the google_compute_health_check resource platform: gcp --- - ## Syntax A `google_compute_health_check` is used to test a Google HealthCheck resource diff --git a/docs/resources/google_compute_health_checks.md b/docs/resources/google_compute_health_checks.md index 58eb9651c..a11c784ba 100644 --- a/docs/resources/google_compute_health_checks.md +++ b/docs/resources/google_compute_health_checks.md @@ -1,9 +1,8 @@ --- -title: About the HealthCheck resource +title: About the google_compute_health_checks resource platform: gcp --- - ## Syntax A `google_compute_health_checks` is used to test a Google HealthCheck resource diff --git a/docs/resources/google_compute_http_health_check.md b/docs/resources/google_compute_http_health_check.md index ffeaeb4e9..1bb332599 100644 --- a/docs/resources/google_compute_http_health_check.md +++ b/docs/resources/google_compute_http_health_check.md @@ -1,9 +1,8 @@ --- -title: About the HttpHealthCheck resource +title: About the google_compute_http_health_check resource platform: gcp --- - ## Syntax A `google_compute_http_health_check` is used to test a Google HttpHealthCheck resource diff --git a/docs/resources/google_compute_http_health_checks.md b/docs/resources/google_compute_http_health_checks.md index 68be3ca4c..d0a413fee 100644 --- a/docs/resources/google_compute_http_health_checks.md +++ b/docs/resources/google_compute_http_health_checks.md @@ -1,9 +1,8 @@ --- -title: About the HttpHealthCheck resource +title: About the google_compute_http_health_checks resource platform: gcp --- - ## Syntax A `google_compute_http_health_checks` is used to test a Google HttpHealthCheck resource diff --git a/docs/resources/google_compute_https_health_check.md b/docs/resources/google_compute_https_health_check.md index 300688155..3b550e484 100644 --- a/docs/resources/google_compute_https_health_check.md +++ b/docs/resources/google_compute_https_health_check.md @@ -1,9 +1,8 @@ --- -title: About the HttpsHealthCheck resource +title: About the google_compute_https_health_check resource platform: gcp --- - ## Syntax A `google_compute_https_health_check` is used to test a Google HttpsHealthCheck resource diff --git a/docs/resources/google_compute_https_health_checks.md b/docs/resources/google_compute_https_health_checks.md index 9ef01d5f8..4fa507d2b 100644 --- a/docs/resources/google_compute_https_health_checks.md +++ b/docs/resources/google_compute_https_health_checks.md @@ -1,9 +1,8 @@ --- -title: About the HttpsHealthCheck resource +title: About the google_compute_https_health_checks resource platform: gcp --- - ## Syntax A `google_compute_https_health_checks` is used to test a Google HttpsHealthCheck resource diff --git a/docs/resources/google_compute_instance_group_manager.md b/docs/resources/google_compute_instance_group_manager.md index 42f256204..378467686 100644 --- a/docs/resources/google_compute_instance_group_manager.md +++ b/docs/resources/google_compute_instance_group_manager.md @@ -1,9 +1,8 @@ --- -title: About the InstanceGroupManager resource +title: About the google_compute_instance_group_manager resource platform: gcp --- - ## Syntax A `google_compute_instance_group_manager` is used to test a Google InstanceGroupManager resource diff --git a/docs/resources/google_compute_instance_group_managers.md b/docs/resources/google_compute_instance_group_managers.md index a5cf98836..2bcb6fde1 100644 --- a/docs/resources/google_compute_instance_group_managers.md +++ b/docs/resources/google_compute_instance_group_managers.md @@ -1,9 +1,8 @@ --- -title: About the InstanceGroupManager resource +title: About the google_compute_instance_group_managers resource platform: gcp --- - ## Syntax A `google_compute_instance_group_managers` is used to test a Google InstanceGroupManager resource diff --git a/docs/resources/google_compute_instance_template.md b/docs/resources/google_compute_instance_template.md index be2c516ec..019283365 100644 --- a/docs/resources/google_compute_instance_template.md +++ b/docs/resources/google_compute_instance_template.md @@ -1,9 +1,8 @@ --- -title: About the InstanceTemplate resource +title: About the google_compute_instance_template resource platform: gcp --- - ## Syntax A `google_compute_instance_template` is used to test a Google InstanceTemplate resource diff --git a/docs/resources/google_compute_instance_templates.md b/docs/resources/google_compute_instance_templates.md index abc173421..ca0973ef1 100644 --- a/docs/resources/google_compute_instance_templates.md +++ b/docs/resources/google_compute_instance_templates.md @@ -1,9 +1,8 @@ --- -title: About the InstanceTemplate resource +title: About the google_compute_instance_templates resource platform: gcp --- - ## Syntax A `google_compute_instance_templates` is used to test a Google InstanceTemplate resource diff --git a/docs/resources/google_compute_route.md b/docs/resources/google_compute_route.md index 787b385bb..f1f295ee4 100644 --- a/docs/resources/google_compute_route.md +++ b/docs/resources/google_compute_route.md @@ -1,9 +1,8 @@ --- -title: About the Route resource +title: About the google_compute_route resource platform: gcp --- - ## Syntax A `google_compute_route` is used to test a Google Route resource diff --git a/docs/resources/google_compute_routes.md b/docs/resources/google_compute_routes.md index d79db273c..9945b7a60 100644 --- a/docs/resources/google_compute_routes.md +++ b/docs/resources/google_compute_routes.md @@ -1,9 +1,8 @@ --- -title: About the Route resource +title: About the google_compute_routes resource platform: gcp --- - ## Syntax A `google_compute_routes` is used to test a Google Route resource diff --git a/docs/resources/google_compute_ssl_policies.md b/docs/resources/google_compute_ssl_policies.md index 8e9ddb678..191879003 100644 --- a/docs/resources/google_compute_ssl_policies.md +++ b/docs/resources/google_compute_ssl_policies.md @@ -1,9 +1,8 @@ --- -title: About the SslPolicy resource +title: About the google_compute_ssl_policies resource platform: gcp --- - ## Syntax A `google_compute_ssl_policies` is used to test a Google SslPolicy resource diff --git a/docs/resources/google_compute_ssl_policy.md b/docs/resources/google_compute_ssl_policy.md index 827066f17..baf91eed1 100644 --- a/docs/resources/google_compute_ssl_policy.md +++ b/docs/resources/google_compute_ssl_policy.md @@ -1,9 +1,8 @@ --- -title: About the SslPolicy resource +title: About the google_compute_ssl_policy resource platform: gcp --- - ## Syntax A `google_compute_ssl_policy` is used to test a Google SslPolicy resource diff --git a/docs/resources/google_compute_target_http_proxies.md b/docs/resources/google_compute_target_http_proxies.md index 9a5c0f7c7..f25b76af4 100644 --- a/docs/resources/google_compute_target_http_proxies.md +++ b/docs/resources/google_compute_target_http_proxies.md @@ -1,9 +1,8 @@ --- -title: About the TargetHttpProxy resource +title: About the google_compute_target_http_proxies resource platform: gcp --- - ## Syntax A `google_compute_target_http_proxies` is used to test a Google TargetHttpProxy resource diff --git a/docs/resources/google_compute_target_http_proxy.md b/docs/resources/google_compute_target_http_proxy.md index 3ca7b2c93..04cf987b7 100644 --- a/docs/resources/google_compute_target_http_proxy.md +++ b/docs/resources/google_compute_target_http_proxy.md @@ -1,9 +1,8 @@ --- -title: About the TargetHttpProxy resource +title: About the google_compute_target_http_proxy resource platform: gcp --- - ## Syntax A `google_compute_target_http_proxy` is used to test a Google TargetHttpProxy resource diff --git a/docs/resources/google_compute_target_pool.md b/docs/resources/google_compute_target_pool.md index 5a4cc4aec..6b128d2b4 100644 --- a/docs/resources/google_compute_target_pool.md +++ b/docs/resources/google_compute_target_pool.md @@ -1,9 +1,8 @@ --- -title: About the TargetPool resource +title: About the google_compute_target_pool resource platform: gcp --- - ## Syntax A `google_compute_target_pool` is used to test a Google TargetPool resource diff --git a/docs/resources/google_compute_target_pools.md b/docs/resources/google_compute_target_pools.md index 7af189822..7f24378f5 100644 --- a/docs/resources/google_compute_target_pools.md +++ b/docs/resources/google_compute_target_pools.md @@ -1,9 +1,8 @@ --- -title: About the TargetPool resource +title: About the google_compute_target_pools resource platform: gcp --- - ## Syntax A `google_compute_target_pools` is used to test a Google TargetPool resource diff --git a/docs/resources/google_compute_target_tcp_proxies.md b/docs/resources/google_compute_target_tcp_proxies.md index 7a240dece..67847348d 100644 --- a/docs/resources/google_compute_target_tcp_proxies.md +++ b/docs/resources/google_compute_target_tcp_proxies.md @@ -1,9 +1,8 @@ --- -title: About the TargetTcpProxy resource +title: About the google_compute_target_tcp_proxies resource platform: gcp --- - ## Syntax A `google_compute_target_tcp_proxies` is used to test a Google TargetTcpProxy resource diff --git a/docs/resources/google_compute_target_tcp_proxy.md b/docs/resources/google_compute_target_tcp_proxy.md index 4a515d082..7da650ee0 100644 --- a/docs/resources/google_compute_target_tcp_proxy.md +++ b/docs/resources/google_compute_target_tcp_proxy.md @@ -1,9 +1,8 @@ --- -title: About the TargetTcpProxy resource +title: About the google_compute_target_tcp_proxy resource platform: gcp --- - ## Syntax A `google_compute_target_tcp_proxy` is used to test a Google TargetTcpProxy resource diff --git a/docs/resources/google_compute_url_map.md b/docs/resources/google_compute_url_map.md index be31db359..841478ee8 100644 --- a/docs/resources/google_compute_url_map.md +++ b/docs/resources/google_compute_url_map.md @@ -1,9 +1,8 @@ --- -title: About the UrlMap resource +title: About the google_compute_url_map resource platform: gcp --- - ## Syntax A `google_compute_url_map` is used to test a Google UrlMap resource diff --git a/docs/resources/google_compute_url_maps.md b/docs/resources/google_compute_url_maps.md index 5c2b4fd46..9a1ddc5cc 100644 --- a/docs/resources/google_compute_url_maps.md +++ b/docs/resources/google_compute_url_maps.md @@ -1,9 +1,8 @@ --- -title: About the UrlMap resource +title: About the google_compute_url_maps resource platform: gcp --- - ## Syntax A `google_compute_url_maps` is used to test a Google UrlMap resource diff --git a/docs/resources/google_container_regional_cluster.md b/docs/resources/google_container_regional_cluster.md index 40bf6a58c..d352cd5cb 100644 --- a/docs/resources/google_container_regional_cluster.md +++ b/docs/resources/google_container_regional_cluster.md @@ -1,9 +1,8 @@ --- -title: About the RegionalCluster resource +title: About the google_container_regional_cluster resource platform: gcp --- - ## Syntax A `google_container_regional_cluster` is used to test a Google RegionalCluster resource diff --git a/docs/resources/google_container_regional_clusters.md b/docs/resources/google_container_regional_clusters.md index f8b280ecb..e642a91ce 100644 --- a/docs/resources/google_container_regional_clusters.md +++ b/docs/resources/google_container_regional_clusters.md @@ -1,9 +1,8 @@ --- -title: About the RegionalCluster resource +title: About the google_container_regional_clusters resource platform: gcp --- - ## Syntax A `google_container_regional_clusters` is used to test a Google RegionalCluster resource diff --git a/docs/resources/google_dns_resource_record_set.md b/docs/resources/google_dns_resource_record_set.md index 277f93de7..4517c7769 100644 --- a/docs/resources/google_dns_resource_record_set.md +++ b/docs/resources/google_dns_resource_record_set.md @@ -1,9 +1,8 @@ --- -title: About the ResourceRecordSet resource +title: About the google_dns_resource_record_set resource platform: gcp --- - ## Syntax A `google_dns_resource_record_set` is used to test a Google ResourceRecordSet resource diff --git a/docs/resources/google_dns_resource_record_sets.md b/docs/resources/google_dns_resource_record_sets.md index 785835fdd..1ab1eb064 100644 --- a/docs/resources/google_dns_resource_record_sets.md +++ b/docs/resources/google_dns_resource_record_sets.md @@ -1,9 +1,8 @@ --- -title: About the ResourceRecordSet resource +title: About the google_dns_resource_record_sets resource platform: gcp --- - ## Syntax A `google_dns_resource_record_sets` is used to test a Google ResourceRecordSet resource diff --git a/docs/resources/google_pubsub_subscription.md b/docs/resources/google_pubsub_subscription.md index 9762a829d..5f6dae910 100644 --- a/docs/resources/google_pubsub_subscription.md +++ b/docs/resources/google_pubsub_subscription.md @@ -1,9 +1,8 @@ --- -title: About the Subscription resource +title: About the google_pubsub_subscription resource platform: gcp --- - ## Syntax A `google_pubsub_subscription` is used to test a Google Subscription resource diff --git a/docs/resources/google_pubsub_subscriptions.md b/docs/resources/google_pubsub_subscriptions.md index ae01487c3..29329d1c7 100644 --- a/docs/resources/google_pubsub_subscriptions.md +++ b/docs/resources/google_pubsub_subscriptions.md @@ -1,9 +1,8 @@ --- -title: About the Subscription resource +title: About the google_pubsub_subscriptions resource platform: gcp --- - ## Syntax A `google_pubsub_subscriptions` is used to test a Google Subscription resource diff --git a/docs/resources/google_pubsub_topic.md b/docs/resources/google_pubsub_topic.md index dcfe05efb..31de8cfaf 100644 --- a/docs/resources/google_pubsub_topic.md +++ b/docs/resources/google_pubsub_topic.md @@ -1,9 +1,8 @@ --- -title: About the Topic resource +title: About the google_pubsub_topic resource platform: gcp --- - ## Syntax A `google_pubsub_topic` is used to test a Google Topic resource diff --git a/docs/resources/google_pubsub_topics.md b/docs/resources/google_pubsub_topics.md index 85673f142..a553261b9 100644 --- a/docs/resources/google_pubsub_topics.md +++ b/docs/resources/google_pubsub_topics.md @@ -1,9 +1,8 @@ --- -title: About the Topic resource +title: About the google_pubsub_topics resource platform: gcp --- - ## Syntax A `google_pubsub_topics` is used to test a Google Topic resource diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index 515866644..5d8fb1a5a 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -332,5 +332,9 @@ resource "google_compute_route" "gcp-inspec-route" { network = "${google_compute_network.inspec-gcp-network.name}" next_hop_ip = "${var.route["next_hop_ip"]}" priority = "${var.route["priority"]}" + # google_compute_route depends on next_hop_ip belonging to a subnetwork + # of the named network in this block. Since inspec-gcp-network does not + # automatically create subnetworks, we need to create a dependency so + # the route is not created before the subnetwork depends_on = ["google_compute_subnetwork.inspec-gcp-subnetwork"] } \ No newline at end of file From 73aaadb737dfbf13c67345e5f56d9fa6107e3c14 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Thu, 31 Jan 2019 21:43:49 +0000 Subject: [PATCH 13/30] Add router support in InSpec Signed-off-by: Modular Magician --- docs/resources/google_compute_router.md | 50 ++++++++++ docs/resources/google_compute_routers.md | 30 ++++++ .../property/router_advertised_ip_ranges.rb | 40 ++++++++ .../google/compute/property/router_bgp.rb | 39 ++++++++ libraries/google_compute_router.rb | 65 +++++++++++++ libraries/google_compute_routers.rb | 94 +++++++++++++++++++ test/integration/build/gcp-mm.tf | 21 +++++ .../configuration/mm-attributes.yml | 8 ++ .../verify/controls/google_compute_router.rb | 46 +++++++++ .../verify/controls/google_compute_routers.rb | 35 +++++++ 10 files changed, 428 insertions(+) create mode 100644 docs/resources/google_compute_router.md create mode 100644 docs/resources/google_compute_routers.md create mode 100644 libraries/google/compute/property/router_advertised_ip_ranges.rb create mode 100644 libraries/google/compute/property/router_bgp.rb create mode 100644 libraries/google_compute_router.rb create mode 100644 libraries/google_compute_routers.rb create mode 100644 test/integration/verify/controls/google_compute_router.rb create mode 100644 test/integration/verify/controls/google_compute_routers.rb diff --git a/docs/resources/google_compute_router.md b/docs/resources/google_compute_router.md new file mode 100644 index 000000000..53fc149f7 --- /dev/null +++ b/docs/resources/google_compute_router.md @@ -0,0 +1,50 @@ +--- +title: About the google_compute_router resource +platform: gcp +--- + +## Syntax +A `google_compute_router` is used to test a Google Router resource + +## Examples +``` +describe google_compute_router(project: 'chef-gcp-inspec', region: 'europe-west2', name: 'inspec-gcp-router') do + it { should exist } + its('bgp.asn') { should eq '64514' } + its('bgp.advertise_mode') { should eq 'CUSTOM' } + its('bgp.advertised_groups') { should include 'ALL_SUBNETS' } + its('bgp.advertised_ip_ranges.count') { should eq 2 } + its('bgp.advertised_ip_ranges.first.range') { should eq '1.2.3.4' } + its('bgp.advertised_ip_ranges.last.range') { should eq '1.2.3.4' } + its('network') { should match /\/gcp-inspec-network$/ } + end + +describe google_compute_router(project: 'chef-gcp-inspec', region: 'europe-west2', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_router` resource: + + * `id`: The unique identifier for the resource. + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `name`: Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `description`: An optional description of this resource. + + * `network`: A reference to the network to which this router belongs. + + * `bgp`: BGP information specific to this router. + + * `asn`: Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN. + + * `advertiseMode`: User-specified flag to indicate which mode to use for advertisement. Valid values of this enum field are: DEFAULT, CUSTOM + + * `advertisedGroups`: User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups. This enum field has the one valid value: ALL_SUBNETS + + * `advertisedIpRanges`: User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges. + + * `region`: Region where the router resides. diff --git a/docs/resources/google_compute_routers.md b/docs/resources/google_compute_routers.md new file mode 100644 index 000000000..7827645f5 --- /dev/null +++ b/docs/resources/google_compute_routers.md @@ -0,0 +1,30 @@ +--- +title: About the google_compute_routers resource +platform: gcp +--- + +## Syntax +A `google_compute_routers` is used to test a Google Router resource + +## Examples +``` +describe google_compute_routers(project: 'chef-gcp-inspec', region: 'europe-west2') do + its('names') { should include 'inspec-gcp-router' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_routers` resource: + +See [google_compute_router.md](google_compute_router.md) for more detailed information + * `ids`: an array of `google_compute_router` id + * `creation_timestamps`: an array of `google_compute_router` creation_timestamp + * `names`: an array of `google_compute_router` name + * `descriptions`: an array of `google_compute_router` description + * `networks`: an array of `google_compute_router` network + * `bgps`: an array of `google_compute_router` bgp + * `regions`: an array of `google_compute_router` region + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google/compute/property/router_advertised_ip_ranges.rb b/libraries/google/compute/property/router_advertised_ip_ranges.rb new file mode 100644 index 000000000..45313e693 --- /dev/null +++ b/libraries/google/compute/property/router_advertised_ip_ranges.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class RouterAdvertisedipranges + attr_reader :range + + attr_reader :description + + def initialize(args = nil) + return if args.nil? + @range = args['range'] + @description = args['description'] + end + end + + class RouterAdvertisediprangesArray + def self.parse(value) + return if value.nil? + return RouterAdvertisedipranges.new(value) unless value.is_a?(::Array) + value.map { |v| RouterAdvertisedipranges.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/router_bgp.rb b/libraries/google/compute/property/router_bgp.rb new file mode 100644 index 000000000..54a34ab73 --- /dev/null +++ b/libraries/google/compute/property/router_bgp.rb @@ -0,0 +1,39 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/router_advertised_ip_ranges' +module GoogleInSpec + module Compute + module Property + class RouterBgp + attr_reader :asn + + attr_reader :advertise_mode + + attr_reader :advertised_groups + + attr_reader :advertised_ip_ranges + + def initialize(args = nil) + return if args.nil? + @asn = args['asn'] + @advertise_mode = args['advertiseMode'] + @advertised_groups = args['advertisedGroups'] + @advertised_ip_ranges = GoogleInSpec::Compute::Property::RouterAdvertisediprangesArray.parse(args['advertisedIpRanges']) + end + end + end + end +end diff --git a/libraries/google_compute_router.rb b/libraries/google_compute_router.rb new file mode 100644 index 000000000..6b5d91ab2 --- /dev/null +++ b/libraries/google_compute_router.rb @@ -0,0 +1,65 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +require 'google/compute/property/router_advertised_ip_ranges' +require 'google/compute/property/router_bgp' + +# A provider to manage Google Compute Engine resources. +class Router < GcpResourceBase + name 'google_compute_router' + desc 'Router' + supports platform: 'gcp' + + attr_reader :id + attr_reader :creation_timestamp + attr_reader :name + attr_reader :description + attr_reader :network + attr_reader :bgp + attr_reader :region + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/regions/{{region}}/routers/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @id = @fetched['id'] + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @name = @fetched['name'] + @description = @fetched['description'] + @network = @fetched['network'] + @bgp = GoogleInSpec::Compute::Property::RouterBgp.new(@fetched['bgp']) + @region = @fetched['region'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_routers.rb b/libraries/google_compute_routers.rb new file mode 100644 index 000000000..4254b22cc --- /dev/null +++ b/libraries/google_compute_routers.rb @@ -0,0 +1,94 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class Routers < GcpResourceBase + name 'google_compute_routers' + desc 'Router plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:networks, field: :network) + filter_table_config.add(:bgps, field: :bgp) + filter_table_config.add(:regions, field: :region) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/regions/{{region}}/routers' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'id' => ->(obj) { return :id, obj['id'] }, + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'network' => ->(obj) { return :network, obj['network'] }, + 'bgp' => ->(obj) { return :bgp, GoogleInSpec::Compute::Property::RouterBgp.new(obj['bgp']) }, + 'region' => ->(obj) { return :region, obj['region'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index 5d8fb1a5a..3ffe8793c 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -82,6 +82,10 @@ variable "route" { type = "map" } +variable "router" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -337,4 +341,21 @@ resource "google_compute_route" "gcp-inspec-route" { # automatically create subnetworks, we need to create a dependency so # the route is not created before the subnetwork depends_on = ["google_compute_subnetwork.inspec-gcp-subnetwork"] +} + +resource "google_compute_router" "gcp-inspec-router" { + project = "${var.gcp_project_id}" + name = "${var.router["name"]}" + network = "${google_compute_network.inspec-gcp-network.name}" + bgp { + asn = "${var.router["bgp_asn"]}" + advertise_mode = "${var.router["bgp_advertise_mode"]}" + advertised_groups = ["${var.router["bgp_advertised_group"]}"] + advertised_ip_ranges { + range = "${var.router["bgp_advertised_ip_range1"]}" + } + advertised_ip_ranges { + range = "${var.router["bgp_advertised_ip_range2"]}" + } + } } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index 374183d97..699205ecf 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -126,3 +126,11 @@ route: dest_range: 15.0.0.0/24 next_hop_ip: 10.2.0.1 priority: 100 + +router: + name: inspec-gcp-router + bgp_asn: 64514 + bgp_advertise_mode: CUSTOM + bgp_advertised_group: "ALL_SUBNETS" + bgp_advertised_ip_range1: "1.2.3.4" + bgp_advertised_ip_range2: "6.7.0.0/16" diff --git a/test/integration/verify/controls/google_compute_router.rb b/test/integration/verify/controls/google_compute_router.rb new file mode 100644 index 000000000..0f9eeb9dc --- /dev/null +++ b/test/integration/verify/controls/google_compute_router.rb @@ -0,0 +1,46 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_router resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +gcp_location = attribute(:gcp_location, default: 'gcp_location', description: 'The GCP project region.') +router = attribute('router', default: { + "name": "inspec-gcp-router", + "bgp_asn": 64514, + "bgp_advertise_mode": "CUSTOM", + "bgp_advertised_group": "ALL_SUBNETS", + "bgp_advertised_ip_range1": "1.2.3.4", + "bgp_advertised_ip_range2": "6.7.0.0/16" +}, description: 'Compute router description') +gcp_network_name = attribute(:gcp_network_name, default: 'gcp_network_name', description: 'GCP network name') +control 'google_compute_router-1.0' do + impact 1.0 + title 'google_compute_router resource test' + + describe google_compute_router(project: gcp_project_id, region: gcp_location, name: router['name']) do + it { should exist } + its('bgp.asn') { should eq router['bgp_asn'] } + its('bgp.advertise_mode') { should eq router['bgp_advertise_mode'] } + its('bgp.advertised_groups') { should include router['bgp_advertised_group'] } + its('bgp.advertised_ip_ranges.count') { should eq 2 } + its('bgp.advertised_ip_ranges.first.range') { should eq router['bgp_advertised_ip_range1'] } + its('bgp.advertised_ip_ranges.last.range') { should eq router['bgp_advertised_ip_range2'] } + its('network') { should match /\/#{gcp_network_name}$/ } + end + + describe google_compute_router(project: gcp_project_id, region: gcp_location, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_routers.rb b/test/integration/verify/controls/google_compute_routers.rb new file mode 100644 index 000000000..6c5347046 --- /dev/null +++ b/test/integration/verify/controls/google_compute_routers.rb @@ -0,0 +1,35 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_routers resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +gcp_location = attribute(:gcp_location, default: 'gcp_location', description: 'The GCP project region.') +router = attribute('router', default: { + "name": "inspec-gcp-router", + "bgp_asn": 64514, + "bgp_advertise_mode": "CUSTOM", + "bgp_advertised_group": "ALL_SUBNETS", + "bgp_advertised_ip_range1": "1.2.3.4", + "bgp_advertised_ip_range2": "6.7.0.0/16" +}, description: 'Compute router description') +gcp_network_name = attribute(:gcp_network_name, default: 'gcp_network_name', description: 'GCP network name') +control 'google_compute_routers-1.0' do + impact 1.0 + title 'google_compute_routers resource test' + + describe google_compute_routers(project: gcp_project_id, region: gcp_location) do + its('names') { should include router['name'] } + end +end From 507ad5c32ae1139739356db433e6e7bc7f90a077 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Fri, 1 Feb 2019 21:56:26 +0000 Subject: [PATCH 14/30] Add support for InSpec disk snapshot Signed-off-by: Modular Magician --- docs/resources/google_compute_snapshot.md | 59 ++++++++++ docs/resources/google_compute_snapshots.md | 45 ++++++++ .../snapshot_snapshot_encryption_key.rb | 35 ++++++ .../snapshot_source_disk_encryption_key.rb | 32 ++++++ libraries/google_compute_snapshot.rb | 77 +++++++++++++ libraries/google_compute_snapshots.rb | 106 ++++++++++++++++++ test/integration/build/gcp-mm.tf | 11 ++ .../configuration/mm-attributes.yml | 3 + .../controls/google_compute_snapshot.rb | 36 ++++++ .../controls/google_compute_snapshots.rb | 39 +++++++ 10 files changed, 443 insertions(+) create mode 100644 docs/resources/google_compute_snapshot.md create mode 100644 docs/resources/google_compute_snapshots.md create mode 100644 libraries/google/compute/property/snapshot_snapshot_encryption_key.rb create mode 100644 libraries/google/compute/property/snapshot_source_disk_encryption_key.rb create mode 100644 libraries/google_compute_snapshot.rb create mode 100644 libraries/google_compute_snapshots.rb create mode 100644 test/integration/verify/controls/google_compute_snapshot.rb create mode 100644 test/integration/verify/controls/google_compute_snapshots.rb diff --git a/docs/resources/google_compute_snapshot.md b/docs/resources/google_compute_snapshot.md new file mode 100644 index 000000000..2dfd8994f --- /dev/null +++ b/docs/resources/google_compute_snapshot.md @@ -0,0 +1,59 @@ +--- +title: About the google_compute_snapshot resource +platform: gcp +--- + +## Syntax +A `google_compute_snapshot` is used to test a Google Snapshot resource + +## Examples +``` + +describe google_compute_snapshot(project: 'chef-gcp-inspec', name: 'inspec-gcp-disk-snapshot') do + it { should exist } + its('source_disk') { should match 'my_disk' } +end + +describe google_compute_snapshot(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_snapshot` resource: + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `id`: The unique identifier for the resource. + + * `disk_size_gb`: Size of the snapshot, specified in GB. + + * `name`: Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `description`: An optional description of this resource. + + * `storage_bytes`: A size of the the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion. + + * `licenses`: A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image). snapshotEncryptionKey nested object Encrypts the snapshot using a customer-supplied encryption key. + + * `labels`: Labels to apply to this Snapshot. + + * `label_fingerprint`: The fingerprint used for optimistic locking of this resource. Used internally during updates. + + * `source_disk`: A reference to the disk used to create this snapshot. + + * `zone`: A reference to the zone where the disk is hosted. + + * `snapshot_encryption_key`: The customer-supplied encryption key of the snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. + + * `rawKey`: Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. + + * `sha256`: The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. + + * `kmsKeyName`: The name of the encryption key that is stored in Google Cloud KMS. + + * `source_disk_encryption_key`: The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. + + * `rawKey`: Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. + + * `kmsKeyName`: The name of the encryption key that is stored in Google Cloud KMS. diff --git a/docs/resources/google_compute_snapshots.md b/docs/resources/google_compute_snapshots.md new file mode 100644 index 000000000..62e87f0d2 --- /dev/null +++ b/docs/resources/google_compute_snapshots.md @@ -0,0 +1,45 @@ +--- +title: About the google_compute_snapshots resource +platform: gcp +--- + +## Syntax +A `google_compute_snapshots` is used to test a Google Snapshot resource + +## Examples +``` + +describe google_compute_snapshots(project: 'chef-gcp-inspec') do + its('count') { should be >= 1 } +end + +describe.one do + google_compute_snapshots(project: 'chef-gcp-inspec').names do |snapshot_name| + describe google_compute_snapshot(project: 'chef-gcp-inspec', name: snapshot_name) do + its('source_disk') { should match 'my_disk' } + end + end +end +``` + +## Properties +Properties that can be accessed from the `google_compute_snapshots` resource: + +See [google_compute_snapshot.md](google_compute_snapshot.md) for more detailed information + * `creation_timestamps`: an array of `google_compute_snapshot` creation_timestamp + * `ids`: an array of `google_compute_snapshot` id + * `disk_size_gbs`: an array of `google_compute_snapshot` disk_size_gb + * `names`: an array of `google_compute_snapshot` name + * `descriptions`: an array of `google_compute_snapshot` description + * `storage_bytes`: an array of `google_compute_snapshot` storage_bytes + * `licenses`: an array of `google_compute_snapshot` licenses + * `labels`: an array of `google_compute_snapshot` labels + * `label_fingerprints`: an array of `google_compute_snapshot` label_fingerprint + * `source_disks`: an array of `google_compute_snapshot` source_disk + * `zones`: an array of `google_compute_snapshot` zone + * `snapshot_encryption_keys`: an array of `google_compute_snapshot` snapshot_encryption_key + * `source_disk_encryption_keys`: an array of `google_compute_snapshot` source_disk_encryption_key + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google/compute/property/snapshot_snapshot_encryption_key.rb b/libraries/google/compute/property/snapshot_snapshot_encryption_key.rb new file mode 100644 index 000000000..20b236be0 --- /dev/null +++ b/libraries/google/compute/property/snapshot_snapshot_encryption_key.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class SnapshotSnapshotencryptionkey + attr_reader :raw_key + + attr_reader :sha256 + + attr_reader :kms_key_name + + def initialize(args = nil) + return if args.nil? + @raw_key = args['rawKey'] + @sha256 = args['sha256'] + @kms_key_name = args['kmsKeyName'] + end + end + end + end +end diff --git a/libraries/google/compute/property/snapshot_source_disk_encryption_key.rb b/libraries/google/compute/property/snapshot_source_disk_encryption_key.rb new file mode 100644 index 000000000..c6e803cc3 --- /dev/null +++ b/libraries/google/compute/property/snapshot_source_disk_encryption_key.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class SnapshotSourcediskencryptionkey + attr_reader :raw_key + + attr_reader :kms_key_name + + def initialize(args = nil) + return if args.nil? + @raw_key = args['rawKey'] + @kms_key_name = args['kmsKeyName'] + end + end + end + end +end diff --git a/libraries/google_compute_snapshot.rb b/libraries/google_compute_snapshot.rb new file mode 100644 index 000000000..53826f636 --- /dev/null +++ b/libraries/google_compute_snapshot.rb @@ -0,0 +1,77 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +require 'google/compute/property/snapshot_snapshot_encryption_key' +require 'google/compute/property/snapshot_source_disk_encryption_key' + +# A provider to manage Google Compute Engine resources. +class Snapshot < GcpResourceBase + name 'google_compute_snapshot' + desc 'Snapshot' + supports platform: 'gcp' + + attr_reader :creation_timestamp + attr_reader :id + attr_reader :disk_size_gb + attr_reader :name + attr_reader :description + attr_reader :storage_bytes + attr_reader :licenses + attr_reader :labels + attr_reader :label_fingerprint + attr_reader :source_disk + attr_reader :zone + attr_reader :snapshot_encryption_key + attr_reader :source_disk_encryption_key + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/snapshots/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @id = @fetched['id'] + @disk_size_gb = @fetched['diskSizeGb'] + @name = @fetched['name'] + @description = @fetched['description'] + @storage_bytes = @fetched['storageBytes'] + @licenses = @fetched['licenses'] + @labels = @fetched['labels'] + @label_fingerprint = @fetched['labelFingerprint'] + @source_disk = @fetched['sourceDisk'] + @zone = @fetched['zone'] + @snapshot_encryption_key = GoogleInSpec::Compute::Property::SnapshotSnapshotencryptionkey.new(@fetched['snapshotEncryptionKey']) + @source_disk_encryption_key = GoogleInSpec::Compute::Property::SnapshotSourcediskencryptionkey.new(@fetched['sourceDiskEncryptionKey']) + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_snapshots.rb b/libraries/google_compute_snapshots.rb new file mode 100644 index 000000000..37931f773 --- /dev/null +++ b/libraries/google_compute_snapshots.rb @@ -0,0 +1,106 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class Snapshots < GcpResourceBase + name 'google_compute_snapshots' + desc 'Snapshot plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:disk_size_gbs, field: :disk_size_gb) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:storage_bytes, field: :storage_bytes) + filter_table_config.add(:licenses, field: :licenses) + filter_table_config.add(:labels, field: :labels) + filter_table_config.add(:label_fingerprints, field: :label_fingerprint) + filter_table_config.add(:source_disks, field: :source_disk) + filter_table_config.add(:zones, field: :zone) + filter_table_config.add(:snapshot_encryption_keys, field: :snapshot_encryption_key) + filter_table_config.add(:source_disk_encryption_keys, field: :source_disk_encryption_key) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/snapshots' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'diskSizeGb' => ->(obj) { return :disk_size_gb, obj['diskSizeGb'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'storageBytes' => ->(obj) { return :storage_bytes, obj['storageBytes'] }, + 'licenses' => ->(obj) { return :licenses, obj['licenses'] }, + 'labels' => ->(obj) { return :labels, obj['labels'] }, + 'labelFingerprint' => ->(obj) { return :label_fingerprint, obj['labelFingerprint'] }, + 'sourceDisk' => ->(obj) { return :source_disk, obj['sourceDisk'] }, + 'zone' => ->(obj) { return :zone, obj['zone'] }, + 'snapshotEncryptionKey' => ->(obj) { return :snapshot_encryption_key, GoogleInSpec::Compute::Property::SnapshotSnapshotencryptionkey.new(obj['snapshotEncryptionKey']) }, + 'sourceDiskEncryptionKey' => ->(obj) { return :source_disk_encryption_key, GoogleInSpec::Compute::Property::SnapshotSourcediskencryptionkey.new(obj['sourceDiskEncryptionKey']) }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index 3ffe8793c..c99734988 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -86,6 +86,10 @@ variable "router" { type = "map" } +variable "snapshot" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -358,4 +362,11 @@ resource "google_compute_router" "gcp-inspec-router" { range = "${var.router["bgp_advertised_ip_range2"]}" } } +} + +resource "google_compute_snapshot" "gcp-inspec-snapshot" { + project = "${var.gcp_project_id}" + name = "${var.snapshot["name"]}" + source_disk = "${google_compute_disk.generic_compute_disk.name}" + zone = "${var.gcp_zone}" } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index 699205ecf..20c365268 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -134,3 +134,6 @@ router: bgp_advertised_group: "ALL_SUBNETS" bgp_advertised_ip_range1: "1.2.3.4" bgp_advertised_ip_range2: "6.7.0.0/16" + +snapshot: + name: inspec-gcp-disk-snapshot diff --git a/test/integration/verify/controls/google_compute_snapshot.rb b/test/integration/verify/controls/google_compute_snapshot.rb new file mode 100644 index 000000000..50432a357 --- /dev/null +++ b/test/integration/verify/controls/google_compute_snapshot.rb @@ -0,0 +1,36 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_snapshot resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +gcp_zone = attribute(:gcp_zone, default: 'gcp_zone', description: 'GCP zone name of the compute disk') +gcp_compute_disk_name = attribute(:gcp_compute_disk_name, default: 'gcp_compute_disk_name', description: 'The name of the GCP compute disk to snapshot') +snapshot = attribute('snapshot', default: { + "name": "inspec-gcp-disk-snapshot" +}, description: 'Compute disk snapshot description') +control 'google_compute_snapshot-1.0' do + impact 1.0 + title 'google_compute_snapshot resource test' + + + describe google_compute_snapshot(project: gcp_project_id, name: snapshot['name']) do + it { should exist } + its('source_disk') { should match gcp_compute_disk_name } + end + + describe google_compute_snapshot(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_snapshots.rb b/test/integration/verify/controls/google_compute_snapshots.rb new file mode 100644 index 000000000..692820543 --- /dev/null +++ b/test/integration/verify/controls/google_compute_snapshots.rb @@ -0,0 +1,39 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_snapshots resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +gcp_zone = attribute(:gcp_zone, default: 'gcp_zone', description: 'GCP zone name of the compute disk') +gcp_compute_disk_name = attribute(:gcp_compute_disk_name, default: 'gcp_compute_disk_name', description: 'The name of the GCP compute disk to snapshot') +snapshot = attribute('snapshot', default: { + "name": "inspec-gcp-disk-snapshot" +}, description: 'Compute disk snapshot description') +control 'google_compute_snapshots-1.0' do + impact 1.0 + title 'google_compute_snapshots resource test' + + + describe google_compute_snapshots(project: gcp_project_id) do + its('count') { should be >= 1 } + end + + describe.one do + google_compute_snapshots(project: gcp_project_id).names do |snapshot_name| + describe google_compute_snapshot(project: gcp_project_id, name: snapshot_name) do + its('source_disk') { should match gcp_compute_disk_name } + end + end + end +end From 858fa89291f656f592323c817668cfb376f748a6 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Sat, 2 Feb 2019 01:36:46 +0000 Subject: [PATCH 15/30] Inspec ssl certificate Signed-off-by: Modular Magician --- .../google_compute_ssl_certificate.md | 52 ++++++++++ .../google_compute_ssl_certificates.md | 49 ++++++++++ .../google_compute_target_https_proxies.md | 32 +++++++ .../google_compute_target_https_proxy.md | 39 ++++++++ libraries/google_compute_ssl_certificate.rb | 61 ++++++++++++ libraries/google_compute_ssl_certificates.rb | 92 ++++++++++++++++++ .../google_compute_target_https_proxies.rb | 96 +++++++++++++++++++ .../google_compute_target_https_proxy.rb | 65 +++++++++++++ test/integration/build/gcp-mm.tf | 24 +++++ .../configuration/mm-attributes.yml | 32 +++++++ .../google_compute_ssl_certificate.rb | 37 +++++++ .../google_compute_ssl_certificates.rb | 34 +++++++ .../google_compute_target_https_proxies.rb | 30 ++++++ .../google_compute_target_https_proxy.rb | 35 +++++++ 14 files changed, 678 insertions(+) create mode 100644 