Skip to content
This repository has been archived by the owner on Nov 14, 2024. It is now read-only.

Commit

Permalink
Merge pull request #102 from modular-magician/codegen-pr-1347
Browse files Browse the repository at this point in the history
Inspec ssl certificate
  • Loading branch information
slevenick authored Feb 5, 2019
2 parents c3d9a69 + 858fa89 commit 55558ec
Show file tree
Hide file tree
Showing 14 changed files with 678 additions and 0 deletions.
52 changes: 52 additions & 0 deletions docs/resources/google_compute_ssl_certificate.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
---
title: About the google_compute_ssl_certificate resource
platform: gcp
---

## Syntax
A `google_compute_ssl_certificate` is used to test a Google SslCertificate resource

## Examples
```
describe google_compute_ssl_certificate(project: 'chef-gcp-inspec', name: 'inspec-gcp-ssl-certificate') do
it { should exist }
its('description') { should eq 'A fake ssl certificate (DO NOT USE)' }
its('certificate') { should eq '-----BEGIN CERTIFICATE-----
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT
BgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm
b3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN
AQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2
MDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP
BgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM
FUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z
aXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH
KoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ
4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O
BBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn
0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O
M3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ
zqGNhIPGq2ULqXKK8BY=
-----END CERTIFICATE-----
' }
end
describe google_compute_ssl_certificate(project: 'chef-gcp-inspec', name: 'nonexistent') do
it { should_not exist }
end
```

## Properties
Properties that can be accessed from the `google_compute_ssl_certificate` resource:

* `certificate`: The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.

* `creation_timestamp`: Creation timestamp in RFC3339 text format.

* `description`: An optional description of this resource.

* `id`: The unique identifier for the resource.

* `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

* `private_key`: The write-only private key in PEM format.
49 changes: 49 additions & 0 deletions docs/resources/google_compute_ssl_certificates.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
---
title: About the google_compute_ssl_certificates resource
platform: gcp
---

## Syntax
A `google_compute_ssl_certificates` is used to test a Google SslCertificate resource

## Examples
```
describe google_compute_ssl_certificates(project: 'chef-gcp-inspec') do
its('names') { should include 'inspec-gcp-ssl-certificate' }
its('descriptions') { should include 'A fake ssl certificate (DO NOT USE)' }
its('certificates') { should include '-----BEGIN CERTIFICATE-----
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT
BgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm
b3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN
AQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2
MDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP
BgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM
FUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z
aXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH
KoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ
4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O
BBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn
0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O
M3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ
zqGNhIPGq2ULqXKK8BY=
-----END CERTIFICATE-----
' }
end
```

## Properties
Properties that can be accessed from the `google_compute_ssl_certificates` resource:

See [google_compute_ssl_certificate.md](google_compute_ssl_certificate.md) for more detailed information
* `certificates`: an array of `google_compute_ssl_certificate` certificate
* `creation_timestamps`: an array of `google_compute_ssl_certificate` creation_timestamp
* `descriptions`: an array of `google_compute_ssl_certificate` description
* `ids`: an array of `google_compute_ssl_certificate` id
* `names`: an array of `google_compute_ssl_certificate` name
* `private_keys`: an array of `google_compute_ssl_certificate` private_key

## Filter Criteria
This resource supports all of the above properties as filter criteria, which can be used
with `where` as a block or a method.
32 changes: 32 additions & 0 deletions docs/resources/google_compute_target_https_proxies.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
---
title: About the google_compute_target_https_proxies resource
platform: gcp
---

## Syntax
A `google_compute_target_https_proxies` is used to test a Google TargetHttpsProxy resource

## Examples
```
describe google_compute_target_https_proxies(project: 'chef-gcp-inspec') do
its('names') { should include 'inspec-gcp-https-proxy' }
its('descriptions') { should include 'A HTTPS target proxy' }
end
```

## Properties
Properties that can be accessed from the `google_compute_target_https_proxies` resource:

See [google_compute_target_https_proxy.md](google_compute_target_https_proxy.md) for more detailed information
* `creation_timestamps`: an array of `google_compute_target_https_proxy` creation_timestamp
* `descriptions`: an array of `google_compute_target_https_proxy` description
* `ids`: an array of `google_compute_target_https_proxy` id
* `names`: an array of `google_compute_target_https_proxy` name
* `quic_overrides`: an array of `google_compute_target_https_proxy` quic_override
* `ssl_certificates`: an array of `google_compute_target_https_proxy` ssl_certificates
* `ssl_policies`: an array of `google_compute_target_https