docs/resources/google_compute_ssl_certificate.md create mode 100644 docs/resources/google_compute_ssl_certificates.md create mode 100644 docs/resources/google_compute_target_https_proxies.md create mode 100644 docs/resources/google_compute_target_https_proxy.md create mode 100644 libraries/google_compute_ssl_certificate.rb create mode 100644 libraries/google_compute_ssl_certificates.rb create mode 100644 libraries/google_compute_target_https_proxies.rb create mode 100644 libraries/google_compute_target_https_proxy.rb create mode 100644 test/integration/verify/controls/google_compute_ssl_certificate.rb create mode 100644 test/integration/verify/controls/google_compute_ssl_certificates.rb create mode 100644 test/integration/verify/controls/google_compute_target_https_proxies.rb create mode 100644 test/integration/verify/controls/google_compute_target_https_proxy.rb diff --git a/docs/resources/google_compute_ssl_certificate.md b/docs/resources/google_compute_ssl_certificate.md new file mode 100644 index 000000000..9d8084fae --- /dev/null +++ b/docs/resources/google_compute_ssl_certificate.md @@ -0,0 +1,52 @@ +--- +title: About the google_compute_ssl_certificate resource +platform: gcp +--- + +## Syntax +A `google_compute_ssl_certificate` is used to test a Google SslCertificate resource + +## Examples +``` +describe google_compute_ssl_certificate(project: 'chef-gcp-inspec', name: 'inspec-gcp-ssl-certificate') do + it { should exist } + its('description') { should eq 'A fake ssl certificate (DO NOT USE)' } + its('certificate') { should eq '-----BEGIN CERTIFICATE----- +MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG +EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT +BgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm +b3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN +AQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2 +MDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP +BgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM +FUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z +aXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH +KoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ +4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O +BBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn +0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O +M3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ +zqGNhIPGq2ULqXKK8BY= +-----END CERTIFICATE----- +' } +end + +describe google_compute_ssl_certificate(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_ssl_certificate` resource: + + * `certificate`: The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `description`: An optional description of this resource. + + * `id`: The unique identifier for the resource. + + * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `private_key`: The write-only private key in PEM format. diff --git a/docs/resources/google_compute_ssl_certificates.md b/docs/resources/google_compute_ssl_certificates.md new file mode 100644 index 000000000..ab1db6bd7 --- /dev/null +++ b/docs/resources/google_compute_ssl_certificates.md @@ -0,0 +1,49 @@ +--- +title: About the google_compute_ssl_certificates resource +platform: gcp +--- + +## Syntax +A `google_compute_ssl_certificates` is used to test a Google SslCertificate resource + +## Examples +``` +describe google_compute_ssl_certificates(project: 'chef-gcp-inspec') do + + its('names') { should include 'inspec-gcp-ssl-certificate' } + its('descriptions') { should include 'A fake ssl certificate (DO NOT USE)' } + its('certificates') { should include '-----BEGIN CERTIFICATE----- +MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG +EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT +BgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm +b3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN +AQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2 +MDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP +BgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM +FUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z +aXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH +KoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ +4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O +BBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn +0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O +M3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ +zqGNhIPGq2ULqXKK8BY= +-----END CERTIFICATE----- +' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_ssl_certificates` resource: + +See [google_compute_ssl_certificate.md](google_compute_ssl_certificate.md) for more detailed information + * `certificates`: an array of `google_compute_ssl_certificate` certificate + * `creation_timestamps`: an array of `google_compute_ssl_certificate` creation_timestamp + * `descriptions`: an array of `google_compute_ssl_certificate` description + * `ids`: an array of `google_compute_ssl_certificate` id + * `names`: an array of `google_compute_ssl_certificate` name + * `private_keys`: an array of `google_compute_ssl_certificate` private_key + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/docs/resources/google_compute_target_https_proxies.md b/docs/resources/google_compute_target_https_proxies.md new file mode 100644 index 000000000..72c26502d --- /dev/null +++ b/docs/resources/google_compute_target_https_proxies.md @@ -0,0 +1,32 @@ +--- +title: About the google_compute_target_https_proxies resource +platform: gcp +--- + +## Syntax +A `google_compute_target_https_proxies` is used to test a Google TargetHttpsProxy resource + +## Examples +``` +describe google_compute_target_https_proxies(project: 'chef-gcp-inspec') do + its('names') { should include 'inspec-gcp-https-proxy' } + its('descriptions') { should include 'A HTTPS target proxy' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_target_https_proxies` resource: + +See [google_compute_target_https_proxy.md](google_compute_target_https_proxy.md) for more detailed information + * `creation_timestamps`: an array of `google_compute_target_https_proxy` creation_timestamp + * `descriptions`: an array of `google_compute_target_https_proxy` description + * `ids`: an array of `google_compute_target_https_proxy` id + * `names`: an array of `google_compute_target_https_proxy` name + * `quic_overrides`: an array of `google_compute_target_https_proxy` quic_override + * `ssl_certificates`: an array of `google_compute_target_https_proxy` ssl_certificates + * `ssl_policies`: an array of `google_compute_target_https_proxy` ssl_policy + * `url_maps`: an array of `google_compute_target_https_proxy` url_map + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/docs/resources/google_compute_target_https_proxy.md b/docs/resources/google_compute_target_https_proxy.md new file mode 100644 index 000000000..eaecf3d4b --- /dev/null +++ b/docs/resources/google_compute_target_https_proxy.md @@ -0,0 +1,39 @@ +--- +title: About the google_compute_target_https_proxy resource +platform: gcp +--- + +## Syntax +A `google_compute_target_https_proxy` is used to test a Google TargetHttpsProxy resource + +## Examples +``` +describe google_compute_target_https_proxy(project: 'chef-gcp-inspec', name: 'inspec-gcp-https-proxy') do + it { should exist } + its('url_map') { should match /\/inspec-gcp-url-map$/ } + its('description') { should eq 'A HTTPS target proxy' } +end + +describe google_compute_target_https_proxy(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_target_https_proxy` resource: + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `description`: An optional description of this resource. + + * `id`: The unique identifier for the resource. + + * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `quic_override`: Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy with no user overrides, which is equivalent to DISABLE. Not specifying this field is equivalent to specifying NONE. + + * `ssl_certificates`: A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified. + + * `ssl_policy`: A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured. + + * `url_map`: A reference to the UrlMap resource that defines the mapping from URL to the BackendService. diff --git a/libraries/google_compute_ssl_certificate.rb b/libraries/google_compute_ssl_certificate.rb new file mode 100644 index 000000000..6dbcdff93 --- /dev/null +++ b/libraries/google_compute_ssl_certificate.rb @@ -0,0 +1,61 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' + +# A provider to manage Google Compute Engine resources. +class SslCertificate < GcpResourceBase + name 'google_compute_ssl_certificate' + desc 'SslCertificate' + supports platform: 'gcp' + + attr_reader :certificate + attr_reader :creation_timestamp + attr_reader :description + attr_reader :id + attr_reader :name + attr_reader :private_key + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/sslCertificates/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @certificate = @fetched['certificate'] + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @description = @fetched['description'] + @id = @fetched['id'] + @name = @fetched['name'] + @private_key = @fetched['privateKey'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_ssl_certificates.rb b/libraries/google_compute_ssl_certificates.rb new file mode 100644 index 000000000..0cb922ce1 --- /dev/null +++ b/libraries/google_compute_ssl_certificates.rb @@ -0,0 +1,92 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class SslCertificates < GcpResourceBase + name 'google_compute_ssl_certificates' + desc 'SslCertificate plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:certificates, field: :certificate) + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:private_keys, field: :private_key) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/sslCertificates' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'certificate' => ->(obj) { return :certificate, obj['certificate'] }, + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'privateKey' => ->(obj) { return :private_key, obj['privateKey'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/libraries/google_compute_target_https_proxies.rb b/libraries/google_compute_target_https_proxies.rb new file mode 100644 index 000000000..b55270214 --- /dev/null +++ b/libraries/google_compute_target_https_proxies.rb @@ -0,0 +1,96 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class TargetHttpsProxys < GcpResourceBase + name 'google_compute_target_https_proxies' + desc 'TargetHttpsProxy plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:quic_overrides, field: :quic_override) + filter_table_config.add(:ssl_certificates, field: :ssl_certificates) + filter_table_config.add(:ssl_policies, field: :ssl_policy) + filter_table_config.add(:url_maps, field: :url_map) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/targetHttpsProxies' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'quicOverride' => ->(obj) { return :quic_override, obj['quicOverride'] }, + 'sslCertificates' => ->(obj) { return :ssl_certificates, obj['sslCertificates'] }, + 'sslPolicy' => ->(obj) { return :ssl_policy, obj['sslPolicy'] }, + 'urlMap' => ->(obj) { return :url_map, obj['urlMap'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/libraries/google_compute_target_https_proxy.rb b/libraries/google_compute_target_https_proxy.rb new file mode 100644 index 000000000..a7a13378d --- /dev/null +++ b/libraries/google_compute_target_https_proxy.rb @@ -0,0 +1,65 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' + +# A provider to manage Google Compute Engine resources. +class TargetHttpsProxy < GcpResourceBase + name 'google_compute_target_https_proxy' + desc 'TargetHttpsProxy' + supports platform: 'gcp' + + attr_reader :creation_timestamp + attr_reader :description + attr_reader :id + attr_reader :name + attr_reader :quic_override + attr_reader :ssl_certificates + attr_reader :ssl_policy + attr_reader :url_map + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/targetHttpsProxies/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @description = @fetched['description'] + @id = @fetched['id'] + @name = @fetched['name'] + @quic_override = @fetched['quicOverride'] + @ssl_certificates = @fetched['sslCertificates'] + @ssl_policy = @fetched['sslPolicy'] + @url_map = @fetched['urlMap'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index c99734988..23f803e70 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -90,6 +90,14 @@ variable "snapshot" { type = "map" } +variable "https_proxy" { + type = "map" +} + +variable "ssl_certificate" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -369,4 +377,20 @@ resource "google_compute_snapshot" "gcp-inspec-snapshot" { name = "${var.snapshot["name"]}" source_disk = "${google_compute_disk.generic_compute_disk.name}" zone = "${var.gcp_zone}" +} + +resource "google_compute_ssl_certificate" "gcp-inspec-ssl-certificate" { + project = "${var.gcp_project_id}" + name = "${var.ssl_certificate["name"]}" + private_key = "${var.ssl_certificate["private_key"]}" + certificate = "${var.ssl_certificate["certificate"]}" + description = "${var.ssl_certificate["description"]}" +} + +resource "google_compute_target_https_proxy" "gcp-inspec-https-proxy" { + project = "${var.gcp_project_id}" + name = "${var.https_proxy["name"]}" + url_map = "${google_compute_url_map.gcp-inspec-url-map.self_link}" + description = "${var.https_proxy["description"]}" + ssl_certificates = ["${google_compute_ssl_certificate.gcp-inspec-ssl-certificate.self_link}"] } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index 20c365268..eb2437a4a 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -137,3 +137,35 @@ router: snapshot: name: inspec-gcp-disk-snapshot + +https_proxy: + name: inspec-gcp-https-proxy + description: A HTTPS target proxy + +ssl_certificate: + name: inspec-gcp-ssl-certificate + description: A fake ssl certificate (DO NOT USE) + certificate: | + -----BEGIN CERTIFICATE----- + MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG + EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT + BgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm + b3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN + AQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2 + MDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP + BgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM + FUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z + aXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH + KoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ + 4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O + BBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn + 0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O + M3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ + zqGNhIPGq2ULqXKK8BY= + -----END CERTIFICATE----- + private_key: | + -----BEGIN EC PRIVATE KEY----- + MHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49 + AwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f + OGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ== + -----END EC PRIVATE KEY----- \ No newline at end of file diff --git a/test/integration/verify/controls/google_compute_ssl_certificate.rb b/test/integration/verify/controls/google_compute_ssl_certificate.rb new file mode 100644 index 000000000..f9c8b544b --- /dev/null +++ b/test/integration/verify/controls/google_compute_ssl_certificate.rb @@ -0,0 +1,37 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_ssl_certificate resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +ssl_certificate = attribute('ssl_certificate', default: { + "name": "inspec-gcp-ssl-certificate", + "description": "A fake ssl certificate (DO NOT USE)", + "certificate": "-----BEGIN CERTIFICATE-----\nMIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG\nEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT\nBgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm\nb3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN\nAQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2\nMDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP\nBgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM\nFUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z\naXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH\nKoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ\n4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O\nBBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn\n0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O\nM3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ\nzqGNhIPGq2ULqXKK8BY=\n-----END CERTIFICATE-----\n", + "private_key": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49\nAwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f\nOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ==\n-----END EC PRIVATE KEY-----" +}, description: 'A GCP SSL certificate definition') +control 'google_compute_ssl_certificate-1.0' do + impact 1.0 + title 'google_compute_ssl_certificate resource test' + + describe google_compute_ssl_certificate(project: gcp_project_id, name: ssl_certificate['name']) do + it { should exist } + its('description') { should eq ssl_certificate['description'] } + its('certificate') { should eq ssl_certificate['certificate'] } + end + + describe google_compute_ssl_certificate(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_ssl_certificates.rb b/test/integration/verify/controls/google_compute_ssl_certificates.rb new file mode 100644 index 000000000..10ec90b24 --- /dev/null +++ b/test/integration/verify/controls/google_compute_ssl_certificates.rb @@ -0,0 +1,34 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_ssl_certificates resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +ssl_certificate = attribute('ssl_certificate', default: { + "name": "inspec-gcp-ssl-certificate", + "description": "A fake ssl certificate (DO NOT USE)", + "certificate": "-----BEGIN CERTIFICATE-----\nMIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG\nEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT\nBgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm\nb3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN\nAQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2\nMDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP\nBgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM\nFUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z\naXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH\nKoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ\n4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O\nBBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn\n0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O\nM3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ\nzqGNhIPGq2ULqXKK8BY=\n-----END CERTIFICATE-----\n", + "private_key": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49\nAwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f\nOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ==\n-----END EC PRIVATE KEY-----" +}, description: 'A GCP SSL certificate definition') +control 'google_compute_ssl_certificates-1.0' do + impact 1.0 + title 'google_compute_ssl_certificates resource test' + + describe google_compute_ssl_certificates(project: gcp_project_id) do + + its('names') { should include ssl_certificate['name'] } + its('descriptions') { should include ssl_certificate['description'] } + its('certificates') { should include ssl_certificate['certificate'] } + end +end diff --git a/test/integration/verify/controls/google_compute_target_https_proxies.rb b/test/integration/verify/controls/google_compute_target_https_proxies.rb new file mode 100644 index 000000000..90d7a9eff --- /dev/null +++ b/test/integration/verify/controls/google_compute_target_https_proxies.rb @@ -0,0 +1,30 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_target_https_proxies resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +https_proxy = attribute('https_proxy', default: { + "name": "inspec-gcp-https-proxy", + "description": "A HTTPS target proxy" +}, description: 'Compute HTTPS proxy definition') +control 'google_compute_target_https_proxies-1.0' do + impact 1.0 + title 'google_compute_target_https_proxies resource test' + + describe google_compute_target_https_proxies(project: gcp_project_id) do + its('names') { should include https_proxy['name'] } + its('descriptions') { should include https_proxy['description'] } + end +end diff --git a/test/integration/verify/controls/google_compute_target_https_proxy.rb b/test/integration/verify/controls/google_compute_target_https_proxy.rb new file mode 100644 index 000000000..24ff7ea64 --- /dev/null +++ b/test/integration/verify/controls/google_compute_target_https_proxy.rb @@ -0,0 +1,35 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_target_https_proxy resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +https_proxy = attribute('https_proxy', default: { + "name": "inspec-gcp-https-proxy", + "description": "A HTTPS target proxy" +}, description: 'Compute HTTPS proxy definition') +control 'google_compute_target_https_proxy-1.0' do + impact 1.0 + title 'google_compute_target_https_proxy resource test' + + describe google_compute_target_https_proxy(project: gcp_project_id, name: https_proxy['name']) do + it { should exist } + its('url_map') { should match /\/inspec-gcp-url-map$/ } + its('description') { should eq https_proxy['description'] } + end + + describe google_compute_target_https_proxy(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end From 280de46beb4a5e3fa7157fcce3c0602ccae33b26 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Wed, 6 Feb 2019 17:51:10 +0000 Subject: [PATCH 16/30] Fix InSpec pubsub subscription test Signed-off-by: Modular Magician --- docs/resources/google_pubsub_subscriptions.md | 3 +-- .../integration/verify/controls/google_pubsub_subscriptions.rb | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/docs/resources/google_pubsub_subscriptions.md b/docs/resources/google_pubsub_subscriptions.md index 29329d1c7..5bc3dba41 100644 --- a/docs/resources/google_pubsub_subscriptions.md +++ b/docs/resources/google_pubsub_subscriptions.md @@ -9,8 +9,7 @@ A `google_pubsub_subscriptions` is used to test a Google Subscription resource ## Examples ``` describe google_pubsub_subscriptions(project: 'chef-gcp-inspec') do - it { should exist } - its('count') { should eq 1 } + its('count') { should be >= 1 } end google_pubsub_subscriptions(project: 'chef-gcp-inspec').names.each do |subscription_name| diff --git a/test/integration/verify/controls/google_pubsub_subscriptions.rb b/test/integration/verify/controls/google_pubsub_subscriptions.rb index 73f8afa63..9ebe3eaa6 100644 --- a/test/integration/verify/controls/google_pubsub_subscriptions.rb +++ b/test/integration/verify/controls/google_pubsub_subscriptions.rb @@ -22,8 +22,7 @@ title 'google_pubsub_subscriptions resource test' describe google_pubsub_subscriptions(project: gcp_project_id) do - it { should exist } - its('count') { should eq 1 } + its('count') { should be >= 1 } end google_pubsub_subscriptions(project: gcp_project_id).names.each do |subscription_name| From ed63fb18656001b1dfd20b2871827bfebf7b3329 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Wed, 6 Feb 2019 21:51:48 +0000 Subject: [PATCH 17/30] InSpec add support for BigQuery Dataset Signed-off-by: Modular Magician --- docs/resources/google_bigquery_dataset.md | 82 +++++++++++++++++ docs/resources/google_bigquery_datasets.md | 30 +++++++ .../bigquery/property/dataset_access.rb | 53 +++++++++++ .../property/dataset_dataset_reference.rb | 32 +++++++ .../google/bigquery/property/dataset_view.rb | 35 ++++++++ libraries/google_bigquery_dataset.rb | 73 +++++++++++++++ libraries/google_bigquery_datasets.rb | 90 +++++++++++++++++++ test/integration/build/gcp-mm.tf | 23 +++++ .../configuration/mm-attributes.yml | 13 ++- .../controls/google_bigquery_dataset.rb | 63 +++++++++++++ .../controls/google_bigquery_datasets.rb | 38 ++++++++ .../google_compute_ssl_certificate.rb | 2 +- .../google_compute_ssl_certificates.rb | 2 +- 13 files changed, 533 insertions(+), 3 deletions(-) create mode 100644 docs/resources/google_bigquery_dataset.md create mode 100644 docs/resources/google_bigquery_datasets.md create mode 100644 libraries/google/bigquery/property/dataset_access.rb create mode 100644 libraries/google/bigquery/property/dataset_dataset_reference.rb create mode 100644 libraries/google/bigquery/property/dataset_view.rb create mode 100644 libraries/google_bigquery_dataset.rb create mode 100644 libraries/google_bigquery_datasets.rb create mode 100644 test/integration/verify/controls/google_bigquery_dataset.rb create mode 100644 test/integration/verify/controls/google_bigquery_datasets.rb diff --git a/docs/resources/google_bigquery_dataset.md b/docs/resources/google_bigquery_dataset.md new file mode 100644 index 000000000..2da3080a9 --- /dev/null +++ b/docs/resources/google_bigquery_dataset.md @@ -0,0 +1,82 @@ +--- +title: About the google_bigquery_dataset resource +platform: gcp +--- + +## Syntax +A `google_bigquery_dataset` is used to test a Google Dataset resource + +## Examples +``` +describe google_bigquery_dataset(project: 'chef-gcp-inspec', name: 'inspec_gcp_dataset') do + it { should exist } + + its('friendly_name') { should eq 'A BigQuery dataset test' } + its('location') { should eq 'EU' } + its('description') { should eq 'Test BigQuery dataset description' } + its('default_table_expiration_ms') { should cmp '3600000' } +end + +describe.one do + google_bigquery_dataset(project: 'chef-gcp-inspec', name: 'inspec_gcp_dataset').access.each do |dataset_access| + describe dataset_access do + its('role') { should eq 'READER' } + its('domain') { should eq 'example.com' } + end + end +end + +describe.one do + google_bigquery_dataset(project: 'chef-gcp-inspec', name: 'inspec_gcp_dataset').access.each do |dataset_access| + describe dataset_access do + its('role') { should eq 'WRITER' } + its('special_group') { should eq 'projectWriters' } + end + end +end + +describe google_bigquery_dataset(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_bigquery_dataset` resource: + + * `name`: Dataset name + + * `access`: Access controls on the bucket. + + * `domain`: A domain to grant access to. Any users signed in with the domain specified will be granted the specified access + + * `groupByEmail`: An email address of a Google Group to grant access to + + * `role`: Describes the rights granted to the user specified by the other member of the access object + + * `specialGroup`: A special group to grant access to. + + * `userByEmail`: An email address of a user to grant access to. For example: fred@example.com + + * `view`: A view from a different dataset to grant access to. Queries executed against that view will have read access to tables in this dataset. The role field is not required when this field is set. If that view is updated by any user, access to the view needs to be granted again via an update operation. + + * `creation_time`: The time when this dataset was created, in milliseconds since the epoch. + + * `dataset_reference`: A reference that identifies the dataset. + + * `datasetId`: A unique ID for this dataset, without the project name. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. + + * `projectId`: The ID of the project containing this dataset. + + * `default_table_expiration_ms`: The default lifetime of all tables in the dataset, in milliseconds + + * `description`: A user-friendly description of the dataset + + * `friendly_name`: A descriptive name for the dataset + + * `id`: The fully-qualified unique name of the dataset in the format projectId:datasetId. The dataset name without the project name is given in the datasetId field + + * `labels`: The labels associated with this dataset. You can use these to organize and group your datasets + + * `last_modified_time`: The date when this dataset or any of its tables was last modified, in milliseconds since the epoch. + + * `location`: The geographic location where the dataset should reside. Possible values include EU and US. The default value is US. diff --git a/docs/resources/google_bigquery_datasets.md b/docs/resources/google_bigquery_datasets.md new file mode 100644 index 000000000..f8412c64c --- /dev/null +++ b/docs/resources/google_bigquery_datasets.md @@ -0,0 +1,30 @@ +--- +title: About the google_bigquery_datasets resource +platform: gcp +--- + +## Syntax +A `google_bigquery_datasets` is used to test a Google Dataset resource + +## Examples +``` +describe google_bigquery_datasets(project: 'chef-gcp-inspec') do + its('count') { should be >= 1 } + its('friendly_names') { should include 'A BigQuery dataset test' } + its('locations') { should include 'EU' } +end +``` + +## Properties +Properties that can be accessed from the `google_bigquery_datasets` resource: + +See [google_bigquery_dataset.md](google_bigquery_dataset.md) for more detailed information + * `dataset_references`: an array of `google_bigquery_dataset` dataset_reference + * `friendly_names`: an array of `google_bigquery_dataset` friendly_name + * `ids`: an array of `google_bigquery_dataset` id + * `labels`: an array of `google_bigquery_dataset` labels + * `locations`: an array of `google_bigquery_dataset` location + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google/bigquery/property/dataset_access.rb b/libraries/google/bigquery/property/dataset_access.rb new file mode 100644 index 000000000..9fae4cea2 --- /dev/null +++ b/libraries/google/bigquery/property/dataset_access.rb @@ -0,0 +1,53 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/bigquery/property/dataset_view' +module GoogleInSpec + module BigQuery + module Property + class DatasetAccess + attr_reader :domain + + attr_reader :group_by_email + + attr_reader :role + + attr_reader :special_group + + attr_reader :user_by_email + + attr_reader :view + + def initialize(args = nil) + return if args.nil? + @domain = args['domain'] + @group_by_email = args['groupByEmail'] + @role = args['role'] + @special_group = args['specialGroup'] + @user_by_email = args['userByEmail'] + @view = GoogleInSpec::BigQuery::Property::DatasetView.new(args['view']) + end + end + + class DatasetAccessArray + def self.parse(value) + return if value.nil? + return DatasetAccess.new(value) unless value.is_a?(::Array) + value.map { |v| DatasetAccess.new(v) } + end + end + end + end +end diff --git a/libraries/google/bigquery/property/dataset_dataset_reference.rb b/libraries/google/bigquery/property/dataset_dataset_reference.rb new file mode 100644 index 000000000..de38bcafe --- /dev/null +++ b/libraries/google/bigquery/property/dataset_dataset_reference.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class DatasetDatasetreference + attr_reader :dataset_id + + attr_reader :project_id + + def initialize(args = nil) + return if args.nil? + @dataset_id = args['datasetId'] + @project_id = args['projectId'] + end + end + end + end +end diff --git a/libraries/google/bigquery/property/dataset_view.rb b/libraries/google/bigquery/property/dataset_view.rb new file mode 100644 index 000000000..96d6023d1 --- /dev/null +++ b/libraries/google/bigquery/property/dataset_view.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class DatasetView + attr_reader :dataset_id + + attr_reader :project_id + + attr_reader :table_id + + def initialize(args = nil) + return if args.nil? + @dataset_id = args['datasetId'] + @project_id = args['projectId'] + @table_id = args['tableId'] + end + end + end + end +end diff --git a/libraries/google_bigquery_dataset.rb b/libraries/google_bigquery_dataset.rb new file mode 100644 index 000000000..57790a12f --- /dev/null +++ b/libraries/google_bigquery_dataset.rb @@ -0,0 +1,73 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +require 'google/bigquery/property/dataset_access' +require 'google/bigquery/property/dataset_dataset_reference' + +# A provider to manage Google Cloud BigQuery resources. +class Dataset < GcpResourceBase + name 'google_bigquery_dataset' + desc 'Dataset' + supports platform: 'gcp' + + attr_reader :name + attr_reader :access + attr_reader :creation_time + attr_reader :dataset_reference + attr_reader :default_table_expiration_ms + attr_reader :description + attr_reader :friendly_name + attr_reader :id + attr_reader :labels + attr_reader :last_modified_time + attr_reader :location + def base + 'https://www.googleapis.com/bigquery/v2/' + end + + def url + 'projects/{{project}}/datasets/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @name = @fetched['name'] + @access = GoogleInSpec::BigQuery::Property::DatasetAccessArray.parse(@fetched['access']) + @creation_time = @fetched['creationTime'] + @dataset_reference = GoogleInSpec::BigQuery::Property::DatasetDatasetreference.new(@fetched['datasetReference']) + @default_table_expiration_ms = @fetched['defaultTableExpirationMs'] + @description = @fetched['description'] + @friendly_name = @fetched['friendlyName'] + @id = @fetched['id'] + @labels = @fetched['labels'] + @last_modified_time = @fetched['lastModifiedTime'] + @location = @fetched['location'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_bigquery_datasets.rb b/libraries/google_bigquery_datasets.rb new file mode 100644 index 000000000..100350300 --- /dev/null +++ b/libraries/google_bigquery_datasets.rb @@ -0,0 +1,90 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class Datasets < GcpResourceBase + name 'google_bigquery_datasets' + desc 'Dataset plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:dataset_references, field: :dataset_reference) + filter_table_config.add(:friendly_names, field: :friendly_name) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:labels, field: :labels) + filter_table_config.add(:locations, field: :location) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/bigquery/v2/' + end + + def url + 'projects/{{project}}/datasets' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('datasets') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'datasetReference' => ->(obj) { return :dataset_reference, GoogleInSpec::BigQuery::Property::DatasetDatasetreference.new(obj['datasetReference']) }, + 'friendlyName' => ->(obj) { return :friendly_name, obj['friendlyName'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'labels' => ->(obj) { return :labels, obj['labels'] }, + 'location' => ->(obj) { return :location, obj['location'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index 23f803e70..17296b5c8 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -98,6 +98,10 @@ variable "ssl_certificate" { type = "map" } +variable "dataset" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -393,4 +397,23 @@ resource "google_compute_target_https_proxy" "gcp-inspec-https-proxy" { url_map = "${google_compute_url_map.gcp-inspec-url-map.self_link}" description = "${var.https_proxy["description"]}" ssl_certificates = ["${google_compute_ssl_certificate.gcp-inspec-ssl-certificate.self_link}"] +} + +resource "google_bigquery_dataset" "gcp-inspec-dataset" { + project = "${var.gcp_project_id}" + dataset_id = "${var.dataset["dataset_id"]}" + friendly_name = "${var.dataset["friendly_name"]}" + description = "${var.dataset["description"]}" + location = "${var.dataset["location"]}" + default_table_expiration_ms = "${var.dataset["default_table_expiration_ms"]}" + + access { + role = "${var.dataset["access_reader_role"]}" + domain = "${var.dataset["access_reader_domain"]}" + } + + access { + role = "${var.dataset["access_writer_role"]}" + special_group = "${var.dataset["access_writer_special_group"]}" + } } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index eb2437a4a..434d4130c 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -168,4 +168,15 @@ ssl_certificate: MHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49 AwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f OGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ== - -----END EC PRIVATE KEY----- \ No newline at end of file + -----END EC PRIVATE KEY----- + +dataset: + dataset_id: inspec_gcp_dataset + friendly_name: A BigQuery dataset test + description: Test BigQuery dataset description + location: EU + default_table_expiration_ms: 3600000 + access_reader_role: READER + access_reader_domain: example.com + access_writer_role: WRITER + access_writer_special_group: projectWriters \ No newline at end of file diff --git a/test/integration/verify/controls/google_bigquery_dataset.rb b/test/integration/verify/controls/google_bigquery_dataset.rb new file mode 100644 index 000000000..be8e94694 --- /dev/null +++ b/test/integration/verify/controls/google_bigquery_dataset.rb @@ -0,0 +1,63 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_bigquery_dataset resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +dataset = attribute('dataset', default: { + "dataset_id": "inspec_gcp_dataset", + "friendly_name": "A BigQuery dataset test", + "description": "Test BigQuery dataset description", + "location": "EU", + "default_table_expiration_ms": 3600000, + "access_reader_role": "READER", + "access_reader_domain": "example.com", + "access_writer_role": "WRITER", + "access_writer_special_group": "projectWriters" +}, description: 'BigQuery dataset definition') +control 'google_bigquery_dataset-1.0' do + impact 1.0 + title 'google_bigquery_dataset resource test' + + describe google_bigquery_dataset(project: gcp_project_id, name: dataset['dataset_id']) do + it { should exist } + + its('friendly_name') { should eq dataset['friendly_name'] } + its('location') { should eq dataset['location'] } + its('description') { should eq dataset['description'] } + its('default_table_expiration_ms') { should cmp dataset['default_table_expiration_ms'] } + end + + describe.one do + google_bigquery_dataset(project: gcp_project_id, name: dataset['dataset_id']).access.each do |dataset_access| + describe dataset_access do + its('role') { should eq dataset['access_reader_role'] } + its('domain') { should eq dataset['access_reader_domain'] } + end + end + end + + describe.one do + google_bigquery_dataset(project: gcp_project_id, name: dataset['dataset_id']).access.each do |dataset_access| + describe dataset_access do + its('role') { should eq dataset['access_writer_role'] } + its('special_group') { should eq dataset['access_writer_special_group'] } + end + end + end + + describe google_bigquery_dataset(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_bigquery_datasets.rb b/test/integration/verify/controls/google_bigquery_datasets.rb new file mode 100644 index 000000000..a7517de60 --- /dev/null +++ b/test/integration/verify/controls/google_bigquery_datasets.rb @@ -0,0 +1,38 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_bigquery_datasets resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +dataset = attribute('dataset', default: { + "dataset_id": "inspec_gcp_dataset", + "friendly_name": "A BigQuery dataset test", + "description": "Test BigQuery dataset description", + "location": "EU", + "default_table_expiration_ms": 3600000, + "access_reader_role": "READER", + "access_reader_domain": "example.com", + "access_writer_role": "WRITER", + "access_writer_special_group": "projectWriters" +}, description: 'BigQuery dataset definition') +control 'google_bigquery_datasets-1.0' do + impact 1.0 + title 'google_bigquery_datasets resource test' + + describe google_bigquery_datasets(project: gcp_project_id) do + its('count') { should be >= 1 } + its('friendly_names') { should include dataset['friendly_name'] } + its('locations') { should include dataset['location'] } + end +end diff --git a/test/integration/verify/controls/google_compute_ssl_certificate.rb b/test/integration/verify/controls/google_compute_ssl_certificate.rb index f9c8b544b..dfb45f5d7 100644 --- a/test/integration/verify/controls/google_compute_ssl_certificate.rb +++ b/test/integration/verify/controls/google_compute_ssl_certificate.rb @@ -19,7 +19,7 @@ "name": "inspec-gcp-ssl-certificate", "description": "A fake ssl certificate (DO NOT USE)", "certificate": "-----BEGIN CERTIFICATE-----\nMIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG\nEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT\nBgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm\nb3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN\nAQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2\nMDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP\nBgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM\nFUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z\naXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH\nKoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ\n4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O\nBBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn\n0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O\nM3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ\nzqGNhIPGq2ULqXKK8BY=\n-----END CERTIFICATE-----\n", - "private_key": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49\nAwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f\nOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ==\n-----END EC PRIVATE KEY-----" + "private_key": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49\nAwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f\nOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ==\n-----END EC PRIVATE KEY-----\n" }, description: 'A GCP SSL certificate definition') control 'google_compute_ssl_certificate-1.0' do impact 1.0 diff --git a/test/integration/verify/controls/google_compute_ssl_certificates.rb b/test/integration/verify/controls/google_compute_ssl_certificates.rb index 10ec90b24..2ef9bac7f 100644 --- a/test/integration/verify/controls/google_compute_ssl_certificates.rb +++ b/test/integration/verify/controls/google_compute_ssl_certificates.rb @@ -19,7 +19,7 @@ "name": "inspec-gcp-ssl-certificate", "description": "A fake ssl certificate (DO NOT USE)", "certificate": "-----BEGIN CERTIFICATE-----\nMIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG\nEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT\nBgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm\nb3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN\nAQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2\nMDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP\nBgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM\nFUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z\naXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH\nKoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ\n4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O\nBBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn\n0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O\nM3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ\nzqGNhIPGq2ULqXKK8BY=\n-----END CERTIFICATE-----\n", - "private_key": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49\nAwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f\nOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ==\n-----END EC PRIVATE KEY-----" + "private_key": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49\nAwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f\nOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ==\n-----END EC PRIVATE KEY-----\n" }, description: 'A GCP SSL certificate definition') control 'google_compute_ssl_certificates-1.0' do impact 1.0 From a3bbe4b654e05a8de4888f6c58bc324cf5e04900 Mon Sep 17 00:00:00 2001 From: Matthieu Corageoud Date: Tue, 12 Feb 2019 18:46:58 +0000 Subject: [PATCH 18/30] Retrieve SOA record using DNS zone instead of building it from record name Signed-off-by: Modular Magician --- docs/resources/google_dns_resource_record_set.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/resources/google_dns_resource_record_set.md b/docs/resources/google_dns_resource_record_set.md index 4517c7769..13694d007 100644 --- a/docs/resources/google_dns_resource_record_set.md +++ b/docs/resources/google_dns_resource_record_set.md @@ -28,4 +28,4 @@ Properties that can be accessed from the `google_dns_resource_record_set` resour * `target`: As defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1) - * `managed_zone`: Identifies the managed zone addressed by this request. Can be the managed zone name or id. + * `managed_zone`: Identifies the managed zone addressed by this request. From ac3d1fde420348f58d587024fc8e0ebc72e37e0e Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Wed, 13 Feb 2019 00:35:24 +0000 Subject: [PATCH 19/30] Inspec nested refactor Signed-off-by: Modular Magician --- docs/resources/google_bigquery_dataset.md | 9 --- .../bigquery/property/dataset_access.rb | 4 +- .../bigquery/property/dataset_access_view.rb | 35 ++++++++++ .../property/dataset_dataset_reference.rb | 2 +- .../cloudbuild/property/trigger_build.rb | 4 +- .../property/trigger_build_steps.rb | 40 +++++++++++ .../property/trigger_trigger_template.rb | 2 +- .../property/autoscaler_autoscaling_policy.rb | 14 ++-- ...aler_autoscaling_policy_cpu_utilization.rb | 29 ++++++++ ...aling_policy_custom_metric_utilizations.rb | 43 ++++++++++++ ...aling_policy_load_balancing_utilization.rb | 29 ++++++++ .../property/backendservice_cdn_policy.rb | 6 +- ...kendservice_cdn_policy_cache_key_policy.rb | 41 ++++++++++++ .../backendservice_connection_draining.rb | 2 +- .../property/disk_disk_encryption_key.rb | 2 +- .../disk_source_image_encryption_key.rb | 2 +- .../disk_source_snapshot_encryption_key.rb | 2 +- .../property/healthcheck_http_health_check.rb | 2 +- .../healthcheck_https_health_check.rb | 2 +- .../property/healthcheck_ssl_health_check.rb | 2 +- .../property/healthcheck_tcp_health_check.rb | 2 +- .../instancegroupmanager_current_actions.rb | 2 +- .../instancegroupmanager_named_ports.rb | 8 +-- .../property/instancetemplate_properties.rb | 24 +++---- .../instancetemplate_properties_disks.rb | 67 +++++++++++++++++++ ...te_properties_disks_disk_encryption_key.rb | 35 ++++++++++ ...late_properties_disks_initialize_params.rb | 42 ++++++++++++ ...lize_params_source_image_encryption_key.rb | 32 +++++++++ ...etemplate_properties_guest_accelerators.rb | 40 +++++++++++ ...etemplate_properties_network_interfaces.rb | 54 +++++++++++++++ ...rties_network_interfaces_access_configs.rb | 43 ++++++++++++ ...ties_network_interfaces_alias_ip_ranges.rb | 40 +++++++++++ .../instancetemplate_properties_scheduling.rb | 35 ++++++++++ ...ncetemplate_properties_service_accounts.rb | 40 +++++++++++ .../instancetemplate_properties_tags.rb | 32 +++++++++ .../google/compute/property/router_bgp.rb | 4 +- .../router_bgp_advertised_ip_ranges.rb | 40 +++++++++++ .../snapshot_snapshot_encryption_key.rb | 2 +- .../snapshot_source_disk_encryption_key.rb | 2 +- .../compute/property/urlmap_host_rules.rb | 8 +-- .../compute/property/urlmap_path_matchers.rb | 12 ++-- .../urlmap_path_matchers_path_rules.rb | 40 +++++++++++ .../property/regionalcluster_addons_config.rb | 10 +-- ...ddons_config_horizontal_pod_autoscaling.rb | 29 ++++++++ ...uster_addons_config_http_load_balancing.rb | 29 ++++++++ .../property/regionalcluster_master_auth.rb | 2 +- .../property/regionalcluster_node_config.rb | 2 +- .../property/subscription_push_config.rb | 2 +- libraries/google_bigquery_dataset.rb | 2 +- libraries/google_bigquery_datasets.rb | 2 +- libraries/google_cloudbuild_trigger.rb | 4 +- libraries/google_cloudbuild_triggers.rb | 2 +- libraries/google_compute_autoscaler.rb | 8 +-- libraries/google_compute_autoscalers.rb | 2 +- libraries/google_compute_backend_service.rb | 6 +- libraries/google_compute_backend_services.rb | 4 +- libraries/google_compute_disk.rb | 6 +- libraries/google_compute_disks.rb | 6 +- libraries/google_compute_health_check.rb | 8 +-- libraries/google_compute_health_checks.rb | 8 +-- .../google_compute_instance_group_manager.rb | 4 +- .../google_compute_instance_group_managers.rb | 4 +- libraries/google_compute_instance_template.rb | 12 ++-- libraries/google_compute_router.rb | 2 +- libraries/google_compute_snapshot.rb | 4 +- libraries/google_compute_snapshots.rb | 4 +- libraries/google_compute_url_map.rb | 4 +- libraries/google_compute_url_maps.rb | 4 +- .../google_container_regional_cluster.rb | 10 +-- .../google_container_regional_clusters.rb | 6 +- libraries/google_pubsub_subscription.rb | 2 +- libraries/google_pubsub_subscriptions.rb | 2 +- test/integration/build/gcp-mm.tf | 25 +++++-- .../configuration/mm-attributes.yml | 10 ++- .../controls/google_bigquery_dataset.rb | 11 --- .../controls/google_bigquery_datasets.rb | 2 - 76 files changed, 964 insertions(+), 150 deletions(-) create mode 100644 libraries/google/bigquery/property/dataset_access_view.rb create mode 100644 libraries/google/cloudbuild/property/trigger_build_steps.rb create mode 100644 libraries/google/compute/property/autoscaler_autoscaling_policy_cpu_utilization.rb create mode 100644 libraries/google/compute/property/autoscaler_autoscaling_policy_custom_metric_utilizations.rb create mode 100644 libraries/google/compute/property/autoscaler_autoscaling_policy_load_balancing_utilization.rb create mode 100644 libraries/google/compute/property/backendservice_cdn_policy_cache_key_policy.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties_disks.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties_disks_disk_encryption_key.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties_disks_initialize_params.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties_disks_initialize_params_source_image_encryption_key.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties_guest_accelerators.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties_network_interfaces.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties_network_interfaces_access_configs.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties_network_interfaces_alias_ip_ranges.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties_scheduling.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties_service_accounts.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties_tags.rb create mode 100644 libraries/google/compute/property/router_bgp_advertised_ip_ranges.rb create mode 100644 libraries/google/compute/property/urlmap_path_matchers_path_rules.rb create mode 100644 libraries/google/container/property/regionalcluster_addons_config_horizontal_pod_autoscaling.rb create mode 100644 libraries/google/container/property/regionalcluster_addons_config_http_load_balancing.rb diff --git a/docs/resources/google_bigquery_dataset.md b/docs/resources/google_bigquery_dataset.md index 2da3080a9..769dc9462 100644 --- a/docs/resources/google_bigquery_dataset.md +++ b/docs/resources/google_bigquery_dataset.md @@ -17,15 +17,6 @@ describe google_bigquery_dataset(project: 'chef-gcp-inspec', name: 'inspec_gcp_d its('default_table_expiration_ms') { should cmp '3600000' } end -describe.one do - google_bigquery_dataset(project: 'chef-gcp-inspec', name: 'inspec_gcp_dataset').access.each do |dataset_access| - describe dataset_access do - its('role') { should eq 'READER' } - its('domain') { should eq 'example.com' } - end - end -end - describe.one do google_bigquery_dataset(project: 'chef-gcp-inspec', name: 'inspec_gcp_dataset').access.each do |dataset_access| describe dataset_access do diff --git a/libraries/google/bigquery/property/dataset_access.rb b/libraries/google/bigquery/property/dataset_access.rb index 9fae4cea2..7a61630b3 100644 --- a/libraries/google/bigquery/property/dataset_access.rb +++ b/libraries/google/bigquery/property/dataset_access.rb @@ -13,7 +13,7 @@ # CONTRIBUTING.md located at the root of this package. # # ---------------------------------------------------------------------------- -require 'google/bigquery/property/dataset_view' +require 'google/bigquery/property/dataset_access_view' module GoogleInSpec module BigQuery module Property @@ -37,7 +37,7 @@ def initialize(args = nil) @role = args['role'] @special_group = args['specialGroup'] @user_by_email = args['userByEmail'] - @view = GoogleInSpec::BigQuery::Property::DatasetView.new(args['view']) + @view = GoogleInSpec::BigQuery::Property::DatasetAccessView.new(args['view']) end end diff --git a/libraries/google/bigquery/property/dataset_access_view.rb b/libraries/google/bigquery/property/dataset_access_view.rb new file mode 100644 index 000000000..2f75ba004 --- /dev/null +++ b/libraries/google/bigquery/property/dataset_access_view.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class DatasetAccessView + attr_reader :dataset_id + + attr_reader :project_id + + attr_reader :table_id + + def initialize(args = nil) + return if args.nil? + @dataset_id = args['datasetId'] + @project_id = args['projectId'] + @table_id = args['tableId'] + end + end + end + end +end diff --git a/libraries/google/bigquery/property/dataset_dataset_reference.rb b/libraries/google/bigquery/property/dataset_dataset_reference.rb index de38bcafe..3c9105393 100644 --- a/libraries/google/bigquery/property/dataset_dataset_reference.rb +++ b/libraries/google/bigquery/property/dataset_dataset_reference.rb @@ -16,7 +16,7 @@ module GoogleInSpec module BigQuery module Property - class DatasetDatasetreference + class DatasetDatasetReference attr_reader :dataset_id attr_reader :project_id diff --git a/libraries/google/cloudbuild/property/trigger_build.rb b/libraries/google/cloudbuild/property/trigger_build.rb index fc6e838af..4cc7e74a3 100644 --- a/libraries/google/cloudbuild/property/trigger_build.rb +++ b/libraries/google/cloudbuild/property/trigger_build.rb @@ -13,7 +13,7 @@ # CONTRIBUTING.md located at the root of this package. # # ---------------------------------------------------------------------------- -require 'google/cloudbuild/property/trigger_steps' +require 'google/cloudbuild/property/trigger_build_steps' module GoogleInSpec module CloudBuild module Property @@ -28,7 +28,7 @@ def initialize(args = nil) return if args.nil? @tags = args['tags'] @images = args['images'] - @steps = GoogleInSpec::CloudBuild::Property::TriggerStepsArray.parse(args['steps']) + @steps = GoogleInSpec::CloudBuild::Property::TriggerBuildStepsArray.parse(args['steps']) end end end diff --git a/libraries/google/cloudbuild/property/trigger_build_steps.rb b/libraries/google/cloudbuild/property/trigger_build_steps.rb new file mode 100644 index 000000000..9a1a9625e --- /dev/null +++ b/libraries/google/cloudbuild/property/trigger_build_steps.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module CloudBuild + module Property + class TriggerBuildSteps + attr_reader :name + + attr_reader :args + + def initialize(args = nil) + return if args.nil? + @name = args['name'] + @args = args['args'] + end + end + + class TriggerBuildStepsArray + def self.parse(value) + return if value.nil? + return TriggerBuildSteps.new(value) unless value.is_a?(::Array) + value.map { |v| TriggerBuildSteps.new(v) } + end + end + end + end +end diff --git a/libraries/google/cloudbuild/property/trigger_trigger_template.rb b/libraries/google/cloudbuild/property/trigger_trigger_template.rb index af219c92f..fdd7febd1 100644 --- a/libraries/google/cloudbuild/property/trigger_trigger_template.rb +++ b/libraries/google/cloudbuild/property/trigger_trigger_template.rb @@ -16,7 +16,7 @@ module GoogleInSpec module CloudBuild module Property - class TriggerTriggertemplate + class TriggerTriggerTemplate attr_reader :project_id attr_reader :repo_name diff --git a/libraries/google/compute/property/autoscaler_autoscaling_policy.rb b/libraries/google/compute/property/autoscaler_autoscaling_policy.rb index a7e0f9bb2..05011caed 100644 --- a/libraries/google/compute/property/autoscaler_autoscaling_policy.rb +++ b/libraries/google/compute/property/autoscaler_autoscaling_policy.rb @@ -13,13 +13,13 @@ # CONTRIBUTING.md located at the root of this package. # # ---------------------------------------------------------------------------- -require 'google/compute/property/autoscaler_cpu_utilization' -require 'google/compute/property/autoscaler_custom_metric_utilizations' -require 'google/compute/property/autoscaler_load_balancing_utilization' +require 'google/compute/property/autoscaler_autoscaling_policy_cpu_utilization' +require 'google/compute/property/autoscaler_autoscaling_policy_custom_metric_utilizations' +require 'google/compute/property/autoscaler_autoscaling_policy_load_balancing_utilization' module GoogleInSpec module Compute module Property - class AutoscalerAutoscalingpolicy + class AutoscalerAutoscalingPolicy attr_reader :min_num_replicas attr_reader :max_num_replicas @@ -37,9 +37,9 @@ def initialize(args = nil) @min_num_replicas = args['minNumReplicas'] @max_num_replicas = args['maxNumReplicas'] @cool_down_period_sec = args['coolDownPeriodSec'] - @cpu_utilization = GoogleInSpec::Compute::Property::AutoscalerCpuutilization.new(args['cpuUtilization']) - @custom_metric_utilizations = GoogleInSpec::Compute::Property::AutoscalerCustommetricutilizationsArray.parse(args['customMetricUtilizations']) - @load_balancing_utilization = GoogleInSpec::Compute::Property::AutoscalerLoadbalancingutilization.new(args['loadBalancingUtilization']) + @cpu_utilization = GoogleInSpec::Compute::Property::AutoscalerAutoscalingPolicyCpuUtilization.new(args['cpuUtilization']) + @custom_metric_utilizations = GoogleInSpec::Compute::Property::AutoscalerAutoscalingPolicyCustomMetricUtilizationsArray.parse(args['customMetricUtilizations']) + @load_balancing_utilization = GoogleInSpec::Compute::Property::AutoscalerAutoscalingPolicyLoadBalancingUtilization.new(args['loadBalancingUtilization']) end end end diff --git a/libraries/google/compute/property/autoscaler_autoscaling_policy_cpu_utilization.rb b/libraries/google/compute/property/autoscaler_autoscaling_policy_cpu_utilization.rb new file mode 100644 index 000000000..e365a8d06 --- /dev/null +++ b/libraries/google/compute/property/autoscaler_autoscaling_policy_cpu_utilization.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class AutoscalerAutoscalingPolicyCpuUtilization + attr_reader :utilization_target + + def initialize(args = nil) + return if args.nil? + @utilization_target = args['utilizationTarget'] + end + end + end + end +end diff --git a/libraries/google/compute/property/autoscaler_autoscaling_policy_custom_metric_utilizations.rb b/libraries/google/compute/property/autoscaler_autoscaling_policy_custom_metric_utilizations.rb new file mode 100644 index 000000000..4bb514986 --- /dev/null +++ b/libraries/google/compute/property/autoscaler_autoscaling_policy_custom_metric_utilizations.rb @@ -0,0 +1,43 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class AutoscalerAutoscalingPolicyCustomMetricUtilizations + attr_reader :metric + + attr_reader :utilization_target + + attr_reader :utilization_target_type + + def initialize(args = nil) + return if args.nil? + @metric = args['metric'] + @utilization_target = args['utilizationTarget'] + @utilization_target_type = args['utilizationTargetType'] + end + end + + class AutoscalerAutoscalingPolicyCustomMetricUtilizationsArray + def self.parse(value) + return if value.nil? + return AutoscalerAutoscalingPolicyCustomMetricUtilizations.new(value) unless value.is_a?(::Array) + value.map { |v| AutoscalerAutoscalingPolicyCustomMetricUtilizations.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/autoscaler_autoscaling_policy_load_balancing_utilization.rb b/libraries/google/compute/property/autoscaler_autoscaling_policy_load_balancing_utilization.rb new file mode 100644 index 000000000..89be33703 --- /dev/null +++ b/libraries/google/compute/property/autoscaler_autoscaling_policy_load_balancing_utilization.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class AutoscalerAutoscalingPolicyLoadBalancingUtilization + attr_reader :utilization_target + + def initialize(args = nil) + return if args.nil? + @utilization_target = args['utilizationTarget'] + end + end + end + end +end diff --git a/libraries/google/compute/property/backendservice_cdn_policy.rb b/libraries/google/compute/property/backendservice_cdn_policy.rb index f83d99d09..bdeb1d573 100644 --- a/libraries/google/compute/property/backendservice_cdn_policy.rb +++ b/libraries/google/compute/property/backendservice_cdn_policy.rb @@ -13,16 +13,16 @@ # CONTRIBUTING.md located at the root of this package. # # ---------------------------------------------------------------------------- -require 'google/compute/property/backendservice_cache_key_policy' +require 'google/compute/property/backendservice_cdn_policy_cache_key_policy' module GoogleInSpec module Compute module Property - class BackendServiceCdnpolicy + class BackendServiceCdnPolicy attr_reader :cache_key_policy def initialize(args = nil) return if args.nil? - @cache_key_policy = GoogleInSpec::Compute::Property::BackendServiceCachekeypolicy.new(args['cacheKeyPolicy']) + @cache_key_policy = GoogleInSpec::Compute::Property::BackendServiceCdnPolicyCacheKeyPolicy.new(args['cacheKeyPolicy']) end end end diff --git a/libraries/google/compute/property/backendservice_cdn_policy_cache_key_policy.rb b/libraries/google/compute/property/backendservice_cdn_policy_cache_key_policy.rb new file mode 100644 index 000000000..99ff75afc --- /dev/null +++ b/libraries/google/compute/property/backendservice_cdn_policy_cache_key_policy.rb @@ -0,0 +1,41 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class BackendServiceCdnPolicyCacheKeyPolicy + attr_reader :include_host + + attr_reader :include_protocol + + attr_reader :include_query_string + + attr_reader :query_string_blacklist + + attr_reader :query_string_whitelist + + def initialize(args = nil) + return if args.nil? + @include_host = args['includeHost'] + @include_protocol = args['includeProtocol'] + @include_query_string = args['includeQueryString'] + @query_string_blacklist = args['queryStringBlacklist'] + @query_string_whitelist = args['queryStringWhitelist'] + end + end + end + end +end diff --git a/libraries/google/compute/property/backendservice_connection_draining.rb b/libraries/google/compute/property/backendservice_connection_draining.rb index 773c2297e..4e9fa9ac6 100644 --- a/libraries/google/compute/property/backendservice_connection_draining.rb +++ b/libraries/google/compute/property/backendservice_connection_draining.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class BackendServiceConnectiondraining + class BackendServiceConnectionDraining attr_reader :draining_timeout_sec def initialize(args = nil) diff --git a/libraries/google/compute/property/disk_disk_encryption_key.rb b/libraries/google/compute/property/disk_disk_encryption_key.rb index 1ecbecdbd..be114da0c 100644 --- a/libraries/google/compute/property/disk_disk_encryption_key.rb +++ b/libraries/google/compute/property/disk_disk_encryption_key.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class DiskDiskencryptionkey + class DiskDiskEncryptionKey attr_reader :raw_key attr_reader :sha256 diff --git a/libraries/google/compute/property/disk_source_image_encryption_key.rb b/libraries/google/compute/property/disk_source_image_encryption_key.rb index 94a627cc3..3eceba6ee 100644 --- a/libraries/google/compute/property/disk_source_image_encryption_key.rb +++ b/libraries/google/compute/property/disk_source_image_encryption_key.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class DiskSourceimageencryptionkey + class DiskSourceImageEncryptionKey attr_reader :raw_key attr_reader :sha256 diff --git a/libraries/google/compute/property/disk_source_snapshot_encryption_key.rb b/libraries/google/compute/property/disk_source_snapshot_encryption_key.rb index 1c447719b..3ffd8ccbc 100644 --- a/libraries/google/compute/property/disk_source_snapshot_encryption_key.rb +++ b/libraries/google/compute/property/disk_source_snapshot_encryption_key.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class DiskSourcesnapshotencryptionkey + class DiskSourceSnapshotEncryptionKey attr_reader :raw_key attr_reader :kms_key_name diff --git a/libraries/google/compute/property/healthcheck_http_health_check.rb b/libraries/google/compute/property/healthcheck_http_health_check.rb index c90d392ea..8a6cd6c5d 100644 --- a/libraries/google/compute/property/healthcheck_http_health_check.rb +++ b/libraries/google/compute/property/healthcheck_http_health_check.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class HealthCheckHttphealthcheck + class HealthCheckHttpHealthCheck attr_reader :host attr_reader :request_path diff --git a/libraries/google/compute/property/healthcheck_https_health_check.rb b/libraries/google/compute/property/healthcheck_https_health_check.rb index 3b88901ba..3cab46ee3 100644 --- a/libraries/google/compute/property/healthcheck_https_health_check.rb +++ b/libraries/google/compute/property/healthcheck_https_health_check.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class HealthCheckHttpshealthcheck + class HealthCheckHttpsHealthCheck attr_reader :host attr_reader :request_path diff --git a/libraries/google/compute/property/healthcheck_ssl_health_check.rb b/libraries/google/compute/property/healthcheck_ssl_health_check.rb index f4c11d938..61a56fff8 100644 --- a/libraries/google/compute/property/healthcheck_ssl_health_check.rb +++ b/libraries/google/compute/property/healthcheck_ssl_health_check.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class HealthCheckSslhealthcheck + class HealthCheckSslHealthCheck attr_reader :request attr_reader :response diff --git a/libraries/google/compute/property/healthcheck_tcp_health_check.rb b/libraries/google/compute/property/healthcheck_tcp_health_check.rb index 85e6e8165..53e4a788e 100644 --- a/libraries/google/compute/property/healthcheck_tcp_health_check.rb +++ b/libraries/google/compute/property/healthcheck_tcp_health_check.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class HealthCheckTcphealthcheck + class HealthCheckTcpHealthCheck attr_reader :request attr_reader :response diff --git a/libraries/google/compute/property/instancegroupmanager_current_actions.rb b/libraries/google/compute/property/instancegroupmanager_current_actions.rb index ccc007063..12f0057a8 100644 --- a/libraries/google/compute/property/instancegroupmanager_current_actions.rb +++ b/libraries/google/compute/property/instancegroupmanager_current_actions.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class InstanceGroupManagerCurrentactions + class InstanceGroupManagerCurrentActions attr_reader :abandoning attr_reader :creating diff --git a/libraries/google/compute/property/instancegroupmanager_named_ports.rb b/libraries/google/compute/property/instancegroupmanager_named_ports.rb index a1c123548..7873ea742 100644 --- a/libraries/google/compute/property/instancegroupmanager_named_ports.rb +++ b/libraries/google/compute/property/instancegroupmanager_named_ports.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class InstanceGroupManagerNamedports + class InstanceGroupManagerNamedPorts attr_reader :name attr_reader :port @@ -28,11 +28,11 @@ def initialize(args = nil) end end - class InstanceGroupManagerNamedportsArray + class InstanceGroupManagerNamedPortsArray def self.parse(value) return if value.nil? - return InstanceGroupManagerNamedports.new(value) unless value.is_a?(::Array) - value.map { |v| InstanceGroupManagerNamedports.new(v) } + return InstanceGroupManagerNamedPorts.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceGroupManagerNamedPorts.new(v) } end end end diff --git a/libraries/google/compute/property/instancetemplate_properties.rb b/libraries/google/compute/property/instancetemplate_properties.rb index c3b637ff1..d5bb51c1f 100644 --- a/libraries/google/compute/property/instancetemplate_properties.rb +++ b/libraries/google/compute/property/instancetemplate_properties.rb @@ -13,12 +13,12 @@ # CONTRIBUTING.md located at the root of this package. # # ---------------------------------------------------------------------------- -require 'google/compute/property/instancetemplate_disks' -require 'google/compute/property/instancetemplate_guest_accelerators' -require 'google/compute/property/instancetemplate_network_interfaces' -require 'google/compute/property/instancetemplate_scheduling' -require 'google/compute/property/instancetemplate_service_accounts' -require 'google/compute/property/instancetemplate_tags' +require 'google/compute/property/instancetemplate_properties_disks' +require 'google/compute/property/instancetemplate_properties_guest_accelerators' +require 'google/compute/property/instancetemplate_properties_network_interfaces' +require 'google/compute/property/instancetemplate_properties_scheduling' +require 'google/compute/property/instancetemplate_properties_service_accounts' +require 'google/compute/property/instancetemplate_properties_tags' module GoogleInSpec module Compute module Property @@ -49,15 +49,15 @@ def initialize(args = nil) return if args.nil? @can_ip_forward = args['canIpForward'] @description = args['description'] - @disks = GoogleInSpec::Compute::Property::InstanceTemplateDisksArray.parse(args['disks']) + @disks = GoogleInSpec::Compute::Property::InstanceTemplatePropertiesDisksArray.parse(args['disks']) @machine_type = args['machineType'] @min_cpu_platform = args['minCpuPlatform'] @metadata = args['metadata'] - @guest_accelerators = GoogleInSpec::Compute::Property::InstanceTemplateGuestacceleratorsArray.parse(args['guestAccelerators']) - @network_interfaces = GoogleInSpec::Compute::Property::InstanceTemplateNetworkinterfacesArray.parse(args['networkInterfaces']) - @scheduling = GoogleInSpec::Compute::Property::InstanceTemplateScheduling.new(args['scheduling']) - @service_accounts = GoogleInSpec::Compute::Property::InstanceTemplateServiceaccountsArray.parse(args['serviceAccounts']) - @tags = GoogleInSpec::Compute::Property::InstanceTemplateTags.new(args['tags']) + @guest_accelerators = GoogleInSpec::Compute::Property::InstanceTemplatePropertiesGuestAcceleratorsArray.parse(args['guestAccelerators']) + @network_interfaces = GoogleInSpec::Compute::Property::InstanceTemplatePropertiesNetworkInterfacesArray.parse(args['networkInterfaces']) + @scheduling = GoogleInSpec::Compute::Property::InstanceTemplatePropertiesScheduling.new(args['scheduling']) + @service_accounts = GoogleInSpec::Compute::Property::InstanceTemplatePropertiesServiceAccountsArray.parse(args['serviceAccounts']) + @tags = GoogleInSpec::Compute::Property::InstanceTemplatePropertiesTags.new(args['tags']) end end end diff --git a/libraries/google/compute/property/instancetemplate_properties_disks.rb b/libraries/google/compute/property/instancetemplate_properties_disks.rb new file mode 100644 index 000000000..f939d3ffa --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties_disks.rb @@ -0,0 +1,67 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/instancetemplate_properties_disks_disk_encryption_key' +require 'google/compute/property/instancetemplate_properties_disks_initialize_params' +require 'google/compute/property/instancetemplate_properties_disks_initialize_params_source_image_encryption_key' +module GoogleInSpec + module Compute + module Property + class InstanceTemplatePropertiesDisks + attr_reader :auto_delete + + attr_reader :boot + + attr_reader :device_name + + attr_reader :disk_encryption_key + + attr_reader :index + + attr_reader :initialize_params + + attr_reader :interface + + attr_reader :mode + + attr_reader :source + + attr_reader :type + + def initialize(args = nil) + return if args.nil? + @auto_delete = args['autoDelete'] + @boot = args['boot'] + @device_name = args['deviceName'] + @disk_encryption_key = GoogleInSpec::Compute::Property::InstanceTemplatePropertiesDisksDiskEncryptionKey.new(args['diskEncryptionKey']) + @index = args['index'] + @initialize_params = GoogleInSpec::Compute::Property::InstanceTemplatePropertiesDisksInitializeParams.new(args['initializeParams']) + @interface = args['interface'] + @mode = args['mode'] + @source = args['source'] + @type = args['type'] + end + end + + class InstanceTemplatePropertiesDisksArray + def self.parse(value) + return if value.nil? + return InstanceTemplatePropertiesDisks.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplatePropertiesDisks.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_properties_disks_disk_encryption_key.rb b/libraries/google/compute/property/instancetemplate_properties_disks_disk_encryption_key.rb new file mode 100644 index 000000000..6eedb60d1 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties_disks_disk_encryption_key.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplatePropertiesDisksDiskEncryptionKey + attr_reader :raw_key + + attr_reader :rsa_encrypted_key + + attr_reader :sha256 + + def initialize(args = nil) + return if args.nil? + @raw_key = args['rawKey'] + @rsa_encrypted_key = args['rsaEncryptedKey'] + @sha256 = args['sha256'] + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_properties_disks_initialize_params.rb b/libraries/google/compute/property/instancetemplate_properties_disks_initialize_params.rb new file mode 100644 index 000000000..a0ce90f1f --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties_disks_initialize_params.rb @@ -0,0 +1,42 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/instancetemplate_properties_disks_initialize_params_source_image_encryption_key' +module GoogleInSpec + module Compute + module Property + class InstanceTemplatePropertiesDisksInitializeParams + attr_reader :disk_name + + attr_reader :disk_size_gb + + attr_reader :disk_type + + attr_reader :source_image + + attr_reader :source_image_encryption_key + + def initialize(args = nil) + return if args.nil? + @disk_name = args['diskName'] + @disk_size_gb = args['diskSizeGb'] + @disk_type = args['diskType'] + @source_image = args['sourceImage'] + @source_image_encryption_key = GoogleInSpec::Compute::Property::InstanceTemplatePropertiesDisksInitializeParamsSourceImageEncryptionKey.new(args['sourceImageEncryptionKey']) + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_properties_disks_initialize_params_source_image_encryption_key.rb b/libraries/google/compute/property/instancetemplate_properties_disks_initialize_params_source_image_encryption_key.rb new file mode 100644 index 000000000..3b2aeee8f --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties_disks_initialize_params_source_image_encryption_key.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplatePropertiesDisksInitializeParamsSourceImageEncryptionKey + attr_reader :raw_key + + attr_reader :sha256 + + def initialize(args = nil) + return if args.nil? + @raw_key = args['rawKey'] + @sha256 = args['sha256'] + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_properties_guest_accelerators.rb b/libraries/google/compute/property/instancetemplate_properties_guest_accelerators.rb new file mode 100644 index 000000000..7d9c31795 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties_guest_accelerators.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplatePropertiesGuestAccelerators + attr_reader :accelerator_count + + attr_reader :accelerator_type + + def initialize(args = nil) + return if args.nil? + @accelerator_count = args['acceleratorCount'] + @accelerator_type = args['acceleratorType'] + end + end + + class InstanceTemplatePropertiesGuestAcceleratorsArray + def self.parse(value) + return if value.nil? + return InstanceTemplatePropertiesGuestAccelerators.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplatePropertiesGuestAccelerators.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_properties_network_interfaces.rb b/libraries/google/compute/property/instancetemplate_properties_network_interfaces.rb new file mode 100644 index 000000000..f00f46dae --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties_network_interfaces.rb @@ -0,0 +1,54 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/instancetemplate_properties_network_interfaces_access_configs' +require 'google/compute/property/instancetemplate_properties_network_interfaces_alias_ip_ranges' +module GoogleInSpec + module Compute + module Property + class InstanceTemplatePropertiesNetworkInterfaces + attr_reader :access_configs + + attr_reader :alias_ip_ranges + + attr_reader :name + + attr_reader :network + + attr_reader :network_ip + + attr_reader :subnetwork + + def initialize(args = nil) + return if args.nil? + @access_configs = GoogleInSpec::Compute::Property::InstanceTemplatePropertiesNetworkInterfacesAccessConfigsArray.parse(args['accessConfigs']) + @alias_ip_ranges = GoogleInSpec::Compute::Property::InstanceTemplatePropertiesNetworkInterfacesAliasIpRangesArray.parse(args['aliasIpRanges']) + @name = args['name'] + @network = args['network'] + @network_ip = args['networkIP'] + @subnetwork = args['subnetwork'] + end + end + + class InstanceTemplatePropertiesNetworkInterfacesArray + def self.parse(value) + return if value.nil? + return InstanceTemplatePropertiesNetworkInterfaces.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplatePropertiesNetworkInterfaces.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_properties_network_interfaces_access_configs.rb b/libraries/google/compute/property/instancetemplate_properties_network_interfaces_access_configs.rb new file mode 100644 index 000000000..89c6c394d --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties_network_interfaces_access_configs.rb @@ -0,0 +1,43 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplatePropertiesNetworkInterfacesAccessConfigs + attr_reader :name + + attr_reader :nat_ip + + attr_reader :type + + def initialize(args = nil) + return if args.nil? + @name = args['name'] + @nat_ip = args['natIP'] + @type = args['type'] + end + end + + class InstanceTemplatePropertiesNetworkInterfacesAccessConfigsArray + def self.parse(value) + return if value.nil? + return InstanceTemplatePropertiesNetworkInterfacesAccessConfigs.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplatePropertiesNetworkInterfacesAccessConfigs.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_properties_network_interfaces_alias_ip_ranges.rb b/libraries/google/compute/property/instancetemplate_properties_network_interfaces_alias_ip_ranges.rb new file mode 100644 index 000000000..1fdaad384 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties_network_interfaces_alias_ip_ranges.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplatePropertiesNetworkInterfacesAliasIpRanges + attr_reader :ip_cidr_range + + attr_reader :subnetwork_range_name + + def initialize(args = nil) + return if args.nil? + @ip_cidr_range = args['ipCidrRange'] + @subnetwork_range_name = args['subnetworkRangeName'] + end + end + + class InstanceTemplatePropertiesNetworkInterfacesAliasIpRangesArray + def self.parse(value) + return if value.nil? + return InstanceTemplatePropertiesNetworkInterfacesAliasIpRanges.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplatePropertiesNetworkInterfacesAliasIpRanges.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_properties_scheduling.rb b/libraries/google/compute/property/instancetemplate_properties_scheduling.rb new file mode 100644 index 000000000..78eeb5591 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties_scheduling.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplatePropertiesScheduling + attr_reader :automatic_restart + + attr_reader :on_host_maintenance + + attr_reader :preemptible + + def initialize(args = nil) + return if args.nil? + @automatic_restart = args['automaticRestart'] + @on_host_maintenance = args['onHostMaintenance'] + @preemptible = args['preemptible'] + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_properties_service_accounts.rb b/libraries/google/compute/property/instancetemplate_properties_service_accounts.rb new file mode 100644 index 000000000..ec7ba2f3b --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties_service_accounts.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplatePropertiesServiceAccounts + attr_reader :email + + attr_reader :scopes + + def initialize(args = nil) + return if args.nil? + @email = args['email'] + @scopes = args['scopes'] + end + end + + class InstanceTemplatePropertiesServiceAccountsArray + def self.parse(value) + return if value.nil? + return InstanceTemplatePropertiesServiceAccounts.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplatePropertiesServiceAccounts.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_properties_tags.rb b/libraries/google/compute/property/instancetemplate_properties_tags.rb new file mode 100644 index 000000000..43da87494 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties_tags.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplatePropertiesTags + attr_reader :fingerprint + + attr_reader :items + + def initialize(args = nil) + return if args.nil? + @fingerprint = args['fingerprint'] + @items = args['items'] + end + end + end + end +end diff --git a/libraries/google/compute/property/router_bgp.rb b/libraries/google/compute/property/router_bgp.rb index 54a34ab73..b650dd1cf 100644 --- a/libraries/google/compute/property/router_bgp.rb +++ b/libraries/google/compute/property/router_bgp.rb @@ -13,7 +13,7 @@ # CONTRIBUTING.md located at the root of this package. # # ---------------------------------------------------------------------------- -require 'google/compute/property/router_advertised_ip_ranges' +require 'google/compute/property/router_bgp_advertised_ip_ranges' module GoogleInSpec module Compute module Property @@ -31,7 +31,7 @@ def initialize(args = nil) @asn = args['asn'] @advertise_mode = args['advertiseMode'] @advertised_groups = args['advertisedGroups'] - @advertised_ip_ranges = GoogleInSpec::Compute::Property::RouterAdvertisediprangesArray.parse(args['advertisedIpRanges']) + @advertised_ip_ranges = GoogleInSpec::Compute::Property::RouterBgpAdvertisedIpRangesArray.parse(args['advertisedIpRanges']) end end end diff --git a/libraries/google/compute/property/router_bgp_advertised_ip_ranges.rb b/libraries/google/compute/property/router_bgp_advertised_ip_ranges.rb new file mode 100644 index 000000000..7a9740de5 --- /dev/null +++ b/libraries/google/compute/property/router_bgp_advertised_ip_ranges.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class RouterBgpAdvertisedIpRanges + attr_reader :range + + attr_reader :description + + def initialize(args = nil) + return if args.nil? + @range = args['range'] + @description = args['description'] + end + end + + class RouterBgpAdvertisedIpRangesArray + def self.parse(value) + return if value.nil? + return RouterBgpAdvertisedIpRanges.new(value) unless value.is_a?(::Array) + value.map { |v| RouterBgpAdvertisedIpRanges.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/snapshot_snapshot_encryption_key.rb b/libraries/google/compute/property/snapshot_snapshot_encryption_key.rb index 20b236be0..914cdb500 100644 --- a/libraries/google/compute/property/snapshot_snapshot_encryption_key.rb +++ b/libraries/google/compute/property/snapshot_snapshot_encryption_key.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class SnapshotSnapshotencryptionkey + class SnapshotSnapshotEncryptionKey attr_reader :raw_key attr_reader :sha256 diff --git a/libraries/google/compute/property/snapshot_source_disk_encryption_key.rb b/libraries/google/compute/property/snapshot_source_disk_encryption_key.rb index c6e803cc3..0dcef7a97 100644 --- a/libraries/google/compute/property/snapshot_source_disk_encryption_key.rb +++ b/libraries/google/compute/property/snapshot_source_disk_encryption_key.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class SnapshotSourcediskencryptionkey + class SnapshotSourceDiskEncryptionKey attr_reader :raw_key attr_reader :kms_key_name diff --git a/libraries/google/compute/property/urlmap_host_rules.rb b/libraries/google/compute/property/urlmap_host_rules.rb index dbe4e38de..88f700505 100644 --- a/libraries/google/compute/property/urlmap_host_rules.rb +++ b/libraries/google/compute/property/urlmap_host_rules.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Compute module Property - class UrlMapHostrules + class UrlMapHostRules attr_reader :description attr_reader :hosts @@ -31,11 +31,11 @@ def initialize(args = nil) end end - class UrlMapHostrulesArray + class UrlMapHostRulesArray def self.parse(value) return if value.nil? - return UrlMapHostrules.new(value) unless value.is_a?(::Array) - value.map { |v| UrlMapHostrules.new(v) } + return UrlMapHostRules.new(value) unless value.is_a?(::Array) + value.map { |v| UrlMapHostRules.new(v) } end end end diff --git a/libraries/google/compute/property/urlmap_path_matchers.rb b/libraries/google/compute/property/urlmap_path_matchers.rb index ecd46328e..000d730f7 100644 --- a/libraries/google/compute/property/urlmap_path_matchers.rb +++ b/libraries/google/compute/property/urlmap_path_matchers.rb @@ -13,11 +13,11 @@ # CONTRIBUTING.md located at the root of this package. # # ---------------------------------------------------------------------------- -require 'google/compute/property/urlmap_path_rules' +require 'google/compute/property/urlmap_path_matchers_path_rules' module GoogleInSpec module Compute module Property - class UrlMapPathmatchers + class UrlMapPathMatchers attr_reader :default_service attr_reader :description @@ -31,15 +31,15 @@ def initialize(args = nil) @default_service = args['defaultService'] @description = args['description'] @name = args['name'] - @path_rules = GoogleInSpec::Compute::Property::UrlMapPathrulesArray.parse(args['pathRules']) + @path_rules = GoogleInSpec::Compute::Property::UrlMapPathMatchersPathRulesArray.parse(args['pathRules']) end end - class UrlMapPathmatchersArray + class UrlMapPathMatchersArray def self.parse(value) return if value.nil? - return UrlMapPathmatchers.new(value) unless value.is_a?(::Array) - value.map { |v| UrlMapPathmatchers.new(v) } + return UrlMapPathMatchers.new(value) unless value.is_a?(::Array) + value.map { |v| UrlMapPathMatchers.new(v) } end end end diff --git a/libraries/google/compute/property/urlmap_path_matchers_path_rules.rb b/libraries/google/compute/property/urlmap_path_matchers_path_rules.rb new file mode 100644 index 000000000..d6d438a76 --- /dev/null +++ b/libraries/google/compute/property/urlmap_path_matchers_path_rules.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class UrlMapPathMatchersPathRules + attr_reader :paths + + attr_reader :service + + def initialize(args = nil) + return if args.nil? + @paths = args['paths'] + @service = args['service'] + end + end + + class UrlMapPathMatchersPathRulesArray + def self.parse(value) + return if value.nil? + return UrlMapPathMatchersPathRules.new(value) unless value.is_a?(::Array) + value.map { |v| UrlMapPathMatchersPathRules.new(v) } + end + end + end + end +end diff --git a/libraries/google/container/property/regionalcluster_addons_config.rb b/libraries/google/container/property/regionalcluster_addons_config.rb index f604c6109..e5c2a957d 100644 --- a/libraries/google/container/property/regionalcluster_addons_config.rb +++ b/libraries/google/container/property/regionalcluster_addons_config.rb @@ -13,20 +13,20 @@ # CONTRIBUTING.md located at the root of this package. # # ---------------------------------------------------------------------------- -require 'google/container/property/regionalcluster_horizontal_pod_autoscaling' -require 'google/container/property/regionalcluster_http_load_balancing' +require 'google/container/property/regionalcluster_addons_config_horizontal_pod_autoscaling' +require 'google/container/property/regionalcluster_addons_config_http_load_balancing' module GoogleInSpec module Container module Property - class RegionalClusterAddonsconfig + class RegionalClusterAddonsConfig attr_reader :http_load_balancing attr_reader :horizontal_pod_autoscaling def initialize(args = nil) return if args.nil? - @http_load_balancing = GoogleInSpec::Container::Property::RegionalClusterHttploadbalancing.new(args['httpLoadBalancing']) - @horizontal_pod_autoscaling = GoogleInSpec::Container::Property::RegionalClusterHorizontalpodautoscaling.new(args['horizontalPodAutoscaling']) + @http_load_balancing = GoogleInSpec::Container::Property::RegionalClusterAddonsConfigHttpLoadBalancing.new(args['httpLoadBalancing']) + @horizontal_pod_autoscaling = GoogleInSpec::Container::Property::RegionalClusterAddonsConfigHorizontalPodAutoscaling.new(args['horizontalPodAutoscaling']) end end end diff --git a/libraries/google/container/property/regionalcluster_addons_config_horizontal_pod_autoscaling.rb b/libraries/google/container/property/regionalcluster_addons_config_horizontal_pod_autoscaling.rb new file mode 100644 index 000000000..f0b313863 --- /dev/null +++ b/libraries/google/container/property/regionalcluster_addons_config_horizontal_pod_autoscaling.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Container + module Property + class RegionalClusterAddonsConfigHorizontalPodAutoscaling + attr_reader :disabled + + def initialize(args = nil) + return if args.nil? + @disabled = args['disabled'] + end + end + end + end +end diff --git a/libraries/google/container/property/regionalcluster_addons_config_http_load_balancing.rb b/libraries/google/container/property/regionalcluster_addons_config_http_load_balancing.rb new file mode 100644 index 000000000..0ebf124c7 --- /dev/null +++ b/libraries/google/container/property/regionalcluster_addons_config_http_load_balancing.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Container + module Property + class RegionalClusterAddonsConfigHttpLoadBalancing + attr_reader :disabled + + def initialize(args = nil) + return if args.nil? + @disabled = args['disabled'] + end + end + end + end +end diff --git a/libraries/google/container/property/regionalcluster_master_auth.rb b/libraries/google/container/property/regionalcluster_master_auth.rb index 63ae6c527..ddff46095 100644 --- a/libraries/google/container/property/regionalcluster_master_auth.rb +++ b/libraries/google/container/property/regionalcluster_master_auth.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Container module Property - class RegionalClusterMasterauth + class RegionalClusterMasterAuth attr_reader :username attr_reader :password diff --git a/libraries/google/container/property/regionalcluster_node_config.rb b/libraries/google/container/property/regionalcluster_node_config.rb index c75148f4d..97755ad6c 100644 --- a/libraries/google/container/property/regionalcluster_node_config.rb +++ b/libraries/google/container/property/regionalcluster_node_config.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Container module Property - class RegionalClusterNodeconfig + class RegionalClusterNodeConfig attr_reader :machine_type attr_reader :disk_size_gb diff --git a/libraries/google/pubsub/property/subscription_push_config.rb b/libraries/google/pubsub/property/subscription_push_config.rb index 234cf0bfd..90695d1e6 100644 --- a/libraries/google/pubsub/property/subscription_push_config.rb +++ b/libraries/google/pubsub/property/subscription_push_config.rb @@ -16,7 +16,7 @@ module GoogleInSpec module Pubsub module Property - class SubscriptionPushconfig + class SubscriptionPushConfig attr_reader :push_endpoint def initialize(args = nil) diff --git a/libraries/google_bigquery_dataset.rb b/libraries/google_bigquery_dataset.rb index 57790a12f..cfd684f7c 100644 --- a/libraries/google_bigquery_dataset.rb +++ b/libraries/google_bigquery_dataset.rb @@ -52,7 +52,7 @@ def parse @name = @fetched['name'] @access = GoogleInSpec::BigQuery::Property::DatasetAccessArray.parse(@fetched['access']) @creation_time = @fetched['creationTime'] - @dataset_reference = GoogleInSpec::BigQuery::Property::DatasetDatasetreference.new(@fetched['datasetReference']) + @dataset_reference = GoogleInSpec::BigQuery::Property::DatasetDatasetReference.new(@fetched['datasetReference']) @default_table_expiration_ms = @fetched['defaultTableExpirationMs'] @description = @fetched['description'] @friendly_name = @fetched['friendlyName'] diff --git a/libraries/google_bigquery_datasets.rb b/libraries/google_bigquery_datasets.rb index 100350300..3d2163c05 100644 --- a/libraries/google_bigquery_datasets.rb +++ b/libraries/google_bigquery_datasets.rb @@ -75,7 +75,7 @@ def transform(key, value) def transformers { - 'datasetReference' => ->(obj) { return :dataset_reference, GoogleInSpec::BigQuery::Property::DatasetDatasetreference.new(obj['datasetReference']) }, + 'datasetReference' => ->(obj) { return :dataset_reference, GoogleInSpec::BigQuery::Property::DatasetDatasetReference.new(obj['datasetReference']) }, 'friendlyName' => ->(obj) { return :friendly_name, obj['friendlyName'] }, 'id' => ->(obj) { return :id, obj['id'] }, 'labels' => ->(obj) { return :labels, obj['labels'] }, diff --git a/libraries/google_cloudbuild_trigger.rb b/libraries/google_cloudbuild_trigger.rb index eb1ec28cc..c99e5a2f7 100644 --- a/libraries/google_cloudbuild_trigger.rb +++ b/libraries/google_cloudbuild_trigger.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' require 'google/cloudbuild/property/trigger_build' -require 'google/cloudbuild/property/trigger_steps' +require 'google/cloudbuild/property/trigger_build_steps' require 'google/cloudbuild/property/trigger_trigger_template' # A provider to manage Cloud build resources. @@ -57,7 +57,7 @@ def parse @filename = @fetched['filename'] @ignored_files = @fetched['ignoredFiles'] @included_files = @fetched['includedFiles'] - @trigger_template = GoogleInSpec::CloudBuild::Property::TriggerTriggertemplate.new(@fetched['triggerTemplate']) + @trigger_template = GoogleInSpec::CloudBuild::Property::TriggerTriggerTemplate.new(@fetched['triggerTemplate']) @build = GoogleInSpec::CloudBuild::Property::TriggerBuild.new(@fetched['build']) end diff --git a/libraries/google_cloudbuild_triggers.rb b/libraries/google_cloudbuild_triggers.rb index a6aa7c99e..b8221c647 100644 --- a/libraries/google_cloudbuild_triggers.rb +++ b/libraries/google_cloudbuild_triggers.rb @@ -88,7 +88,7 @@ def transformers 'filename' => ->(obj) { return :filename, obj['filename'] }, 'ignoredFiles' => ->(obj) { return :ignored_files, obj['ignoredFiles'] }, 'includedFiles' => ->(obj) { return :included_files, obj['includedFiles'] }, - 'triggerTemplate' => ->(obj) { return :trigger_template, GoogleInSpec::CloudBuild::Property::TriggerTriggertemplate.new(obj['triggerTemplate']) }, + 'triggerTemplate' => ->(obj) { return :trigger_template, GoogleInSpec::CloudBuild::Property::TriggerTriggerTemplate.new(obj['triggerTemplate']) }, 'build' => ->(obj) { return :build, GoogleInSpec::CloudBuild::Property::TriggerBuild.new(obj['build']) }, } end diff --git a/libraries/google_compute_autoscaler.rb b/libraries/google_compute_autoscaler.rb index b5c590dca..c7019072c 100644 --- a/libraries/google_compute_autoscaler.rb +++ b/libraries/google_compute_autoscaler.rb @@ -15,9 +15,9 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' require 'google/compute/property/autoscaler_autoscaling_policy' -require 'google/compute/property/autoscaler_cpu_utilization' -require 'google/compute/property/autoscaler_custom_metric_utilizations' -require 'google/compute/property/autoscaler_load_balancing_utilization' +require 'google/compute/property/autoscaler_autoscaling_policy_cpu_utilization' +require 'google/compute/property/autoscaler_autoscaling_policy_custom_metric_utilizations' +require 'google/compute/property/autoscaler_autoscaling_policy_load_balancing_utilization' # A provider to manage Google Compute Engine resources. class Autoscaler < GcpResourceBase @@ -51,7 +51,7 @@ def parse @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) @name = @fetched['name'] @description = @fetched['description'] - @autoscaling_policy = GoogleInSpec::Compute::Property::AutoscalerAutoscalingpolicy.new(@fetched['autoscalingPolicy']) + @autoscaling_policy = GoogleInSpec::Compute::Property::AutoscalerAutoscalingPolicy.new(@fetched['autoscalingPolicy']) @target = @fetched['target'] @zone = @fetched['zone'] end diff --git a/libraries/google_compute_autoscalers.rb b/libraries/google_compute_autoscalers.rb index e98ad8fce..ce7954895 100644 --- a/libraries/google_compute_autoscalers.rb +++ b/libraries/google_compute_autoscalers.rb @@ -81,7 +81,7 @@ def transformers 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, 'name' => ->(obj) { return :name, obj['name'] }, 'description' => ->(obj) { return :description, obj['description'] }, - 'autoscalingPolicy' => ->(obj) { return :autoscaling_policy, GoogleInSpec::Compute::Property::AutoscalerAutoscalingpolicy.new(obj['autoscalingPolicy']) }, + 'autoscalingPolicy' => ->(obj) { return :autoscaling_policy, GoogleInSpec::Compute::Property::AutoscalerAutoscalingPolicy.new(obj['autoscalingPolicy']) }, 'target' => ->(obj) { return :target, obj['target'] }, 'zone' => ->(obj) { return :zone, obj['zone'] }, } diff --git a/libraries/google_compute_backend_service.rb b/libraries/google_compute_backend_service.rb index 538de535d..b4e6c8ef6 100644 --- a/libraries/google_compute_backend_service.rb +++ b/libraries/google_compute_backend_service.rb @@ -15,8 +15,8 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' require 'google/compute/property/backendservice_backends' -require 'google/compute/property/backendservice_cache_key_policy' require 'google/compute/property/backendservice_cdn_policy' +require 'google/compute/property/backendservice_cdn_policy_cache_key_policy' require 'google/compute/property/backendservice_connection_draining' require 'google/compute/property/backendservice_iap' @@ -60,8 +60,8 @@ def initialize(params) def parse @affinity_cookie_ttl_sec = @fetched['affinityCookieTtlSec'] @backends = GoogleInSpec::Compute::Property::BackendServiceBackendsArray.parse(@fetched['backends']) - @cdn_policy = GoogleInSpec::Compute::Property::BackendServiceCdnpolicy.new(@fetched['cdnPolicy']) - @connection_draining = GoogleInSpec::Compute::Property::BackendServiceConnectiondraining.new(@fetched['connectionDraining']) + @cdn_policy = GoogleInSpec::Compute::Property::BackendServiceCdnPolicy.new(@fetched['cdnPolicy']) + @connection_draining = GoogleInSpec::Compute::Property::BackendServiceConnectionDraining.new(@fetched['connectionDraining']) @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) @description = @fetched['description'] @enable_cdn = @fetched['enableCDN'] diff --git a/libraries/google_compute_backend_services.rb b/libraries/google_compute_backend_services.rb index c689f61ee..8daa82066 100644 --- a/libraries/google_compute_backend_services.rb +++ b/libraries/google_compute_backend_services.rb @@ -89,8 +89,8 @@ def transformers { 'affinityCookieTtlSec' => ->(obj) { return :affinity_cookie_ttl_sec, obj['affinityCookieTtlSec'] }, 'backends' => ->(obj) { return :backends, GoogleInSpec::Compute::Property::BackendServiceBackendsArray.parse(obj['backends']) }, - 'cdnPolicy' => ->(obj) { return :cdn_policy, GoogleInSpec::Compute::Property::BackendServiceCdnpolicy.new(obj['cdnPolicy']) }, - 'connectionDraining' => ->(obj) { return :connection_draining, GoogleInSpec::Compute::Property::BackendServiceConnectiondraining.new(obj['connectionDraining']) }, + 'cdnPolicy' => ->(obj) { return :cdn_policy, GoogleInSpec::Compute::Property::BackendServiceCdnPolicy.new(obj['cdnPolicy']) }, + 'connectionDraining' => ->(obj) { return :connection_draining, GoogleInSpec::Compute::Property::BackendServiceConnectionDraining.new(obj['connectionDraining']) }, 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, 'description' => ->(obj) { return :description, obj['description'] }, 'enableCDN' => ->(obj) { return :enable_cdn, obj['enableCDN'] }, diff --git a/libraries/google_compute_disk.rb b/libraries/google_compute_disk.rb index d807ee20d..caa586125 100644 --- a/libraries/google_compute_disk.rb +++ b/libraries/google_compute_disk.rb @@ -73,11 +73,11 @@ def parse @type = @fetched['type'] @source_image = @fetched['sourceImage'] @zone = @fetched['zone'] - @source_image_encryption_key = GoogleInSpec::Compute::Property::DiskSourceimageencryptionkey.new(@fetched['sourceImageEncryptionKey']) + @source_image_encryption_key = GoogleInSpec::Compute::Property::DiskSourceImageEncryptionKey.new(@fetched['sourceImageEncryptionKey']) @source_image_id = @fetched['sourceImageId'] - @disk_encryption_key = GoogleInSpec::Compute::Property::DiskDiskencryptionkey.new(@fetched['diskEncryptionKey']) + @disk_encryption_key = GoogleInSpec::Compute::Property::DiskDiskEncryptionKey.new(@fetched['diskEncryptionKey']) @source_snapshot = @fetched['sourceSnapshot'] - @source_snapshot_encryption_key = GoogleInSpec::Compute::Property::DiskSourcesnapshotencryptionkey.new(@fetched['sourceSnapshotEncryptionKey']) + @source_snapshot_encryption_key = GoogleInSpec::Compute::Property::DiskSourceSnapshotEncryptionKey.new(@fetched['sourceSnapshotEncryptionKey']) @source_snapshot_id = @fetched['sourceSnapshotId'] end diff --git a/libraries/google_compute_disks.rb b/libraries/google_compute_disks.rb index 32e875a1d..cb3bf974d 100644 --- a/libraries/google_compute_disks.rb +++ b/libraries/google_compute_disks.rb @@ -104,11 +104,11 @@ def transformers 'type' => ->(obj) { return :type, obj['type'] }, 'sourceImage' => ->(obj) { return :source_image, obj['sourceImage'] }, 'zone' => ->(obj) { return :zone, obj['zone'] }, - 'sourceImageEncryptionKey' => ->(obj) { return :source_image_encryption_key, GoogleInSpec::Compute::Property::DiskSourceimageencryptionkey.new(obj['sourceImageEncryptionKey']) }, + 'sourceImageEncryptionKey' => ->(obj) { return :source_image_encryption_key, GoogleInSpec::Compute::Property::DiskSourceImageEncryptionKey.new(obj['sourceImageEncryptionKey']) }, 'sourceImageId' => ->(obj) { return :source_image_id, obj['sourceImageId'] }, - 'diskEncryptionKey' => ->(obj) { return :disk_encryption_key, GoogleInSpec::Compute::Property::DiskDiskencryptionkey.new(obj['diskEncryptionKey']) }, + 'diskEncryptionKey' => ->(obj) { return :disk_encryption_key, GoogleInSpec::Compute::Property::DiskDiskEncryptionKey.new(obj['diskEncryptionKey']) }, 'sourceSnapshot' => ->(obj) { return :source_snapshot, obj['sourceSnapshot'] }, - 'sourceSnapshotEncryptionKey' => ->(obj) { return :source_snapshot_encryption_key, GoogleInSpec::Compute::Property::DiskSourcesnapshotencryptionkey.new(obj['sourceSnapshotEncryptionKey']) }, + 'sourceSnapshotEncryptionKey' => ->(obj) { return :source_snapshot_encryption_key, GoogleInSpec::Compute::Property::DiskSourceSnapshotEncryptionKey.new(obj['sourceSnapshotEncryptionKey']) }, 'sourceSnapshotId' => ->(obj) { return :source_snapshot_id, obj['sourceSnapshotId'] }, } end diff --git a/libraries/google_compute_health_check.rb b/libraries/google_compute_health_check.rb index 894751361..47c42ecfa 100644 --- a/libraries/google_compute_health_check.rb +++ b/libraries/google_compute_health_check.rb @@ -62,10 +62,10 @@ def parse @timeout_sec = @fetched['timeoutSec'] @unhealthy_threshold = @fetched['unhealthyThreshold'] @type = @fetched['type'] - @http_health_check = GoogleInSpec::Compute::Property::HealthCheckHttphealthcheck.new(@fetched['httpHealthCheck']) - @https_health_check = GoogleInSpec::Compute::Property::HealthCheckHttpshealthcheck.new(@fetched['httpsHealthCheck']) - @tcp_health_check = GoogleInSpec::Compute::Property::HealthCheckTcphealthcheck.new(@fetched['tcpHealthCheck']) - @ssl_health_check = GoogleInSpec::Compute::Property::HealthCheckSslhealthcheck.new(@fetched['sslHealthCheck']) + @http_health_check = GoogleInSpec::Compute::Property::HealthCheckHttpHealthCheck.new(@fetched['httpHealthCheck']) + @https_health_check = GoogleInSpec::Compute::Property::HealthCheckHttpsHealthCheck.new(@fetched['httpsHealthCheck']) + @tcp_health_check = GoogleInSpec::Compute::Property::HealthCheckTcpHealthCheck.new(@fetched['tcpHealthCheck']) + @ssl_health_check = GoogleInSpec::Compute::Property::HealthCheckSslHealthCheck.new(@fetched['sslHealthCheck']) end # Handles parsing RFC3339 time string diff --git a/libraries/google_compute_health_checks.rb b/libraries/google_compute_health_checks.rb index ae436b26b..0ef54fba3 100644 --- a/libraries/google_compute_health_checks.rb +++ b/libraries/google_compute_health_checks.rb @@ -92,10 +92,10 @@ def transformers 'timeoutSec' => ->(obj) { return :timeout_sec, obj['timeoutSec'] }, 'unhealthyThreshold' => ->(obj) { return :unhealthy_threshold, obj['unhealthyThreshold'] }, 'type' => ->(obj) { return :type, obj['type'] }, - 'httpHealthCheck' => ->(obj) { return :http_health_check, GoogleInSpec::Compute::Property::HealthCheckHttphealthcheck.new(obj['httpHealthCheck']) }, - 'httpsHealthCheck' => ->(obj) { return :https_health_check, GoogleInSpec::Compute::Property::HealthCheckHttpshealthcheck.new(obj['httpsHealthCheck']) }, - 'tcpHealthCheck' => ->(obj) { return :tcp_health_check, GoogleInSpec::Compute::Property::HealthCheckTcphealthcheck.new(obj['tcpHealthCheck']) }, - 'sslHealthCheck' => ->(obj) { return :ssl_health_check, GoogleInSpec::Compute::Property::HealthCheckSslhealthcheck.new(obj['sslHealthCheck']) }, + 'httpHealthCheck' => ->(obj) { return :http_health_check, GoogleInSpec::Compute::Property::HealthCheckHttpHealthCheck.new(obj['httpHealthCheck']) }, + 'httpsHealthCheck' => ->(obj) { return :https_health_check, GoogleInSpec::Compute::Property::HealthCheckHttpsHealthCheck.new(obj['httpsHealthCheck']) }, + 'tcpHealthCheck' => ->(obj) { return :tcp_health_check, GoogleInSpec::Compute::Property::HealthCheckTcpHealthCheck.new(obj['tcpHealthCheck']) }, + 'sslHealthCheck' => ->(obj) { return :ssl_health_check, GoogleInSpec::Compute::Property::HealthCheckSslHealthCheck.new(obj['sslHealthCheck']) }, } end diff --git a/libraries/google_compute_instance_group_manager.rb b/libraries/google_compute_instance_group_manager.rb index 96af5bdbe..f518ff84f 100644 --- a/libraries/google_compute_instance_group_manager.rb +++ b/libraries/google_compute_instance_group_manager.rb @@ -53,13 +53,13 @@ def initialize(params) def parse @base_instance_name = @fetched['baseInstanceName'] @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) - @current_actions = GoogleInSpec::Compute::Property::InstanceGroupManagerCurrentactions.new(@fetched['currentActions']) + @current_actions = GoogleInSpec::Compute::Property::InstanceGroupManagerCurrentActions.new(@fetched['currentActions']) @description = @fetched['description'] @id = @fetched['id'] @instance_group = @fetched['instanceGroup'] @instance_template = @fetched['instanceTemplate'] @name = @fetched['name'] - @named_ports = GoogleInSpec::Compute::Property::InstanceGroupManagerNamedportsArray.parse(@fetched['namedPorts']) + @named_ports = GoogleInSpec::Compute::Property::InstanceGroupManagerNamedPortsArray.parse(@fetched['namedPorts']) @region = @fetched['region'] @target_pools = @fetched['targetPools'] @target_size = @fetched['targetSize'] diff --git a/libraries/google_compute_instance_group_managers.rb b/libraries/google_compute_instance_group_managers.rb index 45aa62e61..616853fc7 100644 --- a/libraries/google_compute_instance_group_managers.rb +++ b/libraries/google_compute_instance_group_managers.rb @@ -85,13 +85,13 @@ def transformers { 'baseInstanceName' => ->(obj) { return :base_instance_name, obj['baseInstanceName'] }, 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, - 'currentActions' => ->(obj) { return :current_actions, GoogleInSpec::Compute::Property::InstanceGroupManagerCurrentactions.new(obj['currentActions']) }, + 'currentActions' => ->(obj) { return :current_actions, GoogleInSpec::Compute::Property::InstanceGroupManagerCurrentActions.new(obj['currentActions']) }, 'description' => ->(obj) { return :description, obj['description'] }, 'id' => ->(obj) { return :id, obj['id'] }, 'instanceGroup' => ->(obj) { return :instance_group, obj['instanceGroup'] }, 'instanceTemplate' => ->(obj) { return :instance_template, obj['instanceTemplate'] }, 'name' => ->(obj) { return :name, obj['name'] }, - 'namedPorts' => ->(obj) { return :named_ports, GoogleInSpec::Compute::Property::InstanceGroupManagerNamedportsArray.parse(obj['namedPorts']) }, + 'namedPorts' => ->(obj) { return :named_ports, GoogleInSpec::Compute::Property::InstanceGroupManagerNamedPortsArray.parse(obj['namedPorts']) }, 'region' => ->(obj) { return :region, obj['region'] }, 'targetPools' => ->(obj) { return :target_pools, obj['targetPools'] }, 'targetSize' => ->(obj) { return :target_size, obj['targetSize'] }, diff --git a/libraries/google_compute_instance_template.rb b/libraries/google_compute_instance_template.rb index 3f68e55b2..86c352fb9 100644 --- a/libraries/google_compute_instance_template.rb +++ b/libraries/google_compute_instance_template.rb @@ -14,13 +14,13 @@ # # ---------------------------------------------------------------------------- require 'gcp_backend' -require 'google/compute/property/instancetemplate_disks' -require 'google/compute/property/instancetemplate_guest_accelerators' -require 'google/compute/property/instancetemplate_network_interfaces' require 'google/compute/property/instancetemplate_properties' -require 'google/compute/property/instancetemplate_scheduling' -require 'google/compute/property/instancetemplate_service_accounts' -require 'google/compute/property/instancetemplate_tags' +require 'google/compute/property/instancetemplate_properties_disks' +require 'google/compute/property/instancetemplate_properties_guest_accelerators' +require 'google/compute/property/instancetemplate_properties_network_interfaces' +require 'google/compute/property/instancetemplate_properties_scheduling' +require 'google/compute/property/instancetemplate_properties_service_accounts' +require 'google/compute/property/instancetemplate_properties_tags' # A provider to manage Google Compute Engine resources. class InstanceTemplate < GcpResourceBase diff --git a/libraries/google_compute_router.rb b/libraries/google_compute_router.rb index 6b5d91ab2..e39217ee4 100644 --- a/libraries/google_compute_router.rb +++ b/libraries/google_compute_router.rb @@ -14,8 +14,8 @@ # # ---------------------------------------------------------------------------- require 'gcp_backend' -require 'google/compute/property/router_advertised_ip_ranges' require 'google/compute/property/router_bgp' +require 'google/compute/property/router_bgp_advertised_ip_ranges' # A provider to manage Google Compute Engine resources. class Router < GcpResourceBase diff --git a/libraries/google_compute_snapshot.rb b/libraries/google_compute_snapshot.rb index 53826f636..482121e07 100644 --- a/libraries/google_compute_snapshot.rb +++ b/libraries/google_compute_snapshot.rb @@ -62,8 +62,8 @@ def parse @label_fingerprint = @fetched['labelFingerprint'] @source_disk = @fetched['sourceDisk'] @zone = @fetched['zone'] - @snapshot_encryption_key = GoogleInSpec::Compute::Property::SnapshotSnapshotencryptionkey.new(@fetched['snapshotEncryptionKey']) - @source_disk_encryption_key = GoogleInSpec::Compute::Property::SnapshotSourcediskencryptionkey.new(@fetched['sourceDiskEncryptionKey']) + @snapshot_encryption_key = GoogleInSpec::Compute::Property::SnapshotSnapshotEncryptionKey.new(@fetched['snapshotEncryptionKey']) + @source_disk_encryption_key = GoogleInSpec::Compute::Property::SnapshotSourceDiskEncryptionKey.new(@fetched['sourceDiskEncryptionKey']) end # Handles parsing RFC3339 time string diff --git a/libraries/google_compute_snapshots.rb b/libraries/google_compute_snapshots.rb index 37931f773..675d660e5 100644 --- a/libraries/google_compute_snapshots.rb +++ b/libraries/google_compute_snapshots.rb @@ -94,8 +94,8 @@ def transformers 'labelFingerprint' => ->(obj) { return :label_fingerprint, obj['labelFingerprint'] }, 'sourceDisk' => ->(obj) { return :source_disk, obj['sourceDisk'] }, 'zone' => ->(obj) { return :zone, obj['zone'] }, - 'snapshotEncryptionKey' => ->(obj) { return :snapshot_encryption_key, GoogleInSpec::Compute::Property::SnapshotSnapshotencryptionkey.new(obj['snapshotEncryptionKey']) }, - 'sourceDiskEncryptionKey' => ->(obj) { return :source_disk_encryption_key, GoogleInSpec::Compute::Property::SnapshotSourcediskencryptionkey.new(obj['sourceDiskEncryptionKey']) }, + 'snapshotEncryptionKey' => ->(obj) { return :snapshot_encryption_key, GoogleInSpec::Compute::Property::SnapshotSnapshotEncryptionKey.new(obj['snapshotEncryptionKey']) }, + 'sourceDiskEncryptionKey' => ->(obj) { return :source_disk_encryption_key, GoogleInSpec::Compute::Property::SnapshotSourceDiskEncryptionKey.new(obj['sourceDiskEncryptionKey']) }, } end diff --git a/libraries/google_compute_url_map.rb b/libraries/google_compute_url_map.rb index bb3f84fdc..080e4adb5 100644 --- a/libraries/google_compute_url_map.rb +++ b/libraries/google_compute_url_map.rb @@ -51,11 +51,11 @@ def parse @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) @default_service = @fetched['defaultService'] @description = @fetched['description'] - @host_rules = GoogleInSpec::Compute::Property::UrlMapHostrulesArray.parse(@fetched['hostRules']) + @host_rules = GoogleInSpec::Compute::Property::UrlMapHostRulesArray.parse(@fetched['hostRules']) @id = @fetched['id'] @fingerprint = @fetched['fingerprint'] @name = @fetched['name'] - @path_matchers = GoogleInSpec::Compute::Property::UrlMapPathmatchersArray.parse(@fetched['pathMatchers']) + @path_matchers = GoogleInSpec::Compute::Property::UrlMapPathMatchersArray.parse(@fetched['pathMatchers']) @tests = GoogleInSpec::Compute::Property::UrlMapTestsArray.parse(@fetched['tests']) end diff --git a/libraries/google_compute_url_maps.rb b/libraries/google_compute_url_maps.rb index 48a4fd6c9..7c3ef5f6e 100644 --- a/libraries/google_compute_url_maps.rb +++ b/libraries/google_compute_url_maps.rb @@ -82,11 +82,11 @@ def transformers 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, 'defaultService' => ->(obj) { return :default_service, obj['defaultService'] }, 'description' => ->(obj) { return :description, obj['description'] }, - 'hostRules' => ->(obj) { return :host_rules, GoogleInSpec::Compute::Property::UrlMapHostrulesArray.parse(obj['hostRules']) }, + 'hostRules' => ->(obj) { return :host_rules, GoogleInSpec::Compute::Property::UrlMapHostRulesArray.parse(obj['hostRules']) }, 'id' => ->(obj) { return :id, obj['id'] }, 'fingerprint' => ->(obj) { return :fingerprint, obj['fingerprint'] }, 'name' => ->(obj) { return :name, obj['name'] }, - 'pathMatchers' => ->(obj) { return :path_matchers, GoogleInSpec::Compute::Property::UrlMapPathmatchersArray.parse(obj['pathMatchers']) }, + 'pathMatchers' => ->(obj) { return :path_matchers, GoogleInSpec::Compute::Property::UrlMapPathMatchersArray.parse(obj['pathMatchers']) }, 'tests' => ->(obj) { return :tests, GoogleInSpec::Compute::Property::UrlMapTestsArray.parse(obj['tests']) }, } end diff --git a/libraries/google_container_regional_cluster.rb b/libraries/google_container_regional_cluster.rb index c255f3505..41576be66 100644 --- a/libraries/google_container_regional_cluster.rb +++ b/libraries/google_container_regional_cluster.rb @@ -15,8 +15,8 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' require 'google/container/property/regionalcluster_addons_config' -require 'google/container/property/regionalcluster_horizontal_pod_autoscaling' -require 'google/container/property/regionalcluster_http_load_balancing' +require 'google/container/property/regionalcluster_addons_config_horizontal_pod_autoscaling' +require 'google/container/property/regionalcluster_addons_config_http_load_balancing' require 'google/container/property/regionalcluster_master_auth' require 'google/container/property/regionalcluster_node_config' @@ -65,13 +65,13 @@ def parse @name = @fetched['name'] @description = @fetched['description'] @initial_node_count = @fetched['initialNodeCount'] - @node_config = GoogleInSpec::Container::Property::RegionalClusterNodeconfig.new(@fetched['nodeConfig']) - @master_auth = GoogleInSpec::Container::Property::RegionalClusterMasterauth.new(@fetched['masterAuth']) + @node_config = GoogleInSpec::Container::Property::RegionalClusterNodeConfig.new(@fetched['nodeConfig']) + @master_auth = GoogleInSpec::Container::Property::RegionalClusterMasterAuth.new(@fetched['masterAuth']) @logging_service = @fetched['loggingService'] @monitoring_service = @fetched['monitoringService'] @network = @fetched['network'] @cluster_ipv4_cidr = @fetched['clusterIpv4Cidr'] - @addons_config = GoogleInSpec::Container::Property::RegionalClusterAddonsconfig.new(@fetched['addonsConfig']) + @addons_config = GoogleInSpec::Container::Property::RegionalClusterAddonsConfig.new(@fetched['addonsConfig']) @subnetwork = @fetched['subnetwork'] @endpoint = @fetched['endpoint'] @initial_cluster_version = @fetched['initialClusterVersion'] diff --git a/libraries/google_container_regional_clusters.rb b/libraries/google_container_regional_clusters.rb index 89bf16ec6..14cf22aee 100644 --- a/libraries/google_container_regional_clusters.rb +++ b/libraries/google_container_regional_clusters.rb @@ -94,13 +94,13 @@ def transformers 'name' => ->(obj) { return :name, obj['name'] }, 'description' => ->(obj) { return :description, obj['description'] }, 'initialNodeCount' => ->(obj) { return :initial_node_count, obj['initialNodeCount'] }, - 'nodeConfig' => ->(obj) { return :node_config, GoogleInSpec::Container::Property::RegionalClusterNodeconfig.new(obj['nodeConfig']) }, - 'masterAuth' => ->(obj) { return :master_auth, GoogleInSpec::Container::Property::RegionalClusterMasterauth.new(obj['masterAuth']) }, + 'nodeConfig' => ->(obj) { return :node_config, GoogleInSpec::Container::Property::RegionalClusterNodeConfig.new(obj['nodeConfig']) }, + 'masterAuth' => ->(obj) { return :master_auth, GoogleInSpec::Container::Property::RegionalClusterMasterAuth.new(obj['masterAuth']) }, 'loggingService' => ->(obj) { return :logging_service, obj['loggingService'] }, 'monitoringService' => ->(obj) { return :monitoring_service, obj['monitoringService'] }, 'network' => ->(obj) { return :network, obj['network'] }, 'clusterIpv4Cidr' => ->(obj) { return :cluster_ipv4_cidr, obj['clusterIpv4Cidr'] }, - 'addonsConfig' => ->(obj) { return :addons_config, GoogleInSpec::Container::Property::RegionalClusterAddonsconfig.new(obj['addonsConfig']) }, + 'addonsConfig' => ->(obj) { return :addons_config, GoogleInSpec::Container::Property::RegionalClusterAddonsConfig.new(obj['addonsConfig']) }, 'subnetwork' => ->(obj) { return :subnetwork, obj['subnetwork'] }, 'endpoint' => ->(obj) { return :endpoint, obj['endpoint'] }, 'initialClusterVersion' => ->(obj) { return :initial_cluster_version, obj['initialClusterVersion'] }, diff --git a/libraries/google_pubsub_subscription.rb b/libraries/google_pubsub_subscription.rb index 4138c7b22..6a02a71f8 100644 --- a/libraries/google_pubsub_subscription.rb +++ b/libraries/google_pubsub_subscription.rb @@ -43,7 +43,7 @@ def initialize(params) def parse @name = name_from_self_link(@fetched['name']) @topic = @fetched['topic'] - @push_config = GoogleInSpec::Pubsub::Property::SubscriptionPushconfig.new(@fetched['pushConfig']) + @push_config = GoogleInSpec::Pubsub::Property::SubscriptionPushConfig.new(@fetched['pushConfig']) @ack_deadline_seconds = @fetched['ackDeadlineSeconds'] end diff --git a/libraries/google_pubsub_subscriptions.rb b/libraries/google_pubsub_subscriptions.rb index 099da6cc7..be1bff1a9 100644 --- a/libraries/google_pubsub_subscriptions.rb +++ b/libraries/google_pubsub_subscriptions.rb @@ -76,7 +76,7 @@ def transformers { 'name' => ->(obj) { return :name, name_from_self_link(obj['name']) }, 'topic' => ->(obj) { return :topic, obj['topic'] }, - 'pushConfig' => ->(obj) { return :push_config, GoogleInSpec::Pubsub::Property::SubscriptionPushconfig.new(obj['pushConfig']) }, + 'pushConfig' => ->(obj) { return :push_config, GoogleInSpec::Pubsub::Property::SubscriptionPushConfig.new(obj['pushConfig']) }, 'ackDeadlineSeconds' => ->(obj) { return :ack_deadline_seconds, obj['ackDeadlineSeconds'] }, } end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index 17296b5c8..cedbc52b0 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -102,6 +102,10 @@ variable "dataset" { type = "map" } +variable "bigquery_table" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -408,12 +412,25 @@ resource "google_bigquery_dataset" "gcp-inspec-dataset" { default_table_expiration_ms = "${var.dataset["default_table_expiration_ms"]}" access { - role = "${var.dataset["access_reader_role"]}" - domain = "${var.dataset["access_reader_domain"]}" + role = "${var.dataset["access_writer_role"]}" + special_group = "${var.dataset["access_writer_special_group"]}" } access { - role = "${var.dataset["access_writer_role"]}" - special_group = "${var.dataset["access_writer_special_group"]}" + role = "OWNER" + special_group = "projectOwners" } +} + +resource "google_bigquery_table" "gcp-inspec-bigquery-table" { + project = "${var.gcp_project_id}" + dataset_id = "${google_bigquery_dataset.gcp-inspec-dataset.dataset_id}" + table_id = "${var.bigquery_table["table_id"]}" + + time_partitioning { + type = "${var.bigquery_table["time_partitioning_type"]}" + } + + description = "${var.bigquery_table["description"]}" + expiration_time = "${var.bigquery_table["expiration_time"]}" } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index 434d4130c..b7ca91f40 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -176,7 +176,11 @@ dataset: description: Test BigQuery dataset description location: EU default_table_expiration_ms: 3600000 - access_reader_role: READER - access_reader_domain: example.com access_writer_role: WRITER - access_writer_special_group: projectWriters \ No newline at end of file + access_writer_special_group: projectWriters + +bigquery_table: + table_id: inspec_gcp_bigquery_table + description: A BigQuery table + expiration_time: 1738882264000 + time_partitioning_type: DAY \ No newline at end of file diff --git a/test/integration/verify/controls/google_bigquery_dataset.rb b/test/integration/verify/controls/google_bigquery_dataset.rb index be8e94694..6e4e325ab 100644 --- a/test/integration/verify/controls/google_bigquery_dataset.rb +++ b/test/integration/verify/controls/google_bigquery_dataset.rb @@ -21,8 +21,6 @@ "description": "Test BigQuery dataset description", "location": "EU", "default_table_expiration_ms": 3600000, - "access_reader_role": "READER", - "access_reader_domain": "example.com", "access_writer_role": "WRITER", "access_writer_special_group": "projectWriters" }, description: 'BigQuery dataset definition') @@ -39,15 +37,6 @@ its('default_table_expiration_ms') { should cmp dataset['default_table_expiration_ms'] } end - describe.one do - google_bigquery_dataset(project: gcp_project_id, name: dataset['dataset_id']).access.each do |dataset_access| - describe dataset_access do - its('role') { should eq dataset['access_reader_role'] } - its('domain') { should eq dataset['access_reader_domain'] } - end - end - end - describe.one do google_bigquery_dataset(project: gcp_project_id, name: dataset['dataset_id']).access.each do |dataset_access| describe dataset_access do diff --git a/test/integration/verify/controls/google_bigquery_datasets.rb b/test/integration/verify/controls/google_bigquery_datasets.rb index a7517de60..84051e26d 100644 --- a/test/integration/verify/controls/google_bigquery_datasets.rb +++ b/test/integration/verify/controls/google_bigquery_datasets.rb @@ -21,8 +21,6 @@ "description": "Test BigQuery dataset description", "location": "EU", "default_table_expiration_ms": 3600000, - "access_reader_role": "READER", - "access_reader_domain": "example.com", "access_writer_role": "WRITER", "access_writer_special_group": "projectWriters" }, description: 'BigQuery dataset definition') From 009f81443928c7010f16c5e369280e761413f562 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Tue, 12 Feb 2019 16:57:50 -0800 Subject: [PATCH 20/30] Remove old nested objects with bad namespaces Signed-off-by: Sam Levenick --- .../google/bigquery/property/dataset_view.rb | 35 ---------- .../cloudbuild/property/trigger_steps.rb | 40 ----------- .../property/autoscaler_cpu_utilization.rb | 29 -------- .../autoscaler_custom_metric_utilizations.rb | 43 ------------ .../autoscaler_load_balancing_utilization.rb | 29 -------- .../backendservice_cache_key_policy.rb | 41 ------------ .../instancetemplate_access_configs.rb | 43 ------------ .../instancetemplate_alias_ip_ranges.rb | 40 ----------- .../instancetemplate_disk_encryption_key.rb | 35 ---------- .../property/instancetemplate_disks.rb | 67 ------------------- .../instancetemplate_guest_accelerators.rb | 40 ----------- .../instancetemplate_initialize_params.rb | 42 ------------ .../instancetemplate_network_interfaces.rb | 54 --------------- .../property/instancetemplate_scheduling.rb | 35 ---------- .../instancetemplate_service_accounts.rb | 40 ----------- ...ncetemplate_source_image_encryption_key.rb | 32 --------- .../compute/property/instancetemplate_tags.rb | 32 --------- .../property/router_advertised_ip_ranges.rb | 40 ----------- .../compute/property/urlmap_path_rules.rb | 40 ----------- ...ionalcluster_horizontal_pod_autoscaling.rb | 29 -------- .../regionalcluster_http_load_balancing.rb | 29 -------- 21 files changed, 815 deletions(-) delete mode 100644 libraries/google/bigquery/property/dataset_view.rb delete mode 100644 libraries/google/cloudbuild/property/trigger_steps.rb delete mode 100644 libraries/google/compute/property/autoscaler_cpu_utilization.rb delete mode 100644 libraries/google/compute/property/autoscaler_custom_metric_utilizations.rb delete mode 100644 libraries/google/compute/property/autoscaler_load_balancing_utilization.rb delete mode 100644 libraries/google/compute/property/backendservice_cache_key_policy.rb delete mode 100644 libraries/google/compute/property/instancetemplate_access_configs.rb delete mode 100644 libraries/google/compute/property/instancetemplate_alias_ip_ranges.rb delete mode 100644 libraries/google/compute/property/instancetemplate_disk_encryption_key.rb delete mode 100644 libraries/google/compute/property/instancetemplate_disks.rb delete mode 100644 libraries/google/compute/property/instancetemplate_guest_accelerators.rb delete mode 100644 libraries/google/compute/property/instancetemplate_initialize_params.rb delete mode 100644 libraries/google/compute/property/instancetemplate_network_interfaces.rb delete mode 100644 libraries/google/compute/property/instancetemplate_scheduling.rb delete mode 100644 libraries/google/compute/property/instancetemplate_service_accounts.rb delete mode 100644 libraries/google/compute/property/instancetemplate_source_image_encryption_key.rb delete mode 100644 libraries/google/compute/property/instancetemplate_tags.rb delete mode 100644 libraries/google/compute/property/router_advertised_ip_ranges.rb delete mode 100644 libraries/google/compute/property/urlmap_path_rules.rb delete mode 100644 libraries/google/container/property/regionalcluster_horizontal_pod_autoscaling.rb delete mode 100644 libraries/google/container/property/regionalcluster_http_load_balancing.rb diff --git a/libraries/google/bigquery/property/dataset_view.rb b/libraries/google/bigquery/property/dataset_view.rb deleted file mode 100644 index 96d6023d1..000000000 --- a/libraries/google/bigquery/property/dataset_view.rb +++ /dev/null @@ -1,35 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module BigQuery - module Property - class DatasetView - attr_reader :dataset_id - - attr_reader :project_id - - attr_reader :table_id - - def initialize(args = nil) - return if args.nil? - @dataset_id = args['datasetId'] - @project_id = args['projectId'] - @table_id = args['tableId'] - end - end - end - end -end diff --git a/libraries/google/cloudbuild/property/trigger_steps.rb b/libraries/google/cloudbuild/property/trigger_steps.rb deleted file mode 100644 index 05596caa6..000000000 --- a/libraries/google/cloudbuild/property/trigger_steps.rb +++ /dev/null @@ -1,40 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module CloudBuild - module Property - class TriggerSteps - attr_reader :name - - attr_reader :args - - def initialize(args = nil) - return if args.nil? - @name = args['name'] - @args = args['args'] - end - end - - class TriggerStepsArray - def self.parse(value) - return if value.nil? - return TriggerSteps.new(value) unless value.is_a?(::Array) - value.map { |v| TriggerSteps.new(v) } - end - end - end - end -end diff --git a/libraries/google/compute/property/autoscaler_cpu_utilization.rb b/libraries/google/compute/property/autoscaler_cpu_utilization.rb deleted file mode 100644 index 12d179582..000000000 --- a/libraries/google/compute/property/autoscaler_cpu_utilization.rb +++ /dev/null @@ -1,29 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class AutoscalerCpuutilization - attr_reader :utilization_target - - def initialize(args = nil) - return if args.nil? - @utilization_target = args['utilizationTarget'] - end - end - end - end -end diff --git a/libraries/google/compute/property/autoscaler_custom_metric_utilizations.rb b/libraries/google/compute/property/autoscaler_custom_metric_utilizations.rb deleted file mode 100644 index 9307323c2..000000000 --- a/libraries/google/compute/property/autoscaler_custom_metric_utilizations.rb +++ /dev/null @@ -1,43 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class AutoscalerCustommetricutilizations - attr_reader :metric - - attr_reader :utilization_target - - attr_reader :utilization_target_type - - def initialize(args = nil) - return if args.nil? - @metric = args['metric'] - @utilization_target = args['utilizationTarget'] - @utilization_target_type = args['utilizationTargetType'] - end - end - - class AutoscalerCustommetricutilizationsArray - def self.parse(value) - return if value.nil? - return AutoscalerCustommetricutilizations.new(value) unless value.is_a?(::Array) - value.map { |v| AutoscalerCustommetricutilizations.new(v) } - end - end - end - end -end diff --git a/libraries/google/compute/property/autoscaler_load_balancing_utilization.rb b/libraries/google/compute/property/autoscaler_load_balancing_utilization.rb deleted file mode 100644 index b6510b902..000000000 --- a/libraries/google/compute/property/autoscaler_load_balancing_utilization.rb +++ /dev/null @@ -1,29 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class AutoscalerLoadbalancingutilization - attr_reader :utilization_target - - def initialize(args = nil) - return if args.nil? - @utilization_target = args['utilizationTarget'] - end - end - end - end -end diff --git a/libraries/google/compute/property/backendservice_cache_key_policy.rb b/libraries/google/compute/property/backendservice_cache_key_policy.rb deleted file mode 100644 index a0951f41e..000000000 --- a/libraries/google/compute/property/backendservice_cache_key_policy.rb +++ /dev/null @@ -1,41 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class BackendServiceCachekeypolicy - attr_reader :include_host - - attr_reader :include_protocol - - attr_reader :include_query_string - - attr_reader :query_string_blacklist - - attr_reader :query_string_whitelist - - def initialize(args = nil) - return if args.nil? - @include_host = args['includeHost'] - @include_protocol = args['includeProtocol'] - @include_query_string = args['includeQueryString'] - @query_string_blacklist = args['queryStringBlacklist'] - @query_string_whitelist = args['queryStringWhitelist'] - end - end - end - end -end diff --git a/libraries/google/compute/property/instancetemplate_access_configs.rb b/libraries/google/compute/property/instancetemplate_access_configs.rb deleted file mode 100644 index f5a0a904c..000000000 --- a/libraries/google/compute/property/instancetemplate_access_configs.rb +++ /dev/null @@ -1,43 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class InstanceTemplateAccessconfigs - attr_reader :name - - attr_reader :nat_ip - - attr_reader :type - - def initialize(args = nil) - return if args.nil? - @name = args['name'] - @nat_ip = args['natIP'] - @type = args['type'] - end - end - - class InstanceTemplateAccessconfigsArray - def self.parse(value) - return if value.nil? - return InstanceTemplateAccessconfigs.new(value) unless value.is_a?(::Array) - value.map { |v| InstanceTemplateAccessconfigs.new(v) } - end - end - end - end -end diff --git a/libraries/google/compute/property/instancetemplate_alias_ip_ranges.rb b/libraries/google/compute/property/instancetemplate_alias_ip_ranges.rb deleted file mode 100644 index 3f4f0d3c9..000000000 --- a/libraries/google/compute/property/instancetemplate_alias_ip_ranges.rb +++ /dev/null @@ -1,40 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class InstanceTemplateAliasipranges - attr_reader :ip_cidr_range - - attr_reader :subnetwork_range_name - - def initialize(args = nil) - return if args.nil? - @ip_cidr_range = args['ipCidrRange'] - @subnetwork_range_name = args['subnetworkRangeName'] - end - end - - class InstanceTemplateAliasiprangesArray - def self.parse(value) - return if value.nil? - return InstanceTemplateAliasipranges.new(value) unless value.is_a?(::Array) - value.map { |v| InstanceTemplateAliasipranges.new(v) } - end - end - end - end -end diff --git a/libraries/google/compute/property/instancetemplate_disk_encryption_key.rb b/libraries/google/compute/property/instancetemplate_disk_encryption_key.rb deleted file mode 100644 index f48e897f2..000000000 --- a/libraries/google/compute/property/instancetemplate_disk_encryption_key.rb +++ /dev/null @@ -1,35 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class InstanceTemplateDiskencryptionkey - attr_reader :raw_key - - attr_reader :rsa_encrypted_key - - attr_reader :sha256 - - def initialize(args = nil) - return if args.nil? - @raw_key = args['rawKey'] - @rsa_encrypted_key = args['rsaEncryptedKey'] - @sha256 = args['sha256'] - end - end - end - end -end diff --git a/libraries/google/compute/property/instancetemplate_disks.rb b/libraries/google/compute/property/instancetemplate_disks.rb deleted file mode 100644 index 8b35a6224..000000000 --- a/libraries/google/compute/property/instancetemplate_disks.rb +++ /dev/null @@ -1,67 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -require 'google/compute/property/instancetemplate_disk_encryption_key' -require 'google/compute/property/instancetemplate_initialize_params' -require 'google/compute/property/instancetemplate_source_image_encryption_key' -module GoogleInSpec - module Compute - module Property - class InstanceTemplateDisks - attr_reader :auto_delete - - attr_reader :boot - - attr_reader :device_name - - attr_reader :disk_encryption_key - - attr_reader :index - - attr_reader :initialize_params - - attr_reader :interface - - attr_reader :mode - - attr_reader :source - - attr_reader :type - - def initialize(args = nil) - return if args.nil? - @auto_delete = args['autoDelete'] - @boot = args['boot'] - @device_name = args['deviceName'] - @disk_encryption_key = GoogleInSpec::Compute::Property::InstanceTemplateDiskencryptionkey.new(args['diskEncryptionKey']) - @index = args['index'] - @initialize_params = GoogleInSpec::Compute::Property::InstanceTemplateInitializeparams.new(args['initializeParams']) - @interface = args['interface'] - @mode = args['mode'] - @source = args['source'] - @type = args['type'] - end - end - - class InstanceTemplateDisksArray - def self.parse(value) - return if value.nil? - return InstanceTemplateDisks.new(value) unless value.is_a?(::Array) - value.map { |v| InstanceTemplateDisks.new(v) } - end - end - end - end -end diff --git a/libraries/google/compute/property/instancetemplate_guest_accelerators.rb b/libraries/google/compute/property/instancetemplate_guest_accelerators.rb deleted file mode 100644 index 5182be9dc..000000000 --- a/libraries/google/compute/property/instancetemplate_guest_accelerators.rb +++ /dev/null @@ -1,40 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class InstanceTemplateGuestaccelerators - attr_reader :accelerator_count - - attr_reader :accelerator_type - - def initialize(args = nil) - return if args.nil? - @accelerator_count = args['acceleratorCount'] - @accelerator_type = args['acceleratorType'] - end - end - - class InstanceTemplateGuestacceleratorsArray - def self.parse(value) - return if value.nil? - return InstanceTemplateGuestaccelerators.new(value) unless value.is_a?(::Array) - value.map { |v| InstanceTemplateGuestaccelerators.new(v) } - end - end - end - end -end diff --git a/libraries/google/compute/property/instancetemplate_initialize_params.rb b/libraries/google/compute/property/instancetemplate_initialize_params.rb deleted file mode 100644 index f7d77bc37..000000000 --- a/libraries/google/compute/property/instancetemplate_initialize_params.rb +++ /dev/null @@ -1,42 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -require 'google/compute/property/instancetemplate_source_image_encryption_key' -module GoogleInSpec - module Compute - module Property - class InstanceTemplateInitializeparams - attr_reader :disk_name - - attr_reader :disk_size_gb - - attr_reader :disk_type - - attr_reader :source_image - - attr_reader :source_image_encryption_key - - def initialize(args = nil) - return if args.nil? - @disk_name = args['diskName'] - @disk_size_gb = args['diskSizeGb'] - @disk_type = args['diskType'] - @source_image = args['sourceImage'] - @source_image_encryption_key = GoogleInSpec::Compute::Property::InstanceTemplateSourceimageencryptionkey.new(args['sourceImageEncryptionKey']) - end - end - end - end -end diff --git a/libraries/google/compute/property/instancetemplate_network_interfaces.rb b/libraries/google/compute/property/instancetemplate_network_interfaces.rb deleted file mode 100644 index 69140847f..000000000 --- a/libraries/google/compute/property/instancetemplate_network_interfaces.rb +++ /dev/null @@ -1,54 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -require 'google/compute/property/instancetemplate_access_configs' -require 'google/compute/property/instancetemplate_alias_ip_ranges' -module GoogleInSpec - module Compute - module Property - class InstanceTemplateNetworkinterfaces - attr_reader :access_configs - - attr_reader :alias_ip_ranges - - attr_reader :name - - attr_reader :network - - attr_reader :network_ip - - attr_reader :subnetwork - - def initialize(args = nil) - return if args.nil? - @access_configs = GoogleInSpec::Compute::Property::InstanceTemplateAccessconfigsArray.parse(args['accessConfigs']) - @alias_ip_ranges = GoogleInSpec::Compute::Property::InstanceTemplateAliasiprangesArray.parse(args['aliasIpRanges']) - @name = args['name'] - @network = args['network'] - @network_ip = args['networkIP'] - @subnetwork = args['subnetwork'] - end - end - - class InstanceTemplateNetworkinterfacesArray - def self.parse(value) - return if value.nil? - return InstanceTemplateNetworkinterfaces.new(value) unless value.is_a?(::Array) - value.map { |v| InstanceTemplateNetworkinterfaces.new(v) } - end - end - end - end -end diff --git a/libraries/google/compute/property/instancetemplate_scheduling.rb b/libraries/google/compute/property/instancetemplate_scheduling.rb deleted file mode 100644 index 33a95de09..000000000 --- a/libraries/google/compute/property/instancetemplate_scheduling.rb +++ /dev/null @@ -1,35 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class InstanceTemplateScheduling - attr_reader :automatic_restart - - attr_reader :on_host_maintenance - - attr_reader :preemptible - - def initialize(args = nil) - return if args.nil? - @automatic_restart = args['automaticRestart'] - @on_host_maintenance = args['onHostMaintenance'] - @preemptible = args['preemptible'] - end - end - end - end -end diff --git a/libraries/google/compute/property/instancetemplate_service_accounts.rb b/libraries/google/compute/property/instancetemplate_service_accounts.rb deleted file mode 100644 index f48d2da81..000000000 --- a/libraries/google/compute/property/instancetemplate_service_accounts.rb +++ /dev/null @@ -1,40 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class InstanceTemplateServiceaccounts - attr_reader :email - - attr_reader :scopes - - def initialize(args = nil) - return if args.nil? - @email = args['email'] - @scopes = args['scopes'] - end - end - - class InstanceTemplateServiceaccountsArray - def self.parse(value) - return if value.nil? - return InstanceTemplateServiceaccounts.new(value) unless value.is_a?(::Array) - value.map { |v| InstanceTemplateServiceaccounts.new(v) } - end - end - end - end -end diff --git a/libraries/google/compute/property/instancetemplate_source_image_encryption_key.rb b/libraries/google/compute/property/instancetemplate_source_image_encryption_key.rb deleted file mode 100644 index 3e0543c7c..000000000 --- a/libraries/google/compute/property/instancetemplate_source_image_encryption_key.rb +++ /dev/null @@ -1,32 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class InstanceTemplateSourceimageencryptionkey - attr_reader :raw_key - - attr_reader :sha256 - - def initialize(args = nil) - return if args.nil? - @raw_key = args['rawKey'] - @sha256 = args['sha256'] - end - end - end - end -end diff --git a/libraries/google/compute/property/instancetemplate_tags.rb b/libraries/google/compute/property/instancetemplate_tags.rb deleted file mode 100644 index 65d7b1a1e..000000000 --- a/libraries/google/compute/property/instancetemplate_tags.rb +++ /dev/null @@ -1,32 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class InstanceTemplateTags - attr_reader :fingerprint - - attr_reader :items - - def initialize(args = nil) - return if args.nil? - @fingerprint = args['fingerprint'] - @items = args['items'] - end - end - end - end -end diff --git a/libraries/google/compute/property/router_advertised_ip_ranges.rb b/libraries/google/compute/property/router_advertised_ip_ranges.rb deleted file mode 100644 index 45313e693..000000000 --- a/libraries/google/compute/property/router_advertised_ip_ranges.rb +++ /dev/null @@ -1,40 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class RouterAdvertisedipranges - attr_reader :range - - attr_reader :description - - def initialize(args = nil) - return if args.nil? - @range = args['range'] - @description = args['description'] - end - end - - class RouterAdvertisediprangesArray - def self.parse(value) - return if value.nil? - return RouterAdvertisedipranges.new(value) unless value.is_a?(::Array) - value.map { |v| RouterAdvertisedipranges.new(v) } - end - end - end - end -end diff --git a/libraries/google/compute/property/urlmap_path_rules.rb b/libraries/google/compute/property/urlmap_path_rules.rb deleted file mode 100644 index e2c6b2f69..000000000 --- a/libraries/google/compute/property/urlmap_path_rules.rb +++ /dev/null @@ -1,40 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Compute - module Property - class UrlMapPathrules - attr_reader :paths - - attr_reader :service - - def initialize(args = nil) - return if args.nil? - @paths = args['paths'] - @service = args['service'] - end - end - - class UrlMapPathrulesArray - def self.parse(value) - return if value.nil? - return UrlMapPathrules.new(value) unless value.is_a?(::Array) - value.map { |v| UrlMapPathrules.new(v) } - end - end - end - end -end diff --git a/libraries/google/container/property/regionalcluster_horizontal_pod_autoscaling.rb b/libraries/google/container/property/regionalcluster_horizontal_pod_autoscaling.rb deleted file mode 100644 index 499901d34..000000000 --- a/libraries/google/container/property/regionalcluster_horizontal_pod_autoscaling.rb +++ /dev/null @@ -1,29 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Container - module Property - class RegionalClusterHorizontalpodautoscaling - attr_reader :disabled - - def initialize(args = nil) - return if args.nil? - @disabled = args['disabled'] - end - end - end - end -end diff --git a/libraries/google/container/property/regionalcluster_http_load_balancing.rb b/libraries/google/container/property/regionalcluster_http_load_balancing.rb deleted file mode 100644 index 08b5da8ae..000000000 --- a/libraries/google/container/property/regionalcluster_http_load_balancing.rb +++ /dev/null @@ -1,29 +0,0 @@ -# frozen_string_literal: false - -# ---------------------------------------------------------------------------- -# -# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** -# -# ---------------------------------------------------------------------------- -# -# This file is automatically generated by Magic Modules and manual -# changes will be clobbered when the file is regenerated. -# -# Please read more about how to change this file in README.md and -# CONTRIBUTING.md located at the root of this package. -# -# ---------------------------------------------------------------------------- -module GoogleInSpec - module Container - module Property - class RegionalClusterHttploadbalancing - attr_reader :disabled - - def initialize(args = nil) - return if args.nil? - @disabled = args['disabled'] - end - end - end - end -end From c268f98bb91da88ab5e70a249dbc1e4b67594c00 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Wed, 13 Feb 2019 01:08:30 +0000 Subject: [PATCH 21/30] Add VCR back for unit testing in InSpec Signed-off-by: Modular Magician --- Gemfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Gemfile b/Gemfile index df28b6c9d..6cd3fe881 100644 --- a/Gemfile +++ b/Gemfile @@ -13,5 +13,6 @@ group :development do gem 'passgen' gem 'pry-coolline' gem 'rake' + gem 'vcr' gem 'webmock' end From 519ebca8de4053d3985ba915988b496e75fa87c9 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Fri, 15 Feb 2019 10:48:07 -0800 Subject: [PATCH 22/30] Add terraform upgrade to Rakefile Signed-off-by: Sam Levenick --- Rakefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Rakefile b/Rakefile index e6a69e743..1805310f3 100644 --- a/Rakefile +++ b/Rakefile @@ -43,7 +43,7 @@ namespace :test do task :init_workspace do # Initialize terraform workspace - cmd = format("cd %s/build/ && terraform init", integration_dir) + cmd = format("cd %s/build/ && terraform init -upgrade", integration_dir) sh(cmd) end From bf0cbf24b5dc9e95c1a1175043d2eaf9a58fddeb Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Fri, 15 Feb 2019 21:52:52 +0000 Subject: [PATCH 23/30] Templates, inspec.yaml for bigquery table Signed-off-by: Modular Magician --- docs/resources/google_bigquery_table.md | 111 ++++++++++++++++ docs/resources/google_bigquery_tables.md | 47 +++++++ .../table_encryption_configuration.rb | 29 +++++ .../table_external_data_configuration.rb | 62 +++++++++ ...nal_data_configuration_bigtable_options.rb | 36 ++++++ ...ration_bigtable_options_column_families.rb | 50 ++++++++ ...igtable_options_column_families_columns.rb | 49 ++++++++ ...external_data_configuration_csv_options.rb | 44 +++++++ ...ata_configuration_google_sheets_options.rb | 29 +++++ ...able_external_data_configuration_schema.rb | 30 +++++ ...ternal_data_configuration_schema_fields.rb | 49 ++++++++ .../google/bigquery/property/table_schema.rb | 30 +++++ .../bigquery/property/table_schema_fields.rb | 49 ++++++++ .../property/table_streaming_buffer.rb | 35 ++++++ .../property/table_table_reference.rb | 35 ++++++ .../property/table_time_partitioning.rb | 32 +++++ .../google/bigquery/property/table_view.rb | 33 +++++ ...le_view_user_defined_function_resources.rb | 40 ++++++ libraries/google_bigquery_table.rb | 106 ++++++++++++++++ libraries/google_bigquery_tables.rb | 118 ++++++++++++++++++ .../verify/controls/google_bigquery_table.rb | 48 +++++++ .../verify/controls/google_bigquery_tables.rb | 45 +++++++ 22 files changed, 1107 insertions(+) create mode 100644 docs/resources/google_bigquery_table.md create mode 100644 docs/resources/google_bigquery_tables.md create mode 100644 libraries/google/bigquery/property/table_encryption_configuration.rb create mode 100644 libraries/google/bigquery/property/table_external_data_configuration.rb create mode 100644 libraries/google/bigquery/property/table_external_data_configuration_bigtable_options.rb create mode 100644 libraries/google/bigquery/property/table_external_data_configuration_bigtable_options_column_families.rb create mode 100644 libraries/google/bigquery/property/table_external_data_configuration_bigtable_options_column_families_columns.rb create mode 100644 libraries/google/bigquery/property/table_external_data_configuration_csv_options.rb create mode 100644 libraries/google/bigquery/property/table_external_data_configuration_google_sheets_options.rb create mode 100644 libraries/google/bigquery/property/table_external_data_configuration_schema.rb create mode 100644 libraries/google/bigquery/property/table_external_data_configuration_schema_fields.rb create mode 100644 libraries/google/bigquery/property/table_schema.rb create mode 100644 libraries/google/bigquery/property/table_schema_fields.rb create mode 100644 libraries/google/bigquery/property/table_streaming_buffer.rb create mode 100644 libraries/google/bigquery/property/table_table_reference.rb create mode 100644 libraries/google/bigquery/property/table_time_partitioning.rb create mode 100644 libraries/google/bigquery/property/table_view.rb create mode 100644 libraries/google/bigquery/property/table_view_user_defined_function_resources.rb create mode 100644 libraries/google_bigquery_table.rb create mode 100644 libraries/google_bigquery_tables.rb create mode 100644 test/integration/verify/controls/google_bigquery_table.rb create mode 100644 test/integration/verify/controls/google_bigquery_tables.rb diff --git a/docs/resources/google_bigquery_table.md b/docs/resources/google_bigquery_table.md new file mode 100644 index 000000000..b4531f742 --- /dev/null +++ b/docs/resources/google_bigquery_table.md @@ -0,0 +1,111 @@ +--- +title: About the google_bigquery_table resource +platform: gcp +--- + +## Syntax +A `google_bigquery_table` is used to test a Google Table resource + +## Examples +``` +describe google_bigquery_table(project: 'chef-gcp-inspec', dataset: 'inspec_gcp_dataset', name: 'inspec_gcp_bigquery_table') do + it { should exist } + + its('expiration_time') { should cmp '1738882264000' } + its('time_partitioning.type') { should eq 'DAY' } + its('description') { should eq 'A BigQuery table' } +end + +describe google_bigquery_table(project: 'chef-gcp-inspec', dataset: 'inspec_gcp_dataset', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_bigquery_table` resource: + + * `table_reference`: Reference describing the ID of this table + + * `datasetId`: The ID of the dataset containing this table + + * `projectId`: The ID of the project containing this table + + * `tableId`: The ID of the the table + + * `creation_time`: The time when this dataset was created, in milliseconds since the epoch. + + * `description`: A user-friendly description of the dataset + + * `friendly_name`: A descriptive name for this table + + * `id`: An opaque ID uniquely identifying the table. + + * `labels`: The labels associated with this dataset. You can use these to organize and group your datasets + + * `last_modified_time`: The time when this table was last modified, in milliseconds since the epoch. + + * `location`: The geographic location where the table resides. This value is inherited from the dataset. + + * `name`: Name of the table + + * `num_bytes`: The size of this table in bytes, excluding any data in the streaming buffer. + + * `num_long_term_bytes`: The number of bytes in the table that are considered "long-term storage". + + * `num_rows`: The number of rows of data in this table, excluding any data in the streaming buffer. + + * `type`: Describes the table type + + * `view`: The view definition. + + * `useLegacySql`: Specifies whether to use BigQuery's legacy SQL for this view + + * `userDefinedFunctionResources`: Describes user-defined function resources used in the query. + + * `time_partitioning`: If specified, configures time-based partitioning for this table. + + * `expirationMs`: Number of milliseconds for which to keep the storage for a partition. + + * `type`: The only type supported is DAY, which will generate one partition per day. + + * `streaming_buffer`: Contains information regarding this table's streaming buffer, if one is present. This field will be absent if the table is not being streamed to or if there is no data in the streaming buffer. + + * `estimatedBytes`: A lower-bound estimate of the number of bytes currently in the streaming buffer. + + * `estimatedRows`: A lower-bound estimate of the number of rows currently in the streaming buffer. + + * `oldestEntryTime`: Contains the timestamp of the oldest entry in the streaming buffer, in milliseconds since the epoch, if the streaming buffer is available. + + * `schema`: Describes the schema of this table + + * `fields`: Describes the fields in a table. + + * `encryption_configuration`: Custom encryption configuration + + * `kmsKeyName`: Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. + + * `expiration_time`: The time when this table expires, in milliseconds since the epoch. If not present, the table will persist indefinitely. + + * `external_data_configuration`: Describes the data format, location, and other properties of a table stored outside of BigQuery. By defining these properties, the data source can then be queried as if it were a standard BigQuery table. + + * `autodetect`: Try to detect schema and format options automatically. Any option specified explicitly will be honored. + + * `compression`: The compression type of the data source + + * `ignoreUnknownValues`: Indicates if BigQuery should allow extra values that are not represented in the table schema + + * `maxBadRecords`: The maximum number of bad records that BigQuery can ignore when reading data + + * `sourceFormat`: The data format + + * `sourceUris`: The fully-qualified URIs that point to your data in Google Cloud. For Google Cloud Storage URIs: Each URI can contain one '*' wildcard character and it must come after the 'bucket' name. Size limits related to load jobs apply to external data sources. For Google Cloud Bigtable URIs: Exactly one URI can be specified and it has be a fully specified and valid HTTPS URL for a Google Cloud Bigtable table. For Google Cloud Datastore backups, exactly one URI can be specified. Also, the '*' wildcard character is not allowed. + + * `schema`: The schema for the data. Schema is required for CSV and JSON formats + + * `googleSheetsOptions`: Additional options if sourceFormat is set to GOOGLE_SHEETS. + + * `csvOptions`: Additional properties to set if sourceFormat is set to CSV. + + * `bigtableOptions`: Additional options if sourceFormat is set to BIGTABLE. + + * `dataset`: Name of the dataset diff --git a/docs/resources/google_bigquery_tables.md b/docs/resources/google_bigquery_tables.md new file mode 100644 index 000000000..8e5164df0 --- /dev/null +++ b/docs/resources/google_bigquery_tables.md @@ -0,0 +1,47 @@ +--- +title: About the google_bigquery_tables resource +platform: gcp +--- + +## Syntax +A `google_bigquery_tables` is used to test a Google Table resource + +## Examples +``` +describe.one do + google_bigquery_tables(project: 'chef-gcp-inspec', dataset: 'inspec_gcp_dataset').table_references.each do |table_reference| + describe google_bigquery_table(project: 'chef-gcp-inspec', dataset: 'inspec_gcp_dataset', name: table_reference.table_id) do + its('expiration_time') { should cmp '1738882264000' } + its('description') { should eq 'A BigQuery table' } + end + end +end +``` + +## Properties +Properties that can be accessed from the `google_bigquery_tables` resource: + +See [google_bigquery_table.md](google_bigquery_table.md) for more detailed information + * `table_references`: an array of `google_bigquery_table` table_reference + * `creation_times`: an array of `google_bigquery_table` creation_time + * `friendly_names`: an array of `google_bigquery_table` friendly_name + * `ids`: an array of `google_bigquery_table` id + * `labels`: an array of `google_bigquery_table` labels + * `last_modified_times`: an array of `google_bigquery_table` last_modified_time + * `locations`: an array of `google_bigquery_table` location + * `num_bytes`: an array of `google_bigquery_table` num_bytes + * `num_long_term_bytes`: an array of `google_bigquery_table` num_long_term_bytes + * `num_rows`: an array of `google_bigquery_table` num_rows + * `types`: an array of `google_bigquery_table` type + * `views`: an array of `google_bigquery_table` view + * `time_partitionings`: an array of `google_bigquery_table` time_partitioning + * `streaming_buffers`: an array of `google_bigquery_table` streaming_buffer + * `schemas`: an array of `google_bigquery_table` schema + * `encryption_configurations`: an array of `google_bigquery_table` encryption_configuration + * `expiration_times`: an array of `google_bigquery_table` expiration_time + * `external_data_configurations`: an array of `google_bigquery_table` external_data_configuration + * `datasets`: an array of `google_bigquery_table` dataset + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google/bigquery/property/table_encryption_configuration.rb b/libraries/google/bigquery/property/table_encryption_configuration.rb new file mode 100644 index 000000000..f7e13ae71 --- /dev/null +++ b/libraries/google/bigquery/property/table_encryption_configuration.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class TableEncryptionConfiguration + attr_reader :kms_key_name + + def initialize(args = nil) + return if args.nil? + @kms_key_name = args['kmsKeyName'] + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_external_data_configuration.rb b/libraries/google/bigquery/property/table_external_data_configuration.rb new file mode 100644 index 000000000..493dc7d03 --- /dev/null +++ b/libraries/google/bigquery/property/table_external_data_configuration.rb @@ -0,0 +1,62 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/bigquery/property/table_external_data_configuration_bigtable_options' +require 'google/bigquery/property/table_external_data_configuration_bigtable_options_column_families' +require 'google/bigquery/property/table_external_data_configuration_csv_options' +require 'google/bigquery/property/table_external_data_configuration_google_sheets_options' +require 'google/bigquery/property/table_external_data_configuration_schema' +require 'google/bigquery/property/table_external_data_configuration_schema_fields' +module GoogleInSpec + module BigQuery + module Property + class TableExternalDataConfiguration + attr_reader :autodetect + + attr_reader :compression + + attr_reader :ignore_unknown_values + + attr_reader :max_bad_records + + attr_reader :source_format + + attr_reader :source_uris + + attr_reader :schema + + attr_reader :google_sheets_options + + attr_reader :csv_options + + attr_reader :bigtable_options + + def initialize(args = nil) + return if args.nil? + @autodetect = args['autodetect'] + @compression = args['compression'] + @ignore_unknown_values = args['ignoreUnknownValues'] + @max_bad_records = args['maxBadRecords'] + @source_format = args['sourceFormat'] + @source_uris = args['sourceUris'] + @schema = GoogleInSpec::BigQuery::Property::TableExternalDataConfigurationSchema.new(args['schema']) + @google_sheets_options = GoogleInSpec::BigQuery::Property::TableExternalDataConfigurationGoogleSheetsOptions.new(args['googleSheetsOptions']) + @csv_options = GoogleInSpec::BigQuery::Property::TableExternalDataConfigurationCsvOptions.new(args['csvOptions']) + @bigtable_options = GoogleInSpec::BigQuery::Property::TableExternalDataConfigurationBigtableOptions.new(args['bigtableOptions']) + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_external_data_configuration_bigtable_options.rb b/libraries/google/bigquery/property/table_external_data_configuration_bigtable_options.rb new file mode 100644 index 000000000..f5da50ab2 --- /dev/null +++ b/libraries/google/bigquery/property/table_external_data_configuration_bigtable_options.rb @@ -0,0 +1,36 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/bigquery/property/table_external_data_configuration_bigtable_options_column_families' +module GoogleInSpec + module BigQuery + module Property + class TableExternalDataConfigurationBigtableOptions + attr_reader :ignore_unspecified_column_families + + attr_reader :read_rowkey_as_string + + attr_reader :column_families + + def initialize(args = nil) + return if args.nil? + @ignore_unspecified_column_families = args['ignoreUnspecifiedColumnFamilies'] + @read_rowkey_as_string = args['readRowkeyAsString'] + @column_families = GoogleInSpec::BigQuery::Property::TableExternalDataConfigurationBigtableOptionsColumnFamiliesArray.parse(args['columnFamilies']) + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_external_data_configuration_bigtable_options_column_families.rb b/libraries/google/bigquery/property/table_external_data_configuration_bigtable_options_column_families.rb new file mode 100644 index 000000000..713f4f835 --- /dev/null +++ b/libraries/google/bigquery/property/table_external_data_configuration_bigtable_options_column_families.rb @@ -0,0 +1,50 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/bigquery/property/table_external_data_configuration_bigtable_options_column_families_columns' +module GoogleInSpec + module BigQuery + module Property + class TableExternalDataConfigurationBigtableOptionsColumnFamilies + attr_reader :columns + + attr_reader :encoding + + attr_reader :family_id + + attr_reader :only_read_latest + + attr_reader :type + + def initialize(args = nil) + return if args.nil? + @columns = GoogleInSpec::BigQuery::Property::TableExternalDataConfigurationBigtableOptionsColumnFamiliesColumnsArray.parse(args['columns']) + @encoding = args['encoding'] + @family_id = args['familyId'] + @only_read_latest = args['onlyReadLatest'] + @type = args['type'] + end + end + + class TableExternalDataConfigurationBigtableOptionsColumnFamiliesArray + def self.parse(value) + return if value.nil? + return TableExternalDataConfigurationBigtableOptionsColumnFamilies.new(value) unless value.is_a?(::Array) + value.map { |v| TableExternalDataConfigurationBigtableOptionsColumnFamilies.new(v) } + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_external_data_configuration_bigtable_options_column_families_columns.rb b/libraries/google/bigquery/property/table_external_data_configuration_bigtable_options_column_families_columns.rb new file mode 100644 index 000000000..9869d4692 --- /dev/null +++ b/libraries/google/bigquery/property/table_external_data_configuration_bigtable_options_column_families_columns.rb @@ -0,0 +1,49 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class TableExternalDataConfigurationBigtableOptionsColumnFamiliesColumns + attr_reader :encoding + + attr_reader :field_name + + attr_reader :only_read_latest + + attr_reader :qualifier_string + + attr_reader :type + + def initialize(args = nil) + return if args.nil? + @encoding = args['encoding'] + @field_name = args['fieldName'] + @only_read_latest = args['onlyReadLatest'] + @qualifier_string = args['qualifierString'] + @type = args['type'] + end + end + + class TableExternalDataConfigurationBigtableOptionsColumnFamiliesColumnsArray + def self.parse(value) + return if value.nil? + return TableExternalDataConfigurationBigtableOptionsColumnFamiliesColumns.new(value) unless value.is_a?(::Array) + value.map { |v| TableExternalDataConfigurationBigtableOptionsColumnFamiliesColumns.new(v) } + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_external_data_configuration_csv_options.rb b/libraries/google/bigquery/property/table_external_data_configuration_csv_options.rb new file mode 100644 index 000000000..9620948aa --- /dev/null +++ b/libraries/google/bigquery/property/table_external_data_configuration_csv_options.rb @@ -0,0 +1,44 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class TableExternalDataConfigurationCsvOptions + attr_reader :allow_jagged_rows + + attr_reader :allow_quoted_newlines + + attr_reader :encoding + + attr_reader :field_delimiter + + attr_reader :quote + + attr_reader :skip_leading_rows + + def initialize(args = nil) + return if args.nil? + @allow_jagged_rows = args['allowJaggedRows'] + @allow_quoted_newlines = args['allowQuotedNewlines'] + @encoding = args['encoding'] + @field_delimiter = args['fieldDelimiter'] + @quote = args['quote'] + @skip_leading_rows = args['skipLeadingRows'] + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_external_data_configuration_google_sheets_options.rb b/libraries/google/bigquery/property/table_external_data_configuration_google_sheets_options.rb new file mode 100644 index 000000000..1833dbba8 --- /dev/null +++ b/libraries/google/bigquery/property/table_external_data_configuration_google_sheets_options.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class TableExternalDataConfigurationGoogleSheetsOptions + attr_reader :skip_leading_rows + + def initialize(args = nil) + return if args.nil? + @skip_leading_rows = args['skipLeadingRows'] + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_external_data_configuration_schema.rb b/libraries/google/bigquery/property/table_external_data_configuration_schema.rb new file mode 100644 index 000000000..6ef8eef8d --- /dev/null +++ b/libraries/google/bigquery/property/table_external_data_configuration_schema.rb @@ -0,0 +1,30 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/bigquery/property/table_external_data_configuration_schema_fields' +module GoogleInSpec + module BigQuery + module Property + class TableExternalDataConfigurationSchema + attr_reader :fields + + def initialize(args = nil) + return if args.nil? + @fields = GoogleInSpec::BigQuery::Property::TableExternalDataConfigurationSchemaFieldsArray.parse(args['fields']) + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_external_data_configuration_schema_fields.rb b/libraries/google/bigquery/property/table_external_data_configuration_schema_fields.rb new file mode 100644 index 000000000..c2990b4ae --- /dev/null +++ b/libraries/google/bigquery/property/table_external_data_configuration_schema_fields.rb @@ -0,0 +1,49 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class TableExternalDataConfigurationSchemaFields + attr_reader :description + + attr_reader :fields + + attr_reader :mode + + attr_reader :name + + attr_reader :type + + def initialize(args = nil) + return if args.nil? + @description = args['description'] + @fields = args['fields'] + @mode = args['mode'] + @name = args['name'] + @type = args['type'] + end + end + + class TableExternalDataConfigurationSchemaFieldsArray + def self.parse(value) + return if value.nil? + return TableExternalDataConfigurationSchemaFields.new(value) unless value.is_a?(::Array) + value.map { |v| TableExternalDataConfigurationSchemaFields.new(v) } + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_schema.rb b/libraries/google/bigquery/property/table_schema.rb new file mode 100644 index 000000000..79fa4940d --- /dev/null +++ b/libraries/google/bigquery/property/table_schema.rb @@ -0,0 +1,30 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/bigquery/property/table_schema_fields' +module GoogleInSpec + module BigQuery + module Property + class TableSchema + attr_reader :fields + + def initialize(args = nil) + return if args.nil? + @fields = GoogleInSpec::BigQuery::Property::TableSchemaFieldsArray.parse(args['fields']) + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_schema_fields.rb b/libraries/google/bigquery/property/table_schema_fields.rb new file mode 100644 index 000000000..62bf7298c --- /dev/null +++ b/libraries/google/bigquery/property/table_schema_fields.rb @@ -0,0 +1,49 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class TableSchemaFields + attr_reader :description + + attr_reader :fields + + attr_reader :mode + + attr_reader :name + + attr_reader :type + + def initialize(args = nil) + return if args.nil? + @description = args['description'] + @fields = args['fields'] + @mode = args['mode'] + @name = args['name'] + @type = args['type'] + end + end + + class TableSchemaFieldsArray + def self.parse(value) + return if value.nil? + return TableSchemaFields.new(value) unless value.is_a?(::Array) + value.map { |v| TableSchemaFields.new(v) } + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_streaming_buffer.rb b/libraries/google/bigquery/property/table_streaming_buffer.rb new file mode 100644 index 000000000..a38f90ba3 --- /dev/null +++ b/libraries/google/bigquery/property/table_streaming_buffer.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class TableStreamingBuffer + attr_reader :estimated_bytes + + attr_reader :estimated_rows + + attr_reader :oldest_entry_time + + def initialize(args = nil) + return if args.nil? + @estimated_bytes = args['estimatedBytes'] + @estimated_rows = args['estimatedRows'] + @oldest_entry_time = args['oldestEntryTime'] + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_table_reference.rb b/libraries/google/bigquery/property/table_table_reference.rb new file mode 100644 index 000000000..43cdb0060 --- /dev/null +++ b/libraries/google/bigquery/property/table_table_reference.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class TableTableReference + attr_reader :dataset_id + + attr_reader :project_id + + attr_reader :table_id + + def initialize(args = nil) + return if args.nil? + @dataset_id = args['datasetId'] + @project_id = args['projectId'] + @table_id = args['tableId'] + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_time_partitioning.rb b/libraries/google/bigquery/property/table_time_partitioning.rb new file mode 100644 index 000000000..24f2e0b65 --- /dev/null +++ b/libraries/google/bigquery/property/table_time_partitioning.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class TableTimePartitioning + attr_reader :expiration_ms + + attr_reader :type + + def initialize(args = nil) + return if args.nil? + @expiration_ms = args['expirationMs'] + @type = args['type'] + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_view.rb b/libraries/google/bigquery/property/table_view.rb new file mode 100644 index 000000000..c263d4f7d --- /dev/null +++ b/libraries/google/bigquery/property/table_view.rb @@ -0,0 +1,33 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/bigquery/property/table_view_user_defined_function_resources' +module GoogleInSpec + module BigQuery + module Property + class TableView + attr_reader :use_legacy_sql + + attr_reader :user_defined_function_resources + + def initialize(args = nil) + return if args.nil? + @use_legacy_sql = args['useLegacySql'] + @user_defined_function_resources = GoogleInSpec::BigQuery::Property::TableViewUserDefinedFunctionResourcesArray.parse(args['userDefinedFunctionResources']) + end + end + end + end +end diff --git a/libraries/google/bigquery/property/table_view_user_defined_function_resources.rb b/libraries/google/bigquery/property/table_view_user_defined_function_resources.rb new file mode 100644 index 000000000..c44403a25 --- /dev/null +++ b/libraries/google/bigquery/property/table_view_user_defined_function_resources.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class TableViewUserDefinedFunctionResources + attr_reader :inline_code + + attr_reader :resource_uri + + def initialize(args = nil) + return if args.nil? + @inline_code = args['inlineCode'] + @resource_uri = args['resourceUri'] + end + end + + class TableViewUserDefinedFunctionResourcesArray + def self.parse(value) + return if value.nil? + return TableViewUserDefinedFunctionResources.new(value) unless value.is_a?(::Array) + value.map { |v| TableViewUserDefinedFunctionResources.new(v) } + end + end + end + end +end diff --git a/libraries/google_bigquery_table.rb b/libraries/google_bigquery_table.rb new file mode 100644 index 000000000..ec1dca42d --- /dev/null +++ b/libraries/google_bigquery_table.rb @@ -0,0 +1,106 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +require 'google/bigquery/property/table_encryption_configuration' +require 'google/bigquery/property/table_external_data_configuration' +require 'google/bigquery/property/table_external_data_configuration_bigtable_options' +require 'google/bigquery/property/table_external_data_configuration_bigtable_options_column_families' +require 'google/bigquery/property/table_external_data_configuration_csv_options' +require 'google/bigquery/property/table_external_data_configuration_google_sheets_options' +require 'google/bigquery/property/table_external_data_configuration_schema' +require 'google/bigquery/property/table_external_data_configuration_schema_fields' +require 'google/bigquery/property/table_schema' +require 'google/bigquery/property/table_schema_fields' +require 'google/bigquery/property/table_streaming_buffer' +require 'google/bigquery/property/table_table_reference' +require 'google/bigquery/property/table_time_partitioning' +require 'google/bigquery/property/table_view' +require 'google/bigquery/property/table_view_user_defined_function_resources' + +# A provider to manage Google Cloud BigQuery resources. +class Table < GcpResourceBase + name 'google_bigquery_table' + desc 'Table' + supports platform: 'gcp' + + attr_reader :table_reference + attr_reader :creation_time + attr_reader :description + attr_reader :friendly_name + attr_reader :id + attr_reader :labels + attr_reader :last_modified_time + attr_reader :location + attr_reader :name + attr_reader :num_bytes + attr_reader :num_long_term_bytes + attr_reader :num_rows + attr_reader :type + attr_reader :view + attr_reader :time_partitioning + attr_reader :streaming_buffer + attr_reader :schema + attr_reader :encryption_configuration + attr_reader :expiration_time + attr_reader :external_data_configuration + attr_reader :dataset + def base + 'https://www.googleapis.com/bigquery/v2/' + end + + def url + 'projects/{{project}}/datasets/{{dataset}}/tables/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @table_reference = GoogleInSpec::BigQuery::Property::TableTableReference.new(@fetched['tableReference']) + @creation_time = @fetched['creationTime'] + @description = @fetched['description'] + @friendly_name = @fetched['friendlyName'] + @id = @fetched['id'] + @labels = @fetched['labels'] + @last_modified_time = @fetched['lastModifiedTime'] + @location = @fetched['location'] + @name = @fetched['name'] + @num_bytes = @fetched['numBytes'] + @num_long_term_bytes = @fetched['numLongTermBytes'] + @num_rows = @fetched['numRows'] + @type = @fetched['type'] + @view = GoogleInSpec::BigQuery::Property::TableView.new(@fetched['view']) + @time_partitioning = GoogleInSpec::BigQuery::Property::TableTimePartitioning.new(@fetched['timePartitioning']) + @streaming_buffer = GoogleInSpec::BigQuery::Property::TableStreamingBuffer.new(@fetched['streamingBuffer']) + @schema = GoogleInSpec::BigQuery::Property::TableSchema.new(@fetched['schema']) + @encryption_configuration = GoogleInSpec::BigQuery::Property::TableEncryptionConfiguration.new(@fetched['encryptionConfiguration']) + @expiration_time = @fetched['expirationTime'] + @external_data_configuration = GoogleInSpec::BigQuery::Property::TableExternalDataConfiguration.new(@fetched['externalDataConfiguration']) + @dataset = @fetched['dataset'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_bigquery_tables.rb b/libraries/google_bigquery_tables.rb new file mode 100644 index 000000000..adbaac999 --- /dev/null +++ b/libraries/google_bigquery_tables.rb @@ -0,0 +1,118 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class Tables < GcpResourceBase + name 'google_bigquery_tables' + desc 'Table plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:table_references, field: :table_reference) + filter_table_config.add(:creation_times, field: :creation_time) + filter_table_config.add(:friendly_names, field: :friendly_name) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:labels, field: :labels) + filter_table_config.add(:last_modified_times, field: :last_modified_time) + filter_table_config.add(:locations, field: :location) + filter_table_config.add(:num_bytes, field: :num_bytes) + filter_table_config.add(:num_long_term_bytes, field: :num_long_term_bytes) + filter_table_config.add(:num_rows, field: :num_rows) + filter_table_config.add(:types, field: :type) + filter_table_config.add(:views, field: :view) + filter_table_config.add(:time_partitionings, field: :time_partitioning) + filter_table_config.add(:streaming_buffers, field: :streaming_buffer) + filter_table_config.add(:schemas, field: :schema) + filter_table_config.add(:encryption_configurations, field: :encryption_configuration) + filter_table_config.add(:expiration_times, field: :expiration_time) + filter_table_config.add(:external_data_configurations, field: :external_data_configuration) + filter_table_config.add(:datasets, field: :dataset) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/bigquery/v2/' + end + + def url + 'projects/{{project}}/datasets/{{dataset}}/tables' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('tables') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'tableReference' => ->(obj) { return :table_reference, GoogleInSpec::BigQuery::Property::TableTableReference.new(obj['tableReference']) }, + 'creationTime' => ->(obj) { return :creation_time, obj['creationTime'] }, + 'friendlyName' => ->(obj) { return :friendly_name, obj['friendlyName'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'labels' => ->(obj) { return :labels, obj['labels'] }, + 'lastModifiedTime' => ->(obj) { return :last_modified_time, obj['lastModifiedTime'] }, + 'location' => ->(obj) { return :location, obj['location'] }, + 'numBytes' => ->(obj) { return :num_bytes, obj['numBytes'] }, + 'numLongTermBytes' => ->(obj) { return :num_long_term_bytes, obj['numLongTermBytes'] }, + 'numRows' => ->(obj) { return :num_rows, obj['numRows'] }, + 'type' => ->(obj) { return :type, obj['type'] }, + 'view' => ->(obj) { return :view, GoogleInSpec::BigQuery::Property::TableView.new(obj['view']) }, + 'timePartitioning' => ->(obj) { return :time_partitioning, GoogleInSpec::BigQuery::Property::TableTimePartitioning.new(obj['timePartitioning']) }, + 'streamingBuffer' => ->(obj) { return :streaming_buffer, GoogleInSpec::BigQuery::Property::TableStreamingBuffer.new(obj['streamingBuffer']) }, + 'schema' => ->(obj) { return :schema, GoogleInSpec::BigQuery::Property::TableSchema.new(obj['schema']) }, + 'encryptionConfiguration' => ->(obj) { return :encryption_configuration, GoogleInSpec::BigQuery::Property::TableEncryptionConfiguration.new(obj['encryptionConfiguration']) }, + 'expirationTime' => ->(obj) { return :expiration_time, obj['expirationTime'] }, + 'externalDataConfiguration' => ->(obj) { return :external_data_configuration, GoogleInSpec::BigQuery::Property::TableExternalDataConfiguration.new(obj['externalDataConfiguration']) }, + 'dataset' => ->(obj) { return :dataset, obj['dataset'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/verify/controls/google_bigquery_table.rb b/test/integration/verify/controls/google_bigquery_table.rb new file mode 100644 index 000000000..b5fdb7f3d --- /dev/null +++ b/test/integration/verify/controls/google_bigquery_table.rb @@ -0,0 +1,48 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_bigquery_table resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +bigquery_table = attribute('bigquery_table', default: { + "table_id": "inspec_gcp_bigquery_table", + "description": "A BigQuery table", + "expiration_time": 1738882264000, + "time_partitioning_type": "DAY" +}, description: 'BigQuery table definition') +dataset = attribute('dataset', default: { + "dataset_id": "inspec_gcp_dataset", + "friendly_name": "A BigQuery dataset test", + "description": "Test BigQuery dataset description", + "location": "EU", + "default_table_expiration_ms": 3600000, + "access_writer_role": "WRITER", + "access_writer_special_group": "projectWriters" +}, description: 'BigQuery dataset definition') +control 'google_bigquery_table-1.0' do + impact 1.0 + title 'google_bigquery_table resource test' + + describe google_bigquery_table(project: gcp_project_id, dataset: dataset['dataset_id'], name: bigquery_table['table_id']) do + it { should exist } + + its('expiration_time') { should cmp bigquery_table['expiration_time'] } + its('time_partitioning.type') { should eq bigquery_table['time_partitioning_type'] } + its('description') { should eq bigquery_table['description'] } + end + + describe google_bigquery_table(project: gcp_project_id, dataset: dataset['dataset_id'], name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_bigquery_tables.rb b/test/integration/verify/controls/google_bigquery_tables.rb new file mode 100644 index 000000000..f9624d493 --- /dev/null +++ b/test/integration/verify/controls/google_bigquery_tables.rb @@ -0,0 +1,45 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_bigquery_tables resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +bigquery_table = attribute('bigquery_table', default: { + "table_id": "inspec_gcp_bigquery_table", + "description": "A BigQuery table", + "expiration_time": 1738882264000, + "time_partitioning_type": "DAY" +}, description: 'BigQuery table definition') +dataset = attribute('dataset', default: { + "dataset_id": "inspec_gcp_dataset", + "friendly_name": "A BigQuery dataset test", + "description": "Test BigQuery dataset description", + "location": "EU", + "default_table_expiration_ms": 3600000, + "access_writer_role": "WRITER", + "access_writer_special_group": "projectWriters" +}, description: 'BigQuery dataset definition') +control 'google_bigquery_tables-1.0' do + impact 1.0 + title 'google_bigquery_tables resource test' + + describe.one do + google_bigquery_tables(project: gcp_project_id, dataset: dataset['dataset_id']).table_references.each do |table_reference| + describe google_bigquery_table(project: gcp_project_id, dataset: dataset['dataset_id'], name: table_reference.table_id) do + its('expiration_time') { should cmp bigquery_table['expiration_time'] } + its('description') { should eq bigquery_table['description'] } + end + end + end +end From fb2b9002d1fa9f40402fc4ba982ed6afcd543294 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Tue, 19 Feb 2019 22:22:35 +0000 Subject: [PATCH 24/30] Add InSpec support for source repositories Signed-off-by: Modular Magician --- .../google_sourcerepo_repositories.md | 31 +++++++ .../resources/google_sourcerepo_repository.md | 27 ++++++ libraries/google_bigquery_dataset.rb | 19 ++-- libraries/google_bigquery_datasets.rb | 20 +++-- libraries/google_bigquery_table.rb | 19 ++-- libraries/google_bigquery_tables.rb | 20 +++-- libraries/google_cloudbuild_trigger.rb | 19 ++-- libraries/google_cloudbuild_triggers.rb | 20 +++-- libraries/google_compute_autoscaler.rb | 19 ++-- libraries/google_compute_autoscalers.rb | 20 +++-- libraries/google_compute_backend_service.rb | 19 ++-- libraries/google_compute_backend_services.rb | 20 +++-- libraries/google_compute_disk.rb | 19 ++-- libraries/google_compute_disks.rb | 20 +++-- libraries/google_compute_global_address.rb | 19 ++-- libraries/google_compute_global_addresses.rb | 20 +++-- .../google_compute_global_forwarding_rule.rb | 19 ++-- .../google_compute_global_forwarding_rules.rb | 20 +++-- libraries/google_compute_health_check.rb | 19 ++-- libraries/google_compute_health_checks.rb | 20 +++-- libraries/google_compute_http_health_check.rb | 19 ++-- .../google_compute_http_health_checks.rb | 20 +++-- .../google_compute_https_health_check.rb | 19 ++-- .../google_compute_https_health_checks.rb | 20 +++-- .../google_compute_instance_group_manager.rb | 19 ++-- .../google_compute_instance_group_managers.rb | 20 +++-- libraries/google_compute_instance_template.rb | 19 ++-- .../google_compute_instance_templates.rb | 20 +++-- libraries/google_compute_route.rb | 19 ++-- libraries/google_compute_router.rb | 19 ++-- libraries/google_compute_routers.rb | 20 +++-- libraries/google_compute_routes.rb | 20 +++-- libraries/google_compute_snapshot.rb | 19 ++-- libraries/google_compute_snapshots.rb | 20 +++-- libraries/google_compute_ssl_certificate.rb | 19 ++-- libraries/google_compute_ssl_certificates.rb | 20 +++-- libraries/google_compute_ssl_policies.rb | 20 +++-- libraries/google_compute_ssl_policy.rb | 19 ++-- .../google_compute_target_http_proxies.rb | 20 +++-- libraries/google_compute_target_http_proxy.rb | 19 ++-- .../google_compute_target_https_proxies.rb | 20 +++-- .../google_compute_target_https_proxy.rb | 19 ++-- libraries/google_compute_target_pool.rb | 19 ++-- libraries/google_compute_target_pools.rb | 20 +++-- .../google_compute_target_tcp_proxies.rb | 20 +++-- libraries/google_compute_target_tcp_proxy.rb | 19 ++-- libraries/google_compute_url_map.rb | 19 ++-- libraries/google_compute_url_maps.rb | 20 +++-- .../google_container_regional_cluster.rb | 19 ++-- .../google_container_regional_clusters.rb | 20 +++-- libraries/google_dns_resource_record_set.rb | 19 ++-- libraries/google_dns_resource_record_sets.rb | 20 +++-- libraries/google_pubsub_subscription.rb | 19 ++-- libraries/google_pubsub_subscriptions.rb | 20 +++-- libraries/google_pubsub_topic.rb | 19 ++-- libraries/google_pubsub_topics.rb | 20 +++-- libraries/google_sourcerepo_repositories.rb | 88 +++++++++++++++++++ libraries/google_sourcerepo_repository.rb | 58 ++++++++++++ test/integration/build/gcp-mm.tf | 9 ++ .../configuration/mm-attributes.yml | 5 +- .../google_sourcerepo_repositories.rb | 33 +++++++ .../controls/google_sourcerepo_repository.rb | 32 +++++++ 62 files changed, 876 insertions(+), 460 deletions(-) create mode 100644 docs/resources/google_sourcerepo_repositories.md create mode 100644 docs/resources/google_sourcerepo_repository.md create mode 100644 libraries/google_sourcerepo_repositories.rb create mode 100644 libraries/google_sourcerepo_repository.rb create mode 100644 test/integration/verify/controls/google_sourcerepo_repositories.rb create mode 100644 test/integration/verify/controls/google_sourcerepo_repository.rb diff --git a/docs/resources/google_sourcerepo_repositories.md b/docs/resources/google_sourcerepo_repositories.md new file mode 100644 index 000000000..b95eec9c7 --- /dev/null +++ b/docs/resources/google_sourcerepo_repositories.md @@ -0,0 +1,31 @@ +--- +title: About the google_sourcerepo_repositories resource +platform: gcp +--- + +## Syntax +A `google_sourcerepo_repositories` is used to test a Google Repository resource + +## Examples +``` +repo_name = 'inspec-gcp-repository' +describe.one do + google_sourcerepo_repositories(project: 'chef-gcp-inspec').names.each do |name| + describe name do + it { should match /\/repos\/#{repo_name}$/ } + end + end +end +``` + +## Properties +Properties that can be accessed from the `google_sourcerepo_repositories` resource: + +See [google_sourcerepo_repository.md](google_sourcerepo_repository.md) for more detailed information + * `names`: an array of `google_sourcerepo_repository` name + * `urls`: an array of `google_sourcerepo_repository` url + * `sizes`: an array of `google_sourcerepo_repository` size + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/docs/resources/google_sourcerepo_repository.md b/docs/resources/google_sourcerepo_repository.md new file mode 100644 index 000000000..caf8b91ca --- /dev/null +++ b/docs/resources/google_sourcerepo_repository.md @@ -0,0 +1,27 @@ +--- +title: About the google_sourcerepo_repository resource +platform: gcp +--- + +## Syntax +A `google_sourcerepo_repository` is used to test a Google Repository resource + +## Examples +``` +describe google_sourcerepo_repository(project: 'chef-gcp-inspec', name: 'inspec-gcp-repository') do + it { should exist } +end + +describe google_sourcerepo_repository(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_sourcerepo_repository` resource: + + * `name`: Resource name of the repository, of the form projects/{{project}}/repos/{{repo}}. The repo name may contain slashes. eg, projects/myproject/repos/name/with/slash + + * `url`: URL to clone the repository from Google Cloud Source Repositories. + + * `size`: The disk usage of the repo, in bytes. diff --git a/libraries/google_bigquery_dataset.rb b/libraries/google_bigquery_dataset.rb index cfd684f7c..106b3f905 100644 --- a/libraries/google_bigquery_dataset.rb +++ b/libraries/google_bigquery_dataset.rb @@ -34,17 +34,10 @@ class Dataset < GcpResourceBase attr_reader :labels attr_reader :last_modified_time attr_reader :location - def base - 'https://www.googleapis.com/bigquery/v2/' - end - - def url - 'projects/{{project}}/datasets/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -70,4 +63,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/bigquery/v2/' + end + + def resource_base_url + 'projects/{{project}}/datasets/{{name}}' + end end diff --git a/libraries/google_bigquery_datasets.rb b/libraries/google_bigquery_datasets.rb index 3d2163c05..ce0cb3f0f 100644 --- a/libraries/google_bigquery_datasets.rb +++ b/libraries/google_bigquery_datasets.rb @@ -31,14 +31,6 @@ class Datasets < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/bigquery/v2/' - end - - def url - 'projects/{{project}}/datasets' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -47,7 +39,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -87,4 +79,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/bigquery/v2/' + end + + def resource_base_url + 'projects/{{project}}/datasets' + end end diff --git a/libraries/google_bigquery_table.rb b/libraries/google_bigquery_table.rb index ec1dca42d..10334b4e2 100644 --- a/libraries/google_bigquery_table.rb +++ b/libraries/google_bigquery_table.rb @@ -57,17 +57,10 @@ class Table < GcpResourceBase attr_reader :expiration_time attr_reader :external_data_configuration attr_reader :dataset - def base - 'https://www.googleapis.com/bigquery/v2/' - end - - def url - 'projects/{{project}}/datasets/{{dataset}}/tables/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -103,4 +96,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/bigquery/v2/' + end + + def resource_base_url + 'projects/{{project}}/datasets/{{dataset}}/tables/{{name}}' + end end diff --git a/libraries/google_bigquery_tables.rb b/libraries/google_bigquery_tables.rb index adbaac999..b07711419 100644 --- a/libraries/google_bigquery_tables.rb +++ b/libraries/google_bigquery_tables.rb @@ -45,14 +45,6 @@ class Tables < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/bigquery/v2/' - end - - def url - 'projects/{{project}}/datasets/{{dataset}}/tables' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -61,7 +53,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -115,4 +107,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/bigquery/v2/' + end + + def resource_base_url + 'projects/{{project}}/datasets/{{dataset}}/tables' + end end diff --git a/libraries/google_cloudbuild_trigger.rb b/libraries/google_cloudbuild_trigger.rb index c99e5a2f7..8ad0f290e 100644 --- a/libraries/google_cloudbuild_trigger.rb +++ b/libraries/google_cloudbuild_trigger.rb @@ -34,17 +34,10 @@ class Trigger < GcpResourceBase attr_reader :included_files attr_reader :trigger_template attr_reader :build - def base - 'https://cloudbuild.googleapis.com/v1/' - end - - def url - 'projects/{{project}}/triggers/{{id}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -69,4 +62,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://cloudbuild.googleapis.com/v1/' + end + + def resource_base_url + 'projects/{{project}}/triggers/{{id}}' + end end diff --git a/libraries/google_cloudbuild_triggers.rb b/libraries/google_cloudbuild_triggers.rb index b8221c647..55abd90f0 100644 --- a/libraries/google_cloudbuild_triggers.rb +++ b/libraries/google_cloudbuild_triggers.rb @@ -36,14 +36,6 @@ class Triggers < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://cloudbuild.googleapis.com/v1/' - end - - def url - 'projects/{{project}}/triggers' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -52,7 +44,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -97,4 +89,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://cloudbuild.googleapis.com/v1/' + end + + def resource_base_url + 'projects/{{project}}/triggers' + end end diff --git a/libraries/google_compute_autoscaler.rb b/libraries/google_compute_autoscaler.rb index c7019072c..b879ae039 100644 --- a/libraries/google_compute_autoscaler.rb +++ b/libraries/google_compute_autoscaler.rb @@ -32,17 +32,10 @@ class Autoscaler < GcpResourceBase attr_reader :autoscaling_policy attr_reader :target attr_reader :zone - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/zones/{{zone}}/autoscalers/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -64,4 +57,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/zones/{{zone}}/autoscalers/{{name}}' + end end diff --git a/libraries/google_compute_autoscalers.rb b/libraries/google_compute_autoscalers.rb index ce7954895..e8ee98935 100644 --- a/libraries/google_compute_autoscalers.rb +++ b/libraries/google_compute_autoscalers.rb @@ -33,14 +33,6 @@ class Autoscalers < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/zones/{{zone}}/autoscalers' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -49,7 +41,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -91,4 +83,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/zones/{{zone}}/autoscalers' + end end diff --git a/libraries/google_compute_backend_service.rb b/libraries/google_compute_backend_service.rb index b4e6c8ef6..22b70490f 100644 --- a/libraries/google_compute_backend_service.rb +++ b/libraries/google_compute_backend_service.rb @@ -43,17 +43,10 @@ class BackendService < GcpResourceBase attr_reader :region attr_reader :session_affinity attr_reader :timeout_sec - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/backendServices/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -85,4 +78,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/backendServices/{{name}}' + end end diff --git a/libraries/google_compute_backend_services.rb b/libraries/google_compute_backend_services.rb index 8daa82066..c98a3ad99 100644 --- a/libraries/google_compute_backend_services.rb +++ b/libraries/google_compute_backend_services.rb @@ -43,14 +43,6 @@ class BackendServices < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/backendServices' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -59,7 +51,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -111,4 +103,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/backendServices' + end end diff --git a/libraries/google_compute_disk.rb b/libraries/google_compute_disk.rb index caa586125..ae4dbdf56 100644 --- a/libraries/google_compute_disk.rb +++ b/libraries/google_compute_disk.rb @@ -44,17 +44,10 @@ class Disk < GcpResourceBase attr_reader :source_snapshot attr_reader :source_snapshot_encryption_key attr_reader :source_snapshot_id - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/zones/{{zone}}/disks/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -89,4 +82,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/zones/{{zone}}/disks/{{name}}' + end end diff --git a/libraries/google_compute_disks.rb b/libraries/google_compute_disks.rb index cb3bf974d..ece34ca12 100644 --- a/libraries/google_compute_disks.rb +++ b/libraries/google_compute_disks.rb @@ -46,14 +46,6 @@ class Disks < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/zones/{{zone}}/disks' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -62,7 +54,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -117,4 +109,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/zones/{{zone}}/disks' + end end diff --git a/libraries/google_compute_global_address.rb b/libraries/google_compute_global_address.rb index 43da4d631..a76d5a78a 100644 --- a/libraries/google_compute_global_address.rb +++ b/libraries/google_compute_global_address.rb @@ -29,17 +29,10 @@ class GlobalAddress < GcpResourceBase attr_reader :ip_version attr_reader :region attr_reader :address_type - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/addresses/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -62,4 +55,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/addresses/{{name}}' + end end diff --git a/libraries/google_compute_global_addresses.rb b/libraries/google_compute_global_addresses.rb index 34f7eff0c..c49ab869c 100644 --- a/libraries/google_compute_global_addresses.rb +++ b/libraries/google_compute_global_addresses.rb @@ -34,14 +34,6 @@ class GlobalAddresss < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/addresses' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -50,7 +42,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -93,4 +85,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/addresses' + end end diff --git a/libraries/google_compute_global_forwarding_rule.rb b/libraries/google_compute_global_forwarding_rule.rb index 27d1b7ce1..2467df3c3 100644 --- a/libraries/google_compute_global_forwarding_rule.rb +++ b/libraries/google_compute_global_forwarding_rule.rb @@ -36,17 +36,10 @@ class GlobalForwardingRule < GcpResourceBase attr_reader :subnetwork attr_reader :region attr_reader :target - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/forwardingRules/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -76,4 +69,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/forwardingRules/{{name}}' + end end diff --git a/libraries/google_compute_global_forwarding_rules.rb b/libraries/google_compute_global_forwarding_rules.rb index 9f2f8f3a5..4edce1357 100644 --- a/libraries/google_compute_global_forwarding_rules.rb +++ b/libraries/google_compute_global_forwarding_rules.rb @@ -41,14 +41,6 @@ class GlobalForwardingRules < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/forwardingRules' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -57,7 +49,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -107,4 +99,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/forwardingRules' + end end diff --git a/libraries/google_compute_health_check.rb b/libraries/google_compute_health_check.rb index 47c42ecfa..434a12da0 100644 --- a/libraries/google_compute_health_check.rb +++ b/libraries/google_compute_health_check.rb @@ -38,17 +38,10 @@ class HealthCheck < GcpResourceBase attr_reader :https_health_check attr_reader :tcp_health_check attr_reader :ssl_health_check - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/healthChecks/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -76,4 +69,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/healthChecks/{{name}}' + end end diff --git a/libraries/google_compute_health_checks.rb b/libraries/google_compute_health_checks.rb index 0ef54fba3..2f0492165 100644 --- a/libraries/google_compute_health_checks.rb +++ b/libraries/google_compute_health_checks.rb @@ -39,14 +39,6 @@ class HealthChecks < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/healthChecks' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -55,7 +47,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -103,4 +95,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/healthChecks' + end end diff --git a/libraries/google_compute_http_health_check.rb b/libraries/google_compute_http_health_check.rb index 55136b30e..a233bf461 100644 --- a/libraries/google_compute_http_health_check.rb +++ b/libraries/google_compute_http_health_check.rb @@ -32,17 +32,10 @@ class HttpHealthCheck < GcpResourceBase attr_reader :request_path attr_reader :timeout_sec attr_reader :unhealthy_threshold - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/httpHealthChecks/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -68,4 +61,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/httpHealthChecks/{{name}}' + end end diff --git a/libraries/google_compute_http_health_checks.rb b/libraries/google_compute_http_health_checks.rb index d313de253..64c5a6c81 100644 --- a/libraries/google_compute_http_health_checks.rb +++ b/libraries/google_compute_http_health_checks.rb @@ -37,14 +37,6 @@ class HttpHealthChecks < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/httpHealthChecks' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -53,7 +45,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -99,4 +91,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/httpHealthChecks' + end end diff --git a/libraries/google_compute_https_health_check.rb b/libraries/google_compute_https_health_check.rb index 104278916..086220190 100644 --- a/libraries/google_compute_https_health_check.rb +++ b/libraries/google_compute_https_health_check.rb @@ -32,17 +32,10 @@ class HttpsHealthCheck < GcpResourceBase attr_reader :request_path attr_reader :timeout_sec attr_reader :unhealthy_threshold - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/httpsHealthChecks/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -68,4 +61,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/httpsHealthChecks/{{name}}' + end end diff --git a/libraries/google_compute_https_health_checks.rb b/libraries/google_compute_https_health_checks.rb index dc4fa7907..8576ef71c 100644 --- a/libraries/google_compute_https_health_checks.rb +++ b/libraries/google_compute_https_health_checks.rb @@ -37,14 +37,6 @@ class HttpsHealthChecks < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/httpsHealthChecks' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -53,7 +45,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -99,4 +91,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/httpsHealthChecks' + end end diff --git a/libraries/google_compute_instance_group_manager.rb b/libraries/google_compute_instance_group_manager.rb index f518ff84f..09ac7db2f 100644 --- a/libraries/google_compute_instance_group_manager.rb +++ b/libraries/google_compute_instance_group_manager.rb @@ -36,17 +36,10 @@ class InstanceGroupManager < GcpResourceBase attr_reader :target_pools attr_reader :target_size attr_reader :zone - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -74,4 +67,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers/{{name}}' + end end diff --git a/libraries/google_compute_instance_group_managers.rb b/libraries/google_compute_instance_group_managers.rb index 616853fc7..332e204c4 100644 --- a/libraries/google_compute_instance_group_managers.rb +++ b/libraries/google_compute_instance_group_managers.rb @@ -39,14 +39,6 @@ class InstanceGroupManagers < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -55,7 +47,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -103,4 +95,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/zones/{{zone}}/instanceGroupManagers' + end end diff --git a/libraries/google_compute_instance_template.rb b/libraries/google_compute_instance_template.rb index 86c352fb9..a215722fb 100644 --- a/libraries/google_compute_instance_template.rb +++ b/libraries/google_compute_instance_template.rb @@ -33,17 +33,10 @@ class InstanceTemplate < GcpResourceBase attr_reader :id attr_reader :name attr_reader :properties - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/instanceTemplates/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -63,4 +56,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/instanceTemplates/{{name}}' + end end diff --git a/libraries/google_compute_instance_templates.rb b/libraries/google_compute_instance_templates.rb index bd5248bc6..4ae92b1b0 100644 --- a/libraries/google_compute_instance_templates.rb +++ b/libraries/google_compute_instance_templates.rb @@ -31,14 +31,6 @@ class InstanceTemplates < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/instanceTemplates' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -47,7 +39,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -87,4 +79,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/instanceTemplates' + end end diff --git a/libraries/google_compute_route.rb b/libraries/google_compute_route.rb index 27da100a3..d4f9b9bcd 100644 --- a/libraries/google_compute_route.rb +++ b/libraries/google_compute_route.rb @@ -32,17 +32,10 @@ class Route < GcpResourceBase attr_reader :next_hop_ip attr_reader :next_hop_vpn_tunnel attr_reader :next_hop_network - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/routes/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -68,4 +61,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/routes/{{name}}' + end end diff --git a/libraries/google_compute_router.rb b/libraries/google_compute_router.rb index e39217ee4..1f8f64d6d 100644 --- a/libraries/google_compute_router.rb +++ b/libraries/google_compute_router.rb @@ -30,17 +30,10 @@ class Router < GcpResourceBase attr_reader :network attr_reader :bgp attr_reader :region - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/regions/{{region}}/routers/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -62,4 +55,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/regions/{{region}}/routers/{{name}}' + end end diff --git a/libraries/google_compute_routers.rb b/libraries/google_compute_routers.rb index 4254b22cc..0a060f1b5 100644 --- a/libraries/google_compute_routers.rb +++ b/libraries/google_compute_routers.rb @@ -33,14 +33,6 @@ class Routers < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/regions/{{region}}/routers' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -49,7 +41,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -91,4 +83,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/regions/{{region}}/routers' + end end diff --git a/libraries/google_compute_routes.rb b/libraries/google_compute_routes.rb index af08fcf63..34446a7d4 100644 --- a/libraries/google_compute_routes.rb +++ b/libraries/google_compute_routes.rb @@ -37,14 +37,6 @@ class Routes < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/routes' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -53,7 +45,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -99,4 +91,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/routes' + end end diff --git a/libraries/google_compute_snapshot.rb b/libraries/google_compute_snapshot.rb index 482121e07..48d5ab4de 100644 --- a/libraries/google_compute_snapshot.rb +++ b/libraries/google_compute_snapshot.rb @@ -36,17 +36,10 @@ class Snapshot < GcpResourceBase attr_reader :zone attr_reader :snapshot_encryption_key attr_reader :source_disk_encryption_key - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/snapshots/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -74,4 +67,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/snapshots/{{name}}' + end end diff --git a/libraries/google_compute_snapshots.rb b/libraries/google_compute_snapshots.rb index 675d660e5..eeb00ebdb 100644 --- a/libraries/google_compute_snapshots.rb +++ b/libraries/google_compute_snapshots.rb @@ -39,14 +39,6 @@ class Snapshots < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/snapshots' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -55,7 +47,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -103,4 +95,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/snapshots' + end end diff --git a/libraries/google_compute_ssl_certificate.rb b/libraries/google_compute_ssl_certificate.rb index 6dbcdff93..7d86487ff 100644 --- a/libraries/google_compute_ssl_certificate.rb +++ b/libraries/google_compute_ssl_certificate.rb @@ -27,17 +27,10 @@ class SslCertificate < GcpResourceBase attr_reader :id attr_reader :name attr_reader :private_key - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/sslCertificates/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -58,4 +51,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/sslCertificates/{{name}}' + end end diff --git a/libraries/google_compute_ssl_certificates.rb b/libraries/google_compute_ssl_certificates.rb index 0cb922ce1..ba3d09b9c 100644 --- a/libraries/google_compute_ssl_certificates.rb +++ b/libraries/google_compute_ssl_certificates.rb @@ -32,14 +32,6 @@ class SslCertificates < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/sslCertificates' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -48,7 +40,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -89,4 +81,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/sslCertificates' + end end diff --git a/libraries/google_compute_ssl_policies.rb b/libraries/google_compute_ssl_policies.rb index c1175286b..736616a57 100644 --- a/libraries/google_compute_ssl_policies.rb +++ b/libraries/google_compute_ssl_policies.rb @@ -36,14 +36,6 @@ class SslPolicys < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/sslPolicies' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -52,7 +44,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -97,4 +89,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/sslPolicies' + end end diff --git a/libraries/google_compute_ssl_policy.rb b/libraries/google_compute_ssl_policy.rb index ee061c5b9..b9f1493e4 100644 --- a/libraries/google_compute_ssl_policy.rb +++ b/libraries/google_compute_ssl_policy.rb @@ -32,17 +32,10 @@ class SslPolicy < GcpResourceBase attr_reader :custom_features attr_reader :fingerprint attr_reader :warnings - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/sslPolicies/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -67,4 +60,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/sslPolicies/{{name}}' + end end diff --git a/libraries/google_compute_target_http_proxies.rb b/libraries/google_compute_target_http_proxies.rb index 956e5b13b..4e10faf98 100644 --- a/libraries/google_compute_target_http_proxies.rb +++ b/libraries/google_compute_target_http_proxies.rb @@ -31,14 +31,6 @@ class TargetHttpProxys < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/targetHttpProxies' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -47,7 +39,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -87,4 +79,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/targetHttpProxies' + end end diff --git a/libraries/google_compute_target_http_proxy.rb b/libraries/google_compute_target_http_proxy.rb index 54bd90cda..f05ba7275 100644 --- a/libraries/google_compute_target_http_proxy.rb +++ b/libraries/google_compute_target_http_proxy.rb @@ -26,17 +26,10 @@ class TargetHttpProxy < GcpResourceBase attr_reader :id attr_reader :name attr_reader :url_map - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/targetHttpProxies/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -56,4 +49,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/targetHttpProxies/{{name}}' + end end diff --git a/libraries/google_compute_target_https_proxies.rb b/libraries/google_compute_target_https_proxies.rb index b55270214..beb420b38 100644 --- a/libraries/google_compute_target_https_proxies.rb +++ b/libraries/google_compute_target_https_proxies.rb @@ -34,14 +34,6 @@ class TargetHttpsProxys < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/targetHttpsProxies' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -50,7 +42,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -93,4 +85,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/targetHttpsProxies' + end end diff --git a/libraries/google_compute_target_https_proxy.rb b/libraries/google_compute_target_https_proxy.rb index a7a13378d..ea5a9d304 100644 --- a/libraries/google_compute_target_https_proxy.rb +++ b/libraries/google_compute_target_https_proxy.rb @@ -29,17 +29,10 @@ class TargetHttpsProxy < GcpResourceBase attr_reader :ssl_certificates attr_reader :ssl_policy attr_reader :url_map - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/targetHttpsProxies/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -62,4 +55,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/targetHttpsProxies/{{name}}' + end end diff --git a/libraries/google_compute_target_pool.rb b/libraries/google_compute_target_pool.rb index e589c1eda..9b872db8a 100644 --- a/libraries/google_compute_target_pool.rb +++ b/libraries/google_compute_target_pool.rb @@ -31,17 +31,10 @@ class TargetPool < GcpResourceBase attr_reader :name attr_reader :session_affinity attr_reader :region - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/regions/{{region}}/targetPools/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -72,4 +65,14 @@ def exists? def has_target_instance?(name, zone) instances.any? { |instance_self_link| instance_self_link.end_with?("zones/#{zone}/instances/#{name}") } end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/regions/{{region}}/targetPools/{{name}}' + end end diff --git a/libraries/google_compute_target_pools.rb b/libraries/google_compute_target_pools.rb index 932724da4..f0bef0ba0 100644 --- a/libraries/google_compute_target_pools.rb +++ b/libraries/google_compute_target_pools.rb @@ -36,14 +36,6 @@ class TargetPools < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/regions/{{region}}/targetPools' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -52,7 +44,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -97,4 +89,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/regions/{{region}}/targetPools' + end end diff --git a/libraries/google_compute_target_tcp_proxies.rb b/libraries/google_compute_target_tcp_proxies.rb index d3678bb91..a07c8108b 100644 --- a/libraries/google_compute_target_tcp_proxies.rb +++ b/libraries/google_compute_target_tcp_proxies.rb @@ -32,14 +32,6 @@ class TargetTcpProxys < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/targetTcpProxies' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -48,7 +40,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -89,4 +81,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/targetTcpProxies' + end end diff --git a/libraries/google_compute_target_tcp_proxy.rb b/libraries/google_compute_target_tcp_proxy.rb index 5927fe7a9..3a2c34bb1 100644 --- a/libraries/google_compute_target_tcp_proxy.rb +++ b/libraries/google_compute_target_tcp_proxy.rb @@ -27,17 +27,10 @@ class TargetTcpProxy < GcpResourceBase attr_reader :name attr_reader :proxy_header attr_reader :service - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/targetTcpProxies/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -58,4 +51,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/targetTcpProxies/{{name}}' + end end diff --git a/libraries/google_compute_url_map.rb b/libraries/google_compute_url_map.rb index 080e4adb5..799beb1d5 100644 --- a/libraries/google_compute_url_map.rb +++ b/libraries/google_compute_url_map.rb @@ -33,17 +33,10 @@ class UrlMap < GcpResourceBase attr_reader :name attr_reader :path_matchers attr_reader :tests - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/urlMaps/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -67,4 +60,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/urlMaps/{{name}}' + end end diff --git a/libraries/google_compute_url_maps.rb b/libraries/google_compute_url_maps.rb index 7c3ef5f6e..2b003e32c 100644 --- a/libraries/google_compute_url_maps.rb +++ b/libraries/google_compute_url_maps.rb @@ -35,14 +35,6 @@ class UrlMaps < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/urlMaps' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -51,7 +43,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -95,4 +87,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/urlMaps' + end end diff --git a/libraries/google_container_regional_cluster.rb b/libraries/google_container_regional_cluster.rb index 41576be66..04942518a 100644 --- a/libraries/google_container_regional_cluster.rb +++ b/libraries/google_container_regional_cluster.rb @@ -47,17 +47,10 @@ class RegionalCluster < GcpResourceBase attr_reader :current_node_count attr_reader :expire_time attr_reader :location - def base - 'https://container.googleapis.com/v1/' - end - - def url - 'projects/{{project}}/locations/{{location}}/clusters/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -93,4 +86,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://container.googleapis.com/v1/' + end + + def resource_base_url + 'projects/{{project}}/locations/{{location}}/clusters/{{name}}' + end end diff --git a/libraries/google_container_regional_clusters.rb b/libraries/google_container_regional_clusters.rb index 14cf22aee..f4dc5cf66 100644 --- a/libraries/google_container_regional_clusters.rb +++ b/libraries/google_container_regional_clusters.rb @@ -47,14 +47,6 @@ class RegionalClusters < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://container.googleapis.com/v1/' - end - - def url - 'projects/{{project}}/locations/{{location}}/clusters' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -63,7 +55,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -119,4 +111,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://container.googleapis.com/v1/' + end + + def resource_base_url + 'projects/{{project}}/locations/{{location}}/clusters' + end end diff --git a/libraries/google_dns_resource_record_set.rb b/libraries/google_dns_resource_record_set.rb index a7266353d..86ec702e1 100644 --- a/libraries/google_dns_resource_record_set.rb +++ b/libraries/google_dns_resource_record_set.rb @@ -26,17 +26,10 @@ class ResourceRecordSet < GcpResourceBase attr_reader :ttl attr_reader :target attr_reader :managed_zone - def base - 'https://www.googleapis.com/dns/v1/' - end - - def url - 'projects/{{project}}/managedZones/{{managed_zone}}/rrsets?name={{name}}&type={{type}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - fetched = @connection.fetch(base, url, params) + fetched = @connection.fetch(product_url, resource_base_url, params) @fetched = unwrap(fetched, params) parse unless @fetched.nil? end @@ -69,4 +62,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/dns/v1/' + end + + def resource_base_url + 'projects/{{project}}/managedZones/{{managed_zone}}/rrsets?name={{name}}&type={{type}}' + end end diff --git a/libraries/google_dns_resource_record_sets.rb b/libraries/google_dns_resource_record_sets.rb index 6c54d9495..ce288e71b 100644 --- a/libraries/google_dns_resource_record_sets.rb +++ b/libraries/google_dns_resource_record_sets.rb @@ -31,14 +31,6 @@ class ResourceRecordSets < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/dns/v1/' - end - - def url - 'projects/{{project}}/managedZones/{{managed_zone}}/rrsets' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -47,7 +39,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -87,4 +79,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/dns/v1/' + end + + def resource_base_url + 'projects/{{project}}/managedZones/{{managed_zone}}/rrsets' + end end diff --git a/libraries/google_pubsub_subscription.rb b/libraries/google_pubsub_subscription.rb index 6a02a71f8..c96eac6dc 100644 --- a/libraries/google_pubsub_subscription.rb +++ b/libraries/google_pubsub_subscription.rb @@ -26,17 +26,10 @@ class Subscription < GcpResourceBase attr_reader :topic attr_reader :push_config attr_reader :ack_deadline_seconds - def base - 'https://pubsub.googleapis.com/v1/' - end - - def url - 'projects/{{project}}/subscriptions/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -55,4 +48,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://pubsub.googleapis.com/v1/' + end + + def resource_base_url + 'projects/{{project}}/subscriptions/{{name}}' + end end diff --git a/libraries/google_pubsub_subscriptions.rb b/libraries/google_pubsub_subscriptions.rb index be1bff1a9..dea5cec22 100644 --- a/libraries/google_pubsub_subscriptions.rb +++ b/libraries/google_pubsub_subscriptions.rb @@ -30,14 +30,6 @@ class Subscriptions < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://pubsub.googleapis.com/v1/' - end - - def url - 'projects/{{project}}/subscriptions' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -46,7 +38,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -85,4 +77,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://pubsub.googleapis.com/v1/' + end + + def resource_base_url + 'projects/{{project}}/subscriptions' + end end diff --git a/libraries/google_pubsub_topic.rb b/libraries/google_pubsub_topic.rb index 163cddfcf..3b9dc69cc 100644 --- a/libraries/google_pubsub_topic.rb +++ b/libraries/google_pubsub_topic.rb @@ -22,17 +22,10 @@ class Topic < GcpResourceBase supports platform: 'gcp' attr_reader :name - def base - 'https://pubsub.googleapis.com/v1/' - end - - def url - 'projects/{{project}}/topics/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -48,4 +41,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://pubsub.googleapis.com/v1/' + end + + def resource_base_url + 'projects/{{project}}/topics/{{name}}' + end end diff --git a/libraries/google_pubsub_topics.rb b/libraries/google_pubsub_topics.rb index 8399223b5..4e9bb7564 100644 --- a/libraries/google_pubsub_topics.rb +++ b/libraries/google_pubsub_topics.rb @@ -27,14 +27,6 @@ class Topics < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://pubsub.googleapis.com/v1/' - end - - def url - 'projects/{{project}}/topics' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -43,7 +35,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -79,4 +71,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://pubsub.googleapis.com/v1/' + end + + def resource_base_url + 'projects/{{project}}/topics' + end end diff --git a/libraries/google_sourcerepo_repositories.rb b/libraries/google_sourcerepo_repositories.rb new file mode 100644 index 000000000..20cd31324 --- /dev/null +++ b/libraries/google_sourcerepo_repositories.rb @@ -0,0 +1,88 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class Repositorys < GcpResourceBase + name 'google_sourcerepo_repositories' + desc 'Repository plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:names, field: :name) + filter_table_config.add(:urls, field: :url) + filter_table_config.add(:sizes, field: :size) + + filter_table_config.connect(self, :table) + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('repos') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(product_url, resource_base_url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'name' => ->(obj) { return :name, obj['name'] }, + 'url' => ->(obj) { return :url, obj['url'] }, + 'size' => ->(obj) { return :size, obj['size'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + private + + def product_url + 'https://sourcerepo.googleapis.com/v1/' + end + + def resource_base_url + 'projects/{{project}}/repos' + end +end diff --git a/libraries/google_sourcerepo_repository.rb b/libraries/google_sourcerepo_repository.rb new file mode 100644 index 000000000..aec2da712 --- /dev/null +++ b/libraries/google_sourcerepo_repository.rb @@ -0,0 +1,58 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' + +# A provider to manage Cloud Source Repositories resources. +class Repository < GcpResourceBase + name 'google_sourcerepo_repository' + desc 'Repository' + supports platform: 'gcp' + + attr_reader :name + attr_reader :url + attr_reader :size + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(product_url, resource_base_url, params) + parse unless @fetched.nil? + end + + def parse + @name = @fetched['name'] + @url = @fetched['url'] + @size = @fetched['size'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end + + private + + def product_url + 'https://sourcerepo.googleapis.com/v1/' + end + + def resource_base_url + 'projects/{{project}}/repos/{{name}}' + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index cedbc52b0..b940273d5 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -106,6 +106,10 @@ variable "bigquery_table" { type = "map" } +variable "repository" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -433,4 +437,9 @@ resource "google_bigquery_table" "gcp-inspec-bigquery-table" { description = "${var.bigquery_table["description"]}" expiration_time = "${var.bigquery_table["expiration_time"]}" +} + +resource "google_sourcerepo_repository" "gcp-inspec-sourcerepo-repository" { + project = "${var.gcp_project_id}" + name = "${var.repository["name"]}" } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index b7ca91f40..3c3dde1ce 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -183,4 +183,7 @@ bigquery_table: table_id: inspec_gcp_bigquery_table description: A BigQuery table expiration_time: 1738882264000 - time_partitioning_type: DAY \ No newline at end of file + time_partitioning_type: DAY + +repository: + name: inspec-gcp-repository \ No newline at end of file diff --git a/test/integration/verify/controls/google_sourcerepo_repositories.rb b/test/integration/verify/controls/google_sourcerepo_repositories.rb new file mode 100644 index 000000000..de5e72980 --- /dev/null +++ b/test/integration/verify/controls/google_sourcerepo_repositories.rb @@ -0,0 +1,33 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_sourcerepo_repositories resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +repository = attribute('repository', default: { + "name": "inspec-gcp-repository" +}, description: 'Source Repository definition') +control 'google_sourcerepo_repositories-1.0' do + impact 1.0 + title 'google_sourcerepo_repositories resource test' + + repo_name = repository['name'] + describe.one do + google_sourcerepo_repositories(project: gcp_project_id).names.each do |name| + describe name do + it { should match /\/repos\/#{repo_name}$/ } + end + end + end +end diff --git a/test/integration/verify/controls/google_sourcerepo_repository.rb b/test/integration/verify/controls/google_sourcerepo_repository.rb new file mode 100644 index 000000000..dd325e0c8 --- /dev/null +++ b/test/integration/verify/controls/google_sourcerepo_repository.rb @@ -0,0 +1,32 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_sourcerepo_repository resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +repository = attribute('repository', default: { + "name": "inspec-gcp-repository" +}, description: 'Source Repository definition') +control 'google_sourcerepo_repository-1.0' do + impact 1.0 + title 'google_sourcerepo_repository resource test' + + describe google_sourcerepo_repository(project: gcp_project_id, name: repository['name']) do + it { should exist } + end + + describe google_sourcerepo_repository(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end From 28ec6a7d428c3614bd9cf72b3f7193a1140ed35d Mon Sep 17 00:00:00 2001 From: The Magician Date: Tue, 19 Feb 2019 15:11:50 -0800 Subject: [PATCH 25/30] Add labels to Pubsub Subscription/Topics (#109) Signed-off-by: Modular Magician --- docs/resources/google_pubsub_subscription.md | 4 ++++ docs/resources/google_pubsub_subscriptions.md | 1 + docs/resources/google_pubsub_topic.md | 2 ++ docs/resources/google_pubsub_topics.md | 1 + libraries/google/pubsub/property/subscription_push_config.rb | 3 +++ libraries/google_pubsub_subscription.rb | 2 ++ libraries/google_pubsub_subscriptions.rb | 2 ++ libraries/google_pubsub_topic.rb | 2 ++ libraries/google_pubsub_topics.rb | 2 ++ 9 files changed, 19 insertions(+) diff --git a/docs/resources/google_pubsub_subscription.md b/docs/resources/google_pubsub_subscription.md index 5f6dae910..d11f30b9b 100644 --- a/docs/resources/google_pubsub_subscription.md +++ b/docs/resources/google_pubsub_subscription.md @@ -24,8 +24,12 @@ Properties that can be accessed from the `google_pubsub_subscription` resource: * `topic`: A reference to a Topic resource. + * `labels`: A set of key/value label pairs to assign to this Subscription. + * `push_config`: If push delivery is used with this subscription, this field is used to configure it. An empty pushConfig signifies that the subscriber will pull and ack messages using API methods. * `pushEndpoint`: A URL locating the endpoint to which messages should be pushed. For example, a Webhook endpoint might use "https://example.com/push". + * `attributes`: Endpoint configuration attributes. Every endpoint has a set of API supported attributes that can be used to control different aspects of the message delivery. The currently supported attribute is x-goog-version, which you can use to change the format of the pushed message. This attribute indicates the version of the data expected by the endpoint. This controls the shape of the pushed message (i.e., its fields and metadata). The endpoint version is based on the version of the Pub/Sub API. If not present during the subscriptions.create call, it will default to the version of the API used to make such call. If not present during a subscriptions.modifyPushConfig call, its value will not be changed. subscriptions.get calls will always return a valid version, even if the subscription was created without this attribute. The possible values for this attribute are: - v1beta1: uses the push format defined in the v1beta1 Pub/Sub API. - v1 or v1beta2: uses the push format defined in the v1 Pub/Sub API. + * `ack_deadline_seconds`: This value is the maximum time after a subscriber receives a message before the subscriber should acknowledge the message. After message delivery but before the ack deadline expires and before the message is acknowledged, it is an outstanding message and will not be delivered again during that time (on a best-effort basis). For pull subscriptions, this value is used as the initial value for the ack deadline. To override this value for a given message, call subscriptions.modifyAckDeadline with the corresponding ackId if using pull. The minimum custom deadline you can specify is 10 seconds. The maximum custom deadline you can specify is 600 seconds (10 minutes). If this parameter is 0, a default value of 10 seconds is used. For push delivery, this value is also used to set the request timeout for the call to the push endpoint. If the subscriber never acknowledges the message, the Pub/Sub system will eventually redeliver the message. diff --git a/docs/resources/google_pubsub_subscriptions.md b/docs/resources/google_pubsub_subscriptions.md index 5bc3dba41..4492fd202 100644 --- a/docs/resources/google_pubsub_subscriptions.md +++ b/docs/resources/google_pubsub_subscriptions.md @@ -25,6 +25,7 @@ Properties that can be accessed from the `google_pubsub_subscriptions` resource: See [google_pubsub_subscription.md](google_pubsub_subscription.md) for more detailed information * `names`: an array of `google_pubsub_subscription` name * `topics`: an array of `google_pubsub_subscription` topic + * `labels`: an array of `google_pubsub_subscription` labels * `push_configs`: an array of `google_pubsub_subscription` push_config * `ack_deadline_seconds`: an array of `google_pubsub_subscription` ack_deadline_seconds diff --git a/docs/resources/google_pubsub_topic.md b/docs/resources/google_pubsub_topic.md index 31de8cfaf..854a072c6 100644 --- a/docs/resources/google_pubsub_topic.md +++ b/docs/resources/google_pubsub_topic.md @@ -21,3 +21,5 @@ end Properties that can be accessed from the `google_pubsub_topic` resource: * `name`: Name of the topic. + + * `labels`: A set of key/value label pairs to assign to this Topic. diff --git a/docs/resources/google_pubsub_topics.md b/docs/resources/google_pubsub_topics.md index a553261b9..05c9a12ee 100644 --- a/docs/resources/google_pubsub_topics.md +++ b/docs/resources/google_pubsub_topics.md @@ -28,6 +28,7 @@ Properties that can be accessed from the `google_pubsub_topics` resource: See [google_pubsub_topic.md](google_pubsub_topic.md) for more detailed information * `names`: an array of `google_pubsub_topic` name + * `labels`: an array of `google_pubsub_topic` labels ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used diff --git a/libraries/google/pubsub/property/subscription_push_config.rb b/libraries/google/pubsub/property/subscription_push_config.rb index 90695d1e6..22a06e45b 100644 --- a/libraries/google/pubsub/property/subscription_push_config.rb +++ b/libraries/google/pubsub/property/subscription_push_config.rb @@ -19,9 +19,12 @@ module Property class SubscriptionPushConfig attr_reader :push_endpoint + attr_reader :attributes + def initialize(args = nil) return if args.nil? @push_endpoint = args['pushEndpoint'] + @attributes = args['attributes'] end end end diff --git a/libraries/google_pubsub_subscription.rb b/libraries/google_pubsub_subscription.rb index 6a02a71f8..ba05ccd76 100644 --- a/libraries/google_pubsub_subscription.rb +++ b/libraries/google_pubsub_subscription.rb @@ -24,6 +24,7 @@ class Subscription < GcpResourceBase attr_reader :name attr_reader :topic + attr_reader :labels attr_reader :push_config attr_reader :ack_deadline_seconds def base @@ -43,6 +44,7 @@ def initialize(params) def parse @name = name_from_self_link(@fetched['name']) @topic = @fetched['topic'] + @labels = @fetched['labels'] @push_config = GoogleInSpec::Pubsub::Property::SubscriptionPushConfig.new(@fetched['pushConfig']) @ack_deadline_seconds = @fetched['ackDeadlineSeconds'] end diff --git a/libraries/google_pubsub_subscriptions.rb b/libraries/google_pubsub_subscriptions.rb index be1bff1a9..594df3404 100644 --- a/libraries/google_pubsub_subscriptions.rb +++ b/libraries/google_pubsub_subscriptions.rb @@ -25,6 +25,7 @@ class Subscriptions < GcpResourceBase filter_table_config.add(:names, field: :name) filter_table_config.add(:topics, field: :topic) + filter_table_config.add(:labels, field: :labels) filter_table_config.add(:push_configs, field: :push_config) filter_table_config.add(:ack_deadline_seconds, field: :ack_deadline_seconds) @@ -76,6 +77,7 @@ def transformers { 'name' => ->(obj) { return :name, name_from_self_link(obj['name']) }, 'topic' => ->(obj) { return :topic, obj['topic'] }, + 'labels' => ->(obj) { return :labels, obj['labels'] }, 'pushConfig' => ->(obj) { return :push_config, GoogleInSpec::Pubsub::Property::SubscriptionPushConfig.new(obj['pushConfig']) }, 'ackDeadlineSeconds' => ->(obj) { return :ack_deadline_seconds, obj['ackDeadlineSeconds'] }, } diff --git a/libraries/google_pubsub_topic.rb b/libraries/google_pubsub_topic.rb index 163cddfcf..6b86accc9 100644 --- a/libraries/google_pubsub_topic.rb +++ b/libraries/google_pubsub_topic.rb @@ -22,6 +22,7 @@ class Topic < GcpResourceBase supports platform: 'gcp' attr_reader :name + attr_reader :labels def base 'https://pubsub.googleapis.com/v1/' end @@ -38,6 +39,7 @@ def initialize(params) def parse @name = name_from_self_link(@fetched['name']) + @labels = @fetched['labels'] end # Handles parsing RFC3339 time string diff --git a/libraries/google_pubsub_topics.rb b/libraries/google_pubsub_topics.rb index 8399223b5..54c4240d4 100644 --- a/libraries/google_pubsub_topics.rb +++ b/libraries/google_pubsub_topics.rb @@ -24,6 +24,7 @@ class Topics < GcpResourceBase filter_table_config = FilterTable.create filter_table_config.add(:names, field: :name) + filter_table_config.add(:labels, field: :labels) filter_table_config.connect(self, :table) @@ -72,6 +73,7 @@ def transform(key, value) def transformers { 'name' => ->(obj) { return :name, name_from_self_link(obj['name']) }, + 'labels' => ->(obj) { return :labels, obj['labels'] }, } end From f5b68604b99b51ea7fda9f47a26a5e9e18a724d9 Mon Sep 17 00:00:00 2001 From: The Magician Date: Tue, 19 Feb 2019 15:48:38 -0800 Subject: [PATCH 26/30] Update display names across products based on cloud.google.com (#106) /cc @rileykarson --- libraries/google_bigquery_dataset.rb | 2 +- libraries/google_cloudbuild_trigger.rb | 2 +- libraries/google_compute_autoscaler.rb | 2 +- libraries/google_compute_backend_service.rb | 2 +- libraries/google_compute_disk.rb | 2 +- libraries/google_compute_global_address.rb | 2 +- libraries/google_compute_global_forwarding_rule.rb | 2 +- libraries/google_compute_health_check.rb | 2 +- libraries/google_compute_http_health_check.rb | 2 +- libraries/google_compute_https_health_check.rb | 2 +- libraries/google_compute_instance_group_manager.rb | 2 +- libraries/google_compute_instance_template.rb | 2 +- libraries/google_compute_route.rb | 2 +- libraries/google_compute_router.rb | 2 +- libraries/google_compute_snapshot.rb | 2 +- libraries/google_compute_ssl_certificate.rb | 2 +- libraries/google_compute_ssl_policy.rb | 2 +- libraries/google_compute_target_http_proxy.rb | 2 +- libraries/google_compute_target_https_proxy.rb | 2 +- libraries/google_compute_target_pool.rb | 2 +- libraries/google_compute_target_tcp_proxy.rb | 2 +- libraries/google_compute_url_map.rb | 2 +- libraries/google_dns_resource_record_set.rb | 2 +- libraries/google_pubsub_subscription.rb | 2 +- libraries/google_pubsub_topic.rb | 2 +- 25 files changed, 25 insertions(+), 25 deletions(-) diff --git a/libraries/google_bigquery_dataset.rb b/libraries/google_bigquery_dataset.rb index cfd684f7c..1ee39d0c8 100644 --- a/libraries/google_bigquery_dataset.rb +++ b/libraries/google_bigquery_dataset.rb @@ -17,7 +17,7 @@ require 'google/bigquery/property/dataset_access' require 'google/bigquery/property/dataset_dataset_reference' -# A provider to manage Google Cloud BigQuery resources. +# A provider to manage BigQuery resources. class Dataset < GcpResourceBase name 'google_bigquery_dataset' desc 'Dataset' diff --git a/libraries/google_cloudbuild_trigger.rb b/libraries/google_cloudbuild_trigger.rb index c99e5a2f7..58a8eca52 100644 --- a/libraries/google_cloudbuild_trigger.rb +++ b/libraries/google_cloudbuild_trigger.rb @@ -18,7 +18,7 @@ require 'google/cloudbuild/property/trigger_build_steps' require 'google/cloudbuild/property/trigger_trigger_template' -# A provider to manage Cloud build resources. +# A provider to manage Cloud Build resources. class Trigger < GcpResourceBase name 'google_cloudbuild_trigger' desc 'Trigger' diff --git a/libraries/google_compute_autoscaler.rb b/libraries/google_compute_autoscaler.rb index c7019072c..5c70ea4fa 100644 --- a/libraries/google_compute_autoscaler.rb +++ b/libraries/google_compute_autoscaler.rb @@ -19,7 +19,7 @@ require 'google/compute/property/autoscaler_autoscaling_policy_custom_metric_utilizations' require 'google/compute/property/autoscaler_autoscaling_policy_load_balancing_utilization' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class Autoscaler < GcpResourceBase name 'google_compute_autoscaler' desc 'Autoscaler' diff --git a/libraries/google_compute_backend_service.rb b/libraries/google_compute_backend_service.rb index b4e6c8ef6..e4383061a 100644 --- a/libraries/google_compute_backend_service.rb +++ b/libraries/google_compute_backend_service.rb @@ -20,7 +20,7 @@ require 'google/compute/property/backendservice_connection_draining' require 'google/compute/property/backendservice_iap' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class BackendService < GcpResourceBase name 'google_compute_backend_service' desc 'BackendService' diff --git a/libraries/google_compute_disk.rb b/libraries/google_compute_disk.rb index caa586125..eda73b3fa 100644 --- a/libraries/google_compute_disk.rb +++ b/libraries/google_compute_disk.rb @@ -18,7 +18,7 @@ require 'google/compute/property/disk_source_image_encryption_key' require 'google/compute/property/disk_source_snapshot_encryption_key' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class Disk < GcpResourceBase name 'google_compute_disk' desc 'Disk' diff --git a/libraries/google_compute_global_address.rb b/libraries/google_compute_global_address.rb index 43da4d631..6805e7d95 100644 --- a/libraries/google_compute_global_address.rb +++ b/libraries/google_compute_global_address.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class GlobalAddress < GcpResourceBase name 'google_compute_global_address' desc 'GlobalAddress' diff --git a/libraries/google_compute_global_forwarding_rule.rb b/libraries/google_compute_global_forwarding_rule.rb index 27d1b7ce1..012f83535 100644 --- a/libraries/google_compute_global_forwarding_rule.rb +++ b/libraries/google_compute_global_forwarding_rule.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class GlobalForwardingRule < GcpResourceBase name 'google_compute_global_forwarding_rule' desc 'GlobalForwardingRule' diff --git a/libraries/google_compute_health_check.rb b/libraries/google_compute_health_check.rb index 47c42ecfa..cca840b7f 100644 --- a/libraries/google_compute_health_check.rb +++ b/libraries/google_compute_health_check.rb @@ -19,7 +19,7 @@ require 'google/compute/property/healthcheck_ssl_health_check' require 'google/compute/property/healthcheck_tcp_health_check' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class HealthCheck < GcpResourceBase name 'google_compute_health_check' desc 'HealthCheck' diff --git a/libraries/google_compute_http_health_check.rb b/libraries/google_compute_http_health_check.rb index 55136b30e..7fdf289f3 100644 --- a/libraries/google_compute_http_health_check.rb +++ b/libraries/google_compute_http_health_check.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class HttpHealthCheck < GcpResourceBase name 'google_compute_http_health_check' desc 'HttpHealthCheck' diff --git a/libraries/google_compute_https_health_check.rb b/libraries/google_compute_https_health_check.rb index 104278916..91b62c2cd 100644 --- a/libraries/google_compute_https_health_check.rb +++ b/libraries/google_compute_https_health_check.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class HttpsHealthCheck < GcpResourceBase name 'google_compute_https_health_check' desc 'HttpsHealthCheck' diff --git a/libraries/google_compute_instance_group_manager.rb b/libraries/google_compute_instance_group_manager.rb index f518ff84f..67de87393 100644 --- a/libraries/google_compute_instance_group_manager.rb +++ b/libraries/google_compute_instance_group_manager.rb @@ -17,7 +17,7 @@ require 'google/compute/property/instancegroupmanager_current_actions' require 'google/compute/property/instancegroupmanager_named_ports' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class InstanceGroupManager < GcpResourceBase name 'google_compute_instance_group_manager' desc 'InstanceGroupManager' diff --git a/libraries/google_compute_instance_template.rb b/libraries/google_compute_instance_template.rb index 86c352fb9..59adbe753 100644 --- a/libraries/google_compute_instance_template.rb +++ b/libraries/google_compute_instance_template.rb @@ -22,7 +22,7 @@ require 'google/compute/property/instancetemplate_properties_service_accounts' require 'google/compute/property/instancetemplate_properties_tags' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class InstanceTemplate < GcpResourceBase name 'google_compute_instance_template' desc 'InstanceTemplate' diff --git a/libraries/google_compute_route.rb b/libraries/google_compute_route.rb index 27da100a3..bdfb1ab25 100644 --- a/libraries/google_compute_route.rb +++ b/libraries/google_compute_route.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class Route < GcpResourceBase name 'google_compute_route' desc 'Route' diff --git a/libraries/google_compute_router.rb b/libraries/google_compute_router.rb index e39217ee4..e6fe3482d 100644 --- a/libraries/google_compute_router.rb +++ b/libraries/google_compute_router.rb @@ -17,7 +17,7 @@ require 'google/compute/property/router_bgp' require 'google/compute/property/router_bgp_advertised_ip_ranges' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class Router < GcpResourceBase name 'google_compute_router' desc 'Router' diff --git a/libraries/google_compute_snapshot.rb b/libraries/google_compute_snapshot.rb index 482121e07..b4ab08423 100644 --- a/libraries/google_compute_snapshot.rb +++ b/libraries/google_compute_snapshot.rb @@ -17,7 +17,7 @@ require 'google/compute/property/snapshot_snapshot_encryption_key' require 'google/compute/property/snapshot_source_disk_encryption_key' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class Snapshot < GcpResourceBase name 'google_compute_snapshot' desc 'Snapshot' diff --git a/libraries/google_compute_ssl_certificate.rb b/libraries/google_compute_ssl_certificate.rb index 6dbcdff93..918c77c76 100644 --- a/libraries/google_compute_ssl_certificate.rb +++ b/libraries/google_compute_ssl_certificate.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class SslCertificate < GcpResourceBase name 'google_compute_ssl_certificate' desc 'SslCertificate' diff --git a/libraries/google_compute_ssl_policy.rb b/libraries/google_compute_ssl_policy.rb index ee061c5b9..db34a3442 100644 --- a/libraries/google_compute_ssl_policy.rb +++ b/libraries/google_compute_ssl_policy.rb @@ -16,7 +16,7 @@ require 'gcp_backend' require 'google/compute/property/sslpolicy_warnings' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class SslPolicy < GcpResourceBase name 'google_compute_ssl_policy' desc 'SslPolicy' diff --git a/libraries/google_compute_target_http_proxy.rb b/libraries/google_compute_target_http_proxy.rb index 54bd90cda..5d8b8a3cf 100644 --- a/libraries/google_compute_target_http_proxy.rb +++ b/libraries/google_compute_target_http_proxy.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class TargetHttpProxy < GcpResourceBase name 'google_compute_target_http_proxy' desc 'TargetHttpProxy' diff --git a/libraries/google_compute_target_https_proxy.rb b/libraries/google_compute_target_https_proxy.rb index a7a13378d..02699eef1 100644 --- a/libraries/google_compute_target_https_proxy.rb +++ b/libraries/google_compute_target_https_proxy.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class TargetHttpsProxy < GcpResourceBase name 'google_compute_target_https_proxy' desc 'TargetHttpsProxy' diff --git a/libraries/google_compute_target_pool.rb b/libraries/google_compute_target_pool.rb index e589c1eda..6bc21221a 100644 --- a/libraries/google_compute_target_pool.rb +++ b/libraries/google_compute_target_pool.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class TargetPool < GcpResourceBase name 'google_compute_target_pool' desc 'TargetPool' diff --git a/libraries/google_compute_target_tcp_proxy.rb b/libraries/google_compute_target_tcp_proxy.rb index 5927fe7a9..4634b5957 100644 --- a/libraries/google_compute_target_tcp_proxy.rb +++ b/libraries/google_compute_target_tcp_proxy.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class TargetTcpProxy < GcpResourceBase name 'google_compute_target_tcp_proxy' desc 'TargetTcpProxy' diff --git a/libraries/google_compute_url_map.rb b/libraries/google_compute_url_map.rb index 080e4adb5..b7f3dc459 100644 --- a/libraries/google_compute_url_map.rb +++ b/libraries/google_compute_url_map.rb @@ -18,7 +18,7 @@ require 'google/compute/property/urlmap_path_matchers' require 'google/compute/property/urlmap_tests' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class UrlMap < GcpResourceBase name 'google_compute_url_map' desc 'UrlMap' diff --git a/libraries/google_dns_resource_record_set.rb b/libraries/google_dns_resource_record_set.rb index a7266353d..463c1b874 100644 --- a/libraries/google_dns_resource_record_set.rb +++ b/libraries/google_dns_resource_record_set.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Cloud DNS resources. +# A provider to manage Cloud DNS resources. class ResourceRecordSet < GcpResourceBase name 'google_dns_resource_record_set' desc 'ResourceRecordSet' diff --git a/libraries/google_pubsub_subscription.rb b/libraries/google_pubsub_subscription.rb index ba05ccd76..6dd8220b1 100644 --- a/libraries/google_pubsub_subscription.rb +++ b/libraries/google_pubsub_subscription.rb @@ -16,7 +16,7 @@ require 'gcp_backend' require 'google/pubsub/property/subscription_push_config' -# A provider to manage Google Cloud Pub/Sub resources. +# A provider to manage Cloud Pub/Sub resources. class Subscription < GcpResourceBase name 'google_pubsub_subscription' desc 'Subscription' diff --git a/libraries/google_pubsub_topic.rb b/libraries/google_pubsub_topic.rb index 6b86accc9..9bc2e0586 100644 --- a/libraries/google_pubsub_topic.rb +++ b/libraries/google_pubsub_topic.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Cloud Pub/Sub resources. +# A provider to manage Cloud Pub/Sub resources. class Topic < GcpResourceBase name 'google_pubsub_topic' desc 'Topic' From b68cb8b0d02b8d36db80621515b39782431b09e0 Mon Sep 17 00:00:00 2001 From: Riley Karson Date: Wed, 20 Feb 2019 18:53:21 +0000 Subject: [PATCH 27/30] Add convenience outputs for public/private IP in Cloud SQL Signed-off-by: Modular Magician --- libraries/google_bigquery_table.rb | 2 +- libraries/google_pubsub_topic.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/libraries/google_bigquery_table.rb b/libraries/google_bigquery_table.rb index 10334b4e2..1adfa2c5e 100644 --- a/libraries/google_bigquery_table.rb +++ b/libraries/google_bigquery_table.rb @@ -30,7 +30,7 @@ require 'google/bigquery/property/table_view' require 'google/bigquery/property/table_view_user_defined_function_resources' -# A provider to manage Google Cloud BigQuery resources. +# A provider to manage BigQuery resources. class Table < GcpResourceBase name 'google_bigquery_table' desc 'Table' diff --git a/libraries/google_pubsub_topic.rb b/libraries/google_pubsub_topic.rb index f251faafe..85d438bab 100644 --- a/libraries/google_pubsub_topic.rb +++ b/libraries/google_pubsub_topic.rb @@ -23,7 +23,7 @@ class Topic < GcpResourceBase attr_reader :name attr_reader :labels - + def initialize(params) super(params.merge({ use_http_transport: true })) @fetched = @connection.fetch(product_url, resource_base_url, params) From e591cf4b2a267f031e23ec635c6d896d9bff7dde Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Mon, 25 Feb 2019 10:30:51 -0800 Subject: [PATCH 28/30] Reset merge issues Signed-off-by: Sam Levenick --- libraries/google_bigquery_dataset.rb | 21 +++++++++++-------- libraries/google_bigquery_datasets.rb | 20 ++++++++++-------- libraries/google_compute_router.rb | 21 +++++++++++-------- libraries/google_compute_routers.rb | 20 ++++++++++-------- libraries/google_compute_snapshot.rb | 21 +++++++++++-------- libraries/google_compute_snapshots.rb | 20 ++++++++++-------- libraries/google_compute_ssl_certificate.rb | 21 +++++++++++-------- libraries/google_compute_ssl_certificates.rb | 20 ++++++++++-------- .../google_compute_target_https_proxies.rb | 20 ++++++++++-------- .../google_compute_target_https_proxy.rb | 21 +++++++++++-------- libraries/google_pubsub_subscription.rb | 1 + libraries/google_pubsub_subscriptions.rb | 1 + test/integration/build/gcp-mm.tf | 9 ++++++++ .../configuration/mm-attributes.yml | 5 ++++- 14 files changed, 130 insertions(+), 91 deletions(-) diff --git a/libraries/google_bigquery_dataset.rb b/libraries/google_bigquery_dataset.rb index cfd684f7c..452a91180 100644 --- a/libraries/google_bigquery_dataset.rb +++ b/libraries/google_bigquery_dataset.rb @@ -17,7 +17,7 @@ require 'google/bigquery/property/dataset_access' require 'google/bigquery/property/dataset_dataset_reference' -# A provider to manage Google Cloud BigQuery resources. +# A provider to manage BigQuery resources. class Dataset < GcpResourceBase name 'google_bigquery_dataset' desc 'Dataset' @@ -34,17 +34,10 @@ class Dataset < GcpResourceBase attr_reader :labels attr_reader :last_modified_time attr_reader :location - def base - 'https://www.googleapis.com/bigquery/v2/' - end - - def url - 'projects/{{project}}/datasets/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -70,4 +63,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/bigquery/v2/' + end + + def resource_base_url + 'projects/{{project}}/datasets/{{name}}' + end end diff --git a/libraries/google_bigquery_datasets.rb b/libraries/google_bigquery_datasets.rb index 3d2163c05..ce0cb3f0f 100644 --- a/libraries/google_bigquery_datasets.rb +++ b/libraries/google_bigquery_datasets.rb @@ -31,14 +31,6 @@ class Datasets < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/bigquery/v2/' - end - - def url - 'projects/{{project}}/datasets' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -47,7 +39,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -87,4 +79,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/bigquery/v2/' + end + + def resource_base_url + 'projects/{{project}}/datasets' + end end diff --git a/libraries/google_compute_router.rb b/libraries/google_compute_router.rb index e39217ee4..34e9c64b3 100644 --- a/libraries/google_compute_router.rb +++ b/libraries/google_compute_router.rb @@ -17,7 +17,7 @@ require 'google/compute/property/router_bgp' require 'google/compute/property/router_bgp_advertised_ip_ranges' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class Router < GcpResourceBase name 'google_compute_router' desc 'Router' @@ -30,17 +30,10 @@ class Router < GcpResourceBase attr_reader :network attr_reader :bgp attr_reader :region - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/regions/{{region}}/routers/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -62,4 +55,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/regions/{{region}}/routers/{{name}}' + end end diff --git a/libraries/google_compute_routers.rb b/libraries/google_compute_routers.rb index 4254b22cc..0a060f1b5 100644 --- a/libraries/google_compute_routers.rb +++ b/libraries/google_compute_routers.rb @@ -33,14 +33,6 @@ class Routers < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/regions/{{region}}/routers' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -49,7 +41,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -91,4 +83,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/regions/{{region}}/routers' + end end diff --git a/libraries/google_compute_snapshot.rb b/libraries/google_compute_snapshot.rb index 482121e07..c1251db35 100644 --- a/libraries/google_compute_snapshot.rb +++ b/libraries/google_compute_snapshot.rb @@ -17,7 +17,7 @@ require 'google/compute/property/snapshot_snapshot_encryption_key' require 'google/compute/property/snapshot_source_disk_encryption_key' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class Snapshot < GcpResourceBase name 'google_compute_snapshot' desc 'Snapshot' @@ -36,17 +36,10 @@ class Snapshot < GcpResourceBase attr_reader :zone attr_reader :snapshot_encryption_key attr_reader :source_disk_encryption_key - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/snapshots/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -74,4 +67,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/snapshots/{{name}}' + end end diff --git a/libraries/google_compute_snapshots.rb b/libraries/google_compute_snapshots.rb index 675d660e5..eeb00ebdb 100644 --- a/libraries/google_compute_snapshots.rb +++ b/libraries/google_compute_snapshots.rb @@ -39,14 +39,6 @@ class Snapshots < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/snapshots' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -55,7 +47,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -103,4 +95,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/snapshots' + end end diff --git a/libraries/google_compute_ssl_certificate.rb b/libraries/google_compute_ssl_certificate.rb index 6dbcdff93..081e4b6cd 100644 --- a/libraries/google_compute_ssl_certificate.rb +++ b/libraries/google_compute_ssl_certificate.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class SslCertificate < GcpResourceBase name 'google_compute_ssl_certificate' desc 'SslCertificate' @@ -27,17 +27,10 @@ class SslCertificate < GcpResourceBase attr_reader :id attr_reader :name attr_reader :private_key - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/sslCertificates/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -58,4 +51,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/sslCertificates/{{name}}' + end end diff --git a/libraries/google_compute_ssl_certificates.rb b/libraries/google_compute_ssl_certificates.rb index 0cb922ce1..ba3d09b9c 100644 --- a/libraries/google_compute_ssl_certificates.rb +++ b/libraries/google_compute_ssl_certificates.rb @@ -32,14 +32,6 @@ class SslCertificates < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/sslCertificates' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -48,7 +40,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -89,4 +81,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/sslCertificates' + end end diff --git a/libraries/google_compute_target_https_proxies.rb b/libraries/google_compute_target_https_proxies.rb index b55270214..beb420b38 100644 --- a/libraries/google_compute_target_https_proxies.rb +++ b/libraries/google_compute_target_https_proxies.rb @@ -34,14 +34,6 @@ class TargetHttpsProxys < GcpResourceBase filter_table_config.connect(self, :table) - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/targetHttpsProxies' - end - def initialize(params = {}) super(params.merge({ use_http_transport: true })) @params = params @@ -50,7 +42,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(base, url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params) return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -93,4 +85,14 @@ def transformers def parse_time_string(time_string) time_string ? Time.parse(time_string) : nil end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/targetHttpsProxies' + end end diff --git a/libraries/google_compute_target_https_proxy.rb b/libraries/google_compute_target_https_proxy.rb index a7a13378d..41c9c55ee 100644 --- a/libraries/google_compute_target_https_proxy.rb +++ b/libraries/google_compute_target_https_proxy.rb @@ -15,7 +15,7 @@ # ---------------------------------------------------------------------------- require 'gcp_backend' -# A provider to manage Google Compute Engine resources. +# A provider to manage Compute Engine resources. class TargetHttpsProxy < GcpResourceBase name 'google_compute_target_https_proxy' desc 'TargetHttpsProxy' @@ -29,17 +29,10 @@ class TargetHttpsProxy < GcpResourceBase attr_reader :ssl_certificates attr_reader :ssl_policy attr_reader :url_map - def base - 'https://www.googleapis.com/compute/v1/' - end - - def url - 'projects/{{project}}/global/targetHttpsProxies/{{name}}' - end def initialize(params) super(params.merge({ use_http_transport: true })) - @fetched = @connection.fetch(base, url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params) parse unless @fetched.nil? end @@ -62,4 +55,14 @@ def parse_time_string(time_string) def exists? !@fetched.nil? end + + private + + def product_url + 'https://www.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/targetHttpsProxies/{{name}}' + end end diff --git a/libraries/google_pubsub_subscription.rb b/libraries/google_pubsub_subscription.rb index 7401ac54d..75027a612 100644 --- a/libraries/google_pubsub_subscription.rb +++ b/libraries/google_pubsub_subscription.rb @@ -37,6 +37,7 @@ def initialize(params) def parse @name = name_from_self_link(@fetched['name']) @topic = @fetched['topic'] + @labels = @fetched['labels'] @push_config = GoogleInSpec::Pubsub::Property::SubscriptionPushConfig.new(@fetched['pushConfig']) @ack_deadline_seconds = @fetched['ackDeadlineSeconds'] end diff --git a/libraries/google_pubsub_subscriptions.rb b/libraries/google_pubsub_subscriptions.rb index d6e21a3e2..a2629dd30 100644 --- a/libraries/google_pubsub_subscriptions.rb +++ b/libraries/google_pubsub_subscriptions.rb @@ -69,6 +69,7 @@ def transformers { 'name' => ->(obj) { return :name, name_from_self_link(obj['name']) }, 'topic' => ->(obj) { return :topic, obj['topic'] }, + 'labels' => ->(obj) { return :labels, obj['labels'] }, 'pushConfig' => ->(obj) { return :push_config, GoogleInSpec::Pubsub::Property::SubscriptionPushConfig.new(obj['pushConfig']) }, 'ackDeadlineSeconds' => ->(obj) { return :ack_deadline_seconds, obj['ackDeadlineSeconds'] }, } diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index cedbc52b0..b940273d5 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -106,6 +106,10 @@ variable "bigquery_table" { type = "map" } +variable "repository" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -433,4 +437,9 @@ resource "google_bigquery_table" "gcp-inspec-bigquery-table" { description = "${var.bigquery_table["description"]}" expiration_time = "${var.bigquery_table["expiration_time"]}" +} + +resource "google_sourcerepo_repository" "gcp-inspec-sourcerepo-repository" { + project = "${var.gcp_project_id}" + name = "${var.repository["name"]}" } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index b7ca91f40..3c3dde1ce 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -183,4 +183,7 @@ bigquery_table: table_id: inspec_gcp_bigquery_table description: A BigQuery table expiration_time: 1738882264000 - time_partitioning_type: DAY \ No newline at end of file + time_partitioning_type: DAY + +repository: + name: inspec-gcp-repository \ No newline at end of file From bce4ef48be728d0062c9cacfd79c63225b7b3786 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Thu, 28 Feb 2019 18:11:46 +0000 Subject: [PATCH 29/30] =?UTF-8?q?Add=20notes=20on=20API=20requirements=20t?= =?UTF-8?q?o=20markdown=20docs=20for=20InSpec=20generated=20r=E2=80=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Modular Magician --- docs/resources/google_bigquery_dataset.md | 6 ++++++ docs/resources/google_bigquery_datasets.md | 4 ++++ docs/resources/google_bigquery_table.md | 6 ++++++ docs/resources/google_bigquery_tables.md | 4 ++++ docs/resources/google_cloudbuild_trigger.md | 6 ++++++ docs/resources/google_cloudbuild_triggers.md | 4 ++++ docs/resources/google_compute_autoscaler.md | 6 ++++++ docs/resources/google_compute_autoscalers.md | 4 ++++ docs/resources/google_compute_backend_service.md | 6 ++++++ docs/resources/google_compute_backend_services.md | 4 ++++ docs/resources/google_compute_disk.md | 6 ++++++ docs/resources/google_compute_disks.md | 4 ++++ docs/resources/google_compute_global_address.md | 6 ++++++ docs/resources/google_compute_global_addresses.md | 4 ++++ docs/resources/google_compute_global_forwarding_rule.md | 6 ++++++ docs/resources/google_compute_global_forwarding_rules.md | 4 ++++ docs/resources/google_compute_health_check.md | 6 ++++++ docs/resources/google_compute_health_checks.md | 4 ++++ docs/resources/google_compute_http_health_check.md | 6 ++++++ docs/resources/google_compute_http_health_checks.md | 4 ++++ docs/resources/google_compute_https_health_check.md | 6 ++++++ docs/resources/google_compute_https_health_checks.md | 4 ++++ docs/resources/google_compute_instance_group_manager.md | 6 ++++++ docs/resources/google_compute_instance_group_managers.md | 4 ++++ docs/resources/google_compute_instance_template.md | 6 ++++++ docs/resources/google_compute_instance_templates.md | 4 ++++ docs/resources/google_compute_route.md | 6 ++++++ docs/resources/google_compute_router.md | 6 ++++++ docs/resources/google_compute_routers.md | 4 ++++ docs/resources/google_compute_routes.md | 4 ++++ docs/resources/google_compute_snapshot.md | 6 ++++++ docs/resources/google_compute_snapshots.md | 4 ++++ docs/resources/google_compute_ssl_certificate.md | 6 ++++++ docs/resources/google_compute_ssl_certificates.md | 4 ++++ docs/resources/google_compute_ssl_policies.md | 4 ++++ docs/resources/google_compute_ssl_policy.md | 6 ++++++ docs/resources/google_compute_target_http_proxies.md | 4 ++++ docs/resources/google_compute_target_http_proxy.md | 6 ++++++ docs/resources/google_compute_target_https_proxies.md | 4 ++++ docs/resources/google_compute_target_https_proxy.md | 6 ++++++ docs/resources/google_compute_target_pool.md | 6 ++++++ docs/resources/google_compute_target_pools.md | 4 ++++ docs/resources/google_compute_target_tcp_proxies.md | 4 ++++ docs/resources/google_compute_target_tcp_proxy.md | 6 ++++++ docs/resources/google_compute_url_map.md | 6 ++++++ docs/resources/google_compute_url_maps.md | 4 ++++ docs/resources/google_container_regional_cluster.md | 6 ++++++ docs/resources/google_container_regional_clusters.md | 4 ++++ docs/resources/google_dns_resource_record_set.md | 6 ++++++ docs/resources/google_dns_resource_record_sets.md | 4 ++++ docs/resources/google_pubsub_subscription.md | 6 ++++++ docs/resources/google_pubsub_subscriptions.md | 4 ++++ docs/resources/google_pubsub_topic.md | 6 ++++++ docs/resources/google_pubsub_topics.md | 4 ++++ docs/resources/google_sourcerepo_repositories.md | 4 ++++ docs/resources/google_sourcerepo_repository.md | 6 ++++++ 56 files changed, 280 insertions(+) diff --git a/docs/resources/google_bigquery_dataset.md b/docs/resources/google_bigquery_dataset.md index 769dc9462..ab2edc4a0 100644 --- a/docs/resources/google_bigquery_dataset.md +++ b/docs/resources/google_bigquery_dataset.md @@ -71,3 +71,9 @@ Properties that can be accessed from the `google_bigquery_dataset` resource: * `last_modified_time`: The date when this dataset or any of its tables was last modified, in milliseconds since the epoch. * `location`: The geographic location where the dataset should reside. Possible values include EU and US. The default value is US. + + + +## GCP Permissions + +Ensure the [BigQuery API](https://console.cloud.google.com/apis/library/bigquery-json.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_bigquery_datasets.md b/docs/resources/google_bigquery_datasets.md index f8412c64c..9d3e0b494 100644 --- a/docs/resources/google_bigquery_datasets.md +++ b/docs/resources/google_bigquery_datasets.md @@ -28,3 +28,7 @@ See [google_bigquery_dataset.md](google_bigquery_dataset.md) for more detailed i ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [BigQuery API](https://console.cloud.google.com/apis/library/bigquery-json.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_bigquery_table.md b/docs/resources/google_bigquery_table.md index b4531f742..ed17694c7 100644 --- a/docs/resources/google_bigquery_table.md +++ b/docs/resources/google_bigquery_table.md @@ -109,3 +109,9 @@ Properties that can be accessed from the `google_bigquery_table` resource: * `bigtableOptions`: Additional options if sourceFormat is set to BIGTABLE. * `dataset`: Name of the dataset + + + +## GCP Permissions + +Ensure the [BigQuery API](https://console.cloud.google.com/apis/library/bigquery-json.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_bigquery_tables.md b/docs/resources/google_bigquery_tables.md index 8e5164df0..57d390276 100644 --- a/docs/resources/google_bigquery_tables.md +++ b/docs/resources/google_bigquery_tables.md @@ -45,3 +45,7 @@ See [google_bigquery_table.md](google_bigquery_table.md) for more detailed infor ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [BigQuery API](https://console.cloud.google.com/apis/library/bigquery-json.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_cloudbuild_trigger.md b/docs/resources/google_cloudbuild_trigger.md index 0cb4e3f4a..80ec43918 100644 --- a/docs/resources/google_cloudbuild_trigger.md +++ b/docs/resources/google_cloudbuild_trigger.md @@ -62,3 +62,9 @@ Properties that can be accessed from the `google_cloudbuild_trigger` resource: * `images`: A list of images to be pushed upon the successful completion of all build steps. The images are pushed using the builder service account's credentials. The digests of the pushed images will be stored in the Build resource's results field. If any of the images fail to be pushed, the build status is marked FAILURE. * `steps`: The operations to be performed on the workspace. + + + +## GCP Permissions + +Ensure the [Cloud Build API](https://console.cloud.google.com/apis/library/cloudbuild.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_cloudbuild_triggers.md b/docs/resources/google_cloudbuild_triggers.md index 65b56a458..0ba4f33e4 100644 --- a/docs/resources/google_cloudbuild_triggers.md +++ b/docs/resources/google_cloudbuild_triggers.md @@ -40,3 +40,7 @@ See [google_cloudbuild_trigger.md](google_cloudbuild_trigger.md) for more detail ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Cloud Build API](https://console.cloud.google.com/apis/library/cloudbuild.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_autoscaler.md b/docs/resources/google_compute_autoscaler.md index 080cb7b69..5b5f78a3c 100644 --- a/docs/resources/google_compute_autoscaler.md +++ b/docs/resources/google_compute_autoscaler.md @@ -51,3 +51,9 @@ Properties that can be accessed from the `google_compute_autoscaler` resource: * `target`: URL of the managed instance group that this autoscaler will scale. * `zone`: URL of the zone where the instance group resides. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_autoscalers.md b/docs/resources/google_compute_autoscalers.md index 5012cc96b..b71a0c9e2 100644 --- a/docs/resources/google_compute_autoscalers.md +++ b/docs/resources/google_compute_autoscalers.md @@ -36,3 +36,7 @@ See [google_compute_autoscaler.md](google_compute_autoscaler.md) for more detail ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_backend_service.md b/docs/resources/google_compute_backend_service.md index 8a7d426eb..8d39ef8ae 100644 --- a/docs/resources/google_compute_backend_service.md +++ b/docs/resources/google_compute_backend_service.md @@ -88,3 +88,9 @@ Properties that can be accessed from the `google_compute_backend_service` resour * `session_affinity`: Type of session affinity to use. The default is NONE. When the load balancing scheme is EXTERNAL, can be NONE, CLIENT_IP, or GENERATED_COOKIE. When the load balancing scheme is INTERNAL, can be NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. When the protocol is UDP, this field is not used. * `timeout_sec`: How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds. Valid range is [1, 86400]. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_backend_services.md b/docs/resources/google_compute_backend_services.md index c8373da98..bbbd8f0b8 100644 --- a/docs/resources/google_compute_backend_services.md +++ b/docs/resources/google_compute_backend_services.md @@ -42,3 +42,7 @@ See [google_compute_backend_service.md](google_compute_backend_service.md) for m ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_disk.md b/docs/resources/google_compute_disk.md index bfada18ce..4aca7ef57 100644 --- a/docs/resources/google_compute_disk.md +++ b/docs/resources/google_compute_disk.md @@ -91,3 +91,9 @@ Properties that can be accessed from the `google_compute_disk` resource: * `sha256`: The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. * `source_snapshot_id`: The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_disks.md b/docs/resources/google_compute_disks.md index b9c7e43fc..f6a5d8cbd 100644 --- a/docs/resources/google_compute_disks.md +++ b/docs/resources/google_compute_disks.md @@ -44,3 +44,7 @@ See [google_compute_disk.md](google_compute_disk.md) for more detailed informati ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_global_address.md b/docs/resources/google_compute_global_address.md index b00f2ce7e..824cc9a7d 100644 --- a/docs/resources/google_compute_global_address.md +++ b/docs/resources/google_compute_global_address.md @@ -36,3 +36,9 @@ Properties that can be accessed from the `google_compute_global_address` resourc * `region`: A reference to the region where the regional address resides. * `address_type`: The type of the address to reserve, default is EXTERNAL. * EXTERNAL indicates public/external single IP address. * INTERNAL indicates internal IP ranges belonging to some network. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_global_addresses.md b/docs/resources/google_compute_global_addresses.md index 4c9a7530f..47c26b221 100644 --- a/docs/resources/google_compute_global_addresses.md +++ b/docs/resources/google_compute_global_addresses.md @@ -31,3 +31,7 @@ See [google_compute_global_address.md](google_compute_global_address.md) for mor ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_global_forwarding_rule.md b/docs/resources/google_compute_global_forwarding_rule.md index f6256481e..f1188e99d 100644 --- a/docs/resources/google_compute_global_forwarding_rule.md +++ b/docs/resources/google_compute_global_forwarding_rule.md @@ -51,3 +51,9 @@ Properties that can be accessed from the `google_compute_global_forwarding_rule` * `region`: A reference to the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. * `target`: This target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object. Valid types: HTTP_PROXY, HTTPS_PROXY, SSL_PROXY, TCP_PROXY + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_global_forwarding_rules.md b/docs/resources/google_compute_global_forwarding_rules.md index e48105f97..a655b2fc2 100644 --- a/docs/resources/google_compute_global_forwarding_rules.md +++ b/docs/resources/google_compute_global_forwarding_rules.md @@ -37,3 +37,7 @@ See [google_compute_global_forwarding_rule.md](google_compute_global_forwarding_ ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_health_check.md b/docs/resources/google_compute_health_check.md index 5687272c5..9740c6936 100644 --- a/docs/resources/google_compute_health_check.md +++ b/docs/resources/google_compute_health_check.md @@ -91,3 +91,9 @@ Properties that can be accessed from the `google_compute_health_check` resource: * `portName`: Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence. * `proxyHeader`: Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_health_checks.md b/docs/resources/google_compute_health_checks.md index a11c784ba..b9bbf6c73 100644 --- a/docs/resources/google_compute_health_checks.md +++ b/docs/resources/google_compute_health_checks.md @@ -35,3 +35,7 @@ See [google_compute_health_check.md](google_compute_health_check.md) for more de ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_http_health_check.md b/docs/resources/google_compute_http_health_check.md index 1bb332599..3fbac5e64 100644 --- a/docs/resources/google_compute_http_health_check.md +++ b/docs/resources/google_compute_http_health_check.md @@ -44,3 +44,9 @@ Properties that can be accessed from the `google_compute_http_health_check` reso * `timeout_sec`: How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec. * `unhealthy_threshold`: A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_http_health_checks.md b/docs/resources/google_compute_http_health_checks.md index d0a413fee..346b230ac 100644 --- a/docs/resources/google_compute_http_health_checks.md +++ b/docs/resources/google_compute_http_health_checks.md @@ -34,3 +34,7 @@ See [google_compute_http_health_check.md](google_compute_http_health_check.md) f ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_https_health_check.md b/docs/resources/google_compute_https_health_check.md index 3b550e484..c6e184b72 100644 --- a/docs/resources/google_compute_https_health_check.md +++ b/docs/resources/google_compute_https_health_check.md @@ -45,3 +45,9 @@ Properties that can be accessed from the `google_compute_https_health_check` res * `timeout_sec`: How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec. * `unhealthy_threshold`: A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_https_health_checks.md b/docs/resources/google_compute_https_health_checks.md index 4fa507d2b..d7bc536dd 100644 --- a/docs/resources/google_compute_https_health_checks.md +++ b/docs/resources/google_compute_https_health_checks.md @@ -34,3 +34,7 @@ See [google_compute_https_health_check.md](google_compute_https_health_check.md) ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_instance_group_manager.md b/docs/resources/google_compute_instance_group_manager.md index 378467686..90195eb59 100644 --- a/docs/resources/google_compute_instance_group_manager.md +++ b/docs/resources/google_compute_instance_group_manager.md @@ -71,3 +71,9 @@ Properties that can be accessed from the `google_compute_instance_group_manager` * `target_size`: The target number of running instances for this managed instance group. Deleting or abandoning instances reduces this number. Resizing the group changes this number. * `zone`: The zone the managed instance group resides. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_instance_group_managers.md b/docs/resources/google_compute_instance_group_managers.md index 2bcb6fde1..ff0151a0b 100644 --- a/docs/resources/google_compute_instance_group_managers.md +++ b/docs/resources/google_compute_instance_group_managers.md @@ -34,3 +34,7 @@ See [google_compute_instance_group_manager.md](google_compute_instance_group_man ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_instance_template.md b/docs/resources/google_compute_instance_template.md index 019283365..1aa8edcad 100644 --- a/docs/resources/google_compute_instance_template.md +++ b/docs/resources/google_compute_instance_template.md @@ -60,3 +60,9 @@ Properties that can be accessed from the `google_compute_instance_template` reso * `serviceAccounts`: A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. * `tags`: A list of tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_instance_templates.md b/docs/resources/google_compute_instance_templates.md index ca0973ef1..6d02f7cf8 100644 --- a/docs/resources/google_compute_instance_templates.md +++ b/docs/resources/google_compute_instance_templates.md @@ -26,3 +26,7 @@ See [google_compute_instance_template.md](google_compute_instance_template.md) f ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_route.md b/docs/resources/google_compute_route.md index f1f295ee4..20428998a 100644 --- a/docs/resources/google_compute_route.md +++ b/docs/resources/google_compute_route.md @@ -45,3 +45,9 @@ Properties that can be accessed from the `google_compute_route` resource: * `next_hop_vpn_tunnel`: URL to a VpnTunnel that should handle matching packets. * `next_hop_network`: URL to a Network that should handle matching packets. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_router.md b/docs/resources/google_compute_router.md index 53fc149f7..cff38f94c 100644 --- a/docs/resources/google_compute_router.md +++ b/docs/resources/google_compute_router.md @@ -48,3 +48,9 @@ Properties that can be accessed from the `google_compute_router` resource: * `advertisedIpRanges`: User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges. * `region`: Region where the router resides. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_routers.md b/docs/resources/google_compute_routers.md index 7827645f5..56e203753 100644 --- a/docs/resources/google_compute_routers.md +++ b/docs/resources/google_compute_routers.md @@ -28,3 +28,7 @@ See [google_compute_router.md](google_compute_router.md) for more detailed infor ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_routes.md b/docs/resources/google_compute_routes.md index 9945b7a60..631694fbb 100644 --- a/docs/resources/google_compute_routes.md +++ b/docs/resources/google_compute_routes.md @@ -35,3 +35,7 @@ See [google_compute_route.md](google_compute_route.md) for more detailed informa ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_snapshot.md b/docs/resources/google_compute_snapshot.md index 2dfd8994f..b7504d4d8 100644 --- a/docs/resources/google_compute_snapshot.md +++ b/docs/resources/google_compute_snapshot.md @@ -57,3 +57,9 @@ Properties that can be accessed from the `google_compute_snapshot` resource: * `rawKey`: Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. * `kmsKeyName`: The name of the encryption key that is stored in Google Cloud KMS. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_snapshots.md b/docs/resources/google_compute_snapshots.md index 62e87f0d2..b05dfd20b 100644 --- a/docs/resources/google_compute_snapshots.md +++ b/docs/resources/google_compute_snapshots.md @@ -43,3 +43,7 @@ See [google_compute_snapshot.md](google_compute_snapshot.md) for more detailed i ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_ssl_certificate.md b/docs/resources/google_compute_ssl_certificate.md index 9d8084fae..f94f2e604 100644 --- a/docs/resources/google_compute_ssl_certificate.md +++ b/docs/resources/google_compute_ssl_certificate.md @@ -50,3 +50,9 @@ Properties that can be accessed from the `google_compute_ssl_certificate` resour * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. * `private_key`: The write-only private key in PEM format. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_ssl_certificates.md b/docs/resources/google_compute_ssl_certificates.md index ab1db6bd7..6bd3a253e 100644 --- a/docs/resources/google_compute_ssl_certificates.md +++ b/docs/resources/google_compute_ssl_certificates.md @@ -47,3 +47,7 @@ See [google_compute_ssl_certificate.md](google_compute_ssl_certificate.md) for m ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_ssl_policies.md b/docs/resources/google_compute_ssl_policies.md index 191879003..de48b3d2a 100644 --- a/docs/resources/google_compute_ssl_policies.md +++ b/docs/resources/google_compute_ssl_policies.md @@ -40,3 +40,7 @@ See [google_compute_ssl_policy.md](google_compute_ssl_policy.md) for more detail ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_ssl_policy.md b/docs/resources/google_compute_ssl_policy.md index baf91eed1..54043aeb9 100644 --- a/docs/resources/google_compute_ssl_policy.md +++ b/docs/resources/google_compute_ssl_policy.md @@ -47,3 +47,9 @@ Properties that can be accessed from the `google_compute_ssl_policy` resource: * `code`: A warning code, if applicable. * `message`: A human-readable description of the warning code. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_target_http_proxies.md b/docs/resources/google_compute_target_http_proxies.md index f25b76af4..dd91b6254 100644 --- a/docs/resources/google_compute_target_http_proxies.md +++ b/docs/resources/google_compute_target_http_proxies.md @@ -27,3 +27,7 @@ See [google_compute_target_http_proxy.md](google_compute_target_http_proxy.md) f ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_target_http_proxy.md b/docs/resources/google_compute_target_http_proxy.md index 04cf987b7..7cce14ed4 100644 --- a/docs/resources/google_compute_target_http_proxy.md +++ b/docs/resources/google_compute_target_http_proxy.md @@ -31,3 +31,9 @@ Properties that can be accessed from the `google_compute_target_http_proxy` reso * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. * `url_map`: A reference to the UrlMap resource that defines the mapping from URL to the BackendService. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_target_https_proxies.md b/docs/resources/google_compute_target_https_proxies.md index 72c26502d..ec709dae4 100644 --- a/docs/resources/google_compute_target_https_proxies.md +++ b/docs/resources/google_compute_target_https_proxies.md @@ -30,3 +30,7 @@ See [google_compute_target_https_proxy.md](google_compute_target_https_proxy.md) ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_target_https_proxy.md b/docs/resources/google_compute_target_https_proxy.md index eaecf3d4b..c51c5d649 100644 --- a/docs/resources/google_compute_target_https_proxy.md +++ b/docs/resources/google_compute_target_https_proxy.md @@ -37,3 +37,9 @@ Properties that can be accessed from the `google_compute_target_https_proxy` res * `ssl_policy`: A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured. * `url_map`: A reference to the UrlMap resource that defines the mapping from URL to the BackendService. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_target_pool.md b/docs/resources/google_compute_target_pool.md index 6b128d2b4..23ade3b15 100644 --- a/docs/resources/google_compute_target_pool.md +++ b/docs/resources/google_compute_target_pool.md @@ -41,3 +41,9 @@ Properties that can be accessed from the `google_compute_target_pool` resource: * `session_affinity`: Session affinity option. Must be one of these values: - NONE: Connections from the same client IP may go to any instance in the pool. - CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. - CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy. * `region`: The region where the target pool resides. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_target_pools.md b/docs/resources/google_compute_target_pools.md index 7f24378f5..b1a3d8b3d 100644 --- a/docs/resources/google_compute_target_pools.md +++ b/docs/resources/google_compute_target_pools.md @@ -32,3 +32,7 @@ See [google_compute_target_pool.md](google_compute_target_pool.md) for more deta ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_target_tcp_proxies.md b/docs/resources/google_compute_target_tcp_proxies.md index 67847348d..d10ea1bb5 100644 --- a/docs/resources/google_compute_target_tcp_proxies.md +++ b/docs/resources/google_compute_target_tcp_proxies.md @@ -28,3 +28,7 @@ See [google_compute_target_tcp_proxy.md](google_compute_target_tcp_proxy.md) for ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_target_tcp_proxy.md b/docs/resources/google_compute_target_tcp_proxy.md index 7da650ee0..984e9389b 100644 --- a/docs/resources/google_compute_target_tcp_proxy.md +++ b/docs/resources/google_compute_target_tcp_proxy.md @@ -33,3 +33,9 @@ Properties that can be accessed from the `google_compute_target_tcp_proxy` resou * `proxy_header`: Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE. * `service`: A reference to the BackendService resource. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_url_map.md b/docs/resources/google_compute_url_map.md index 841478ee8..68c75cea4 100644 --- a/docs/resources/google_compute_url_map.md +++ b/docs/resources/google_compute_url_map.md @@ -68,3 +68,9 @@ Properties that can be accessed from the `google_compute_url_map` resource: * `path`: Path portion of the URL. * `service`: A reference to expected BackendService resource the given URL should be mapped to. + + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_url_maps.md b/docs/resources/google_compute_url_maps.md index 9a1ddc5cc..9f98d9c4f 100644 --- a/docs/resources/google_compute_url_maps.md +++ b/docs/resources/google_compute_url_maps.md @@ -30,3 +30,7 @@ See [google_compute_url_map.md](google_compute_url_map.md) for more detailed inf ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_container_regional_cluster.md b/docs/resources/google_container_regional_cluster.md index d352cd5cb..b8734ff6a 100644 --- a/docs/resources/google_container_regional_cluster.md +++ b/docs/resources/google_container_regional_cluster.md @@ -97,3 +97,9 @@ Properties that can be accessed from the `google_container_regional_cluster` res * `expire_time`: The time the cluster will be automatically deleted in RFC3339 text format. * `location`: The location where the cluster is deployed + + + +## GCP Permissions + +Ensure the [Kubernetes Engine API](https://console.cloud.google.com/apis/library/container.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_container_regional_clusters.md b/docs/resources/google_container_regional_clusters.md index e642a91ce..6399a5378 100644 --- a/docs/resources/google_container_regional_clusters.md +++ b/docs/resources/google_container_regional_clusters.md @@ -44,3 +44,7 @@ See [google_container_regional_cluster.md](google_container_regional_cluster.md) ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Kubernetes Engine API](https://console.cloud.google.com/apis/library/container.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_dns_resource_record_set.md b/docs/resources/google_dns_resource_record_set.md index 13694d007..61b01eda6 100644 --- a/docs/resources/google_dns_resource_record_set.md +++ b/docs/resources/google_dns_resource_record_set.md @@ -29,3 +29,9 @@ Properties that can be accessed from the `google_dns_resource_record_set` resour * `target`: As defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1) * `managed_zone`: Identifies the managed zone addressed by this request. + + + +## GCP Permissions + +Ensure the [Google Cloud DNS API](https://console.cloud.google.com/apis/library/dns.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_dns_resource_record_sets.md b/docs/resources/google_dns_resource_record_sets.md index 1ab1eb064..b1c5dce02 100644 --- a/docs/resources/google_dns_resource_record_sets.md +++ b/docs/resources/google_dns_resource_record_sets.md @@ -30,3 +30,7 @@ See [google_dns_resource_record_set.md](google_dns_resource_record_set.md) for m ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Google Cloud DNS API](https://console.cloud.google.com/apis/library/dns.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_pubsub_subscription.md b/docs/resources/google_pubsub_subscription.md index d11f30b9b..0386cd8f7 100644 --- a/docs/resources/google_pubsub_subscription.md +++ b/docs/resources/google_pubsub_subscription.md @@ -33,3 +33,9 @@ Properties that can be accessed from the `google_pubsub_subscription` resource: * `attributes`: Endpoint configuration attributes. Every endpoint has a set of API supported attributes that can be used to control different aspects of the message delivery. The currently supported attribute is x-goog-version, which you can use to change the format of the pushed message. This attribute indicates the version of the data expected by the endpoint. This controls the shape of the pushed message (i.e., its fields and metadata). The endpoint version is based on the version of the Pub/Sub API. If not present during the subscriptions.create call, it will default to the version of the API used to make such call. If not present during a subscriptions.modifyPushConfig call, its value will not be changed. subscriptions.get calls will always return a valid version, even if the subscription was created without this attribute. The possible values for this attribute are: - v1beta1: uses the push format defined in the v1beta1 Pub/Sub API. - v1 or v1beta2: uses the push format defined in the v1 Pub/Sub API. * `ack_deadline_seconds`: This value is the maximum time after a subscriber receives a message before the subscriber should acknowledge the message. After message delivery but before the ack deadline expires and before the message is acknowledged, it is an outstanding message and will not be delivered again during that time (on a best-effort basis). For pull subscriptions, this value is used as the initial value for the ack deadline. To override this value for a given message, call subscriptions.modifyAckDeadline with the corresponding ackId if using pull. The minimum custom deadline you can specify is 10 seconds. The maximum custom deadline you can specify is 600 seconds (10 minutes). If this parameter is 0, a default value of 10 seconds is used. For push delivery, this value is also used to set the request timeout for the call to the push endpoint. If the subscriber never acknowledges the message, the Pub/Sub system will eventually redeliver the message. + + + +## GCP Permissions + +Ensure the [Cloud Pub/Sub API](https://console.cloud.google.com/apis/library/pubsub.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_pubsub_subscriptions.md b/docs/resources/google_pubsub_subscriptions.md index 4492fd202..484986c5d 100644 --- a/docs/resources/google_pubsub_subscriptions.md +++ b/docs/resources/google_pubsub_subscriptions.md @@ -32,3 +32,7 @@ See [google_pubsub_subscription.md](google_pubsub_subscription.md) for more deta ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Cloud Pub/Sub API](https://console.cloud.google.com/apis/library/pubsub.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_pubsub_topic.md b/docs/resources/google_pubsub_topic.md index 854a072c6..78a75b37c 100644 --- a/docs/resources/google_pubsub_topic.md +++ b/docs/resources/google_pubsub_topic.md @@ -23,3 +23,9 @@ Properties that can be accessed from the `google_pubsub_topic` resource: * `name`: Name of the topic. * `labels`: A set of key/value label pairs to assign to this Topic. + + + +## GCP Permissions + +Ensure the [Cloud Pub/Sub API](https://console.cloud.google.com/apis/library/pubsub.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_pubsub_topics.md b/docs/resources/google_pubsub_topics.md index 05c9a12ee..f33976610 100644 --- a/docs/resources/google_pubsub_topics.md +++ b/docs/resources/google_pubsub_topics.md @@ -33,3 +33,7 @@ See [google_pubsub_topic.md](google_pubsub_topic.md) for more detailed informati ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Cloud Pub/Sub API](https://console.cloud.google.com/apis/library/pubsub.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_sourcerepo_repositories.md b/docs/resources/google_sourcerepo_repositories.md index b95eec9c7..31fb72978 100644 --- a/docs/resources/google_sourcerepo_repositories.md +++ b/docs/resources/google_sourcerepo_repositories.md @@ -29,3 +29,7 @@ See [google_sourcerepo_repository.md](google_sourcerepo_repository.md) for more ## Filter Criteria This resource supports all of the above properties as filter criteria, which can be used with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Cloud Source Repositories API](https://console.cloud.google.com/apis/library/sourcerepo.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_sourcerepo_repository.md b/docs/resources/google_sourcerepo_repository.md index caf8b91ca..4b105c0f4 100644 --- a/docs/resources/google_sourcerepo_repository.md +++ b/docs/resources/google_sourcerepo_repository.md @@ -25,3 +25,9 @@ Properties that can be accessed from the `google_sourcerepo_repository` resource * `url`: URL to clone the repository from Google Cloud Source Repositories. * `size`: The disk usage of the repo, in bytes. + + + +## GCP Permissions + +Ensure the [Cloud Source Repositories API](https://console.cloud.google.com/apis/library/sourcerepo.googleapis.com/) is enabled for the current project. From 0c000e96c1d54df219a5d5e2b186da09bf3b17e9 Mon Sep 17 00:00:00 2001 From: The Magician Date: Thu, 28 Feb 2019 16:05:48 -0800 Subject: [PATCH 30/30] Improve docs for Cloud Build (#118) /cc @rileykarson --- docs/resources/google_cloudbuild_trigger.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/resources/google_cloudbuild_trigger.md b/docs/resources/google_cloudbuild_trigger.md index 80ec43918..f58eb86d8 100644 --- a/docs/resources/google_cloudbuild_trigger.md +++ b/docs/resources/google_cloudbuild_trigger.md @@ -35,7 +35,7 @@ Properties that can be accessed from the `google_cloudbuild_trigger` resource: * `substitutions`: Substitutions data for Build resource. - * `filename`: Path, from the source root, to a file whose contents is used for the template. + * `filename`: Path, from the source root, to a file whose contents is used for the template. Either a filename or build template must be provided. * `ignored_files`: ignoredFiles and includedFiles are file glob matches using http://godoc/pkg/path/filepath#Match extended with support for `**`. If ignoredFiles and changed files are both empty, then they are not used to determine whether or not to trigger a build. If ignoredFiles is not empty, then we ignore any files that match any of the ignored_file globs. If the change has no files that are outside of the ignoredFiles globs, then we do not trigger a build. @@ -49,13 +49,13 @@ Properties that can be accessed from the `google_cloudbuild_trigger` resource: * `dir`: Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's dir is specified and is an absolute path, this value is ignored for that step's execution. - * `branchName`: Name of the branch to build. + * `branchName`: Name of the branch to build. Exactly one a of branch name, tag, or commit SHA must be provided. - * `tagName`: Name of the tag to build. + * `tagName`: Name of the tag to build. Exactly one of a branch name, tag, or commit SHA must be provided. - * `commitSha`: Explicit commit SHA to build. + * `commitSha`: Explicit commit SHA to build. Exactly one of a branch name, tag, or commit SHA must be provided. - * `build`: Contents of the build template. + * `build`: Contents of the build template. Either a filename or build template must be provided. * `tags`: Tags for annotation of a Build. These are not docker tags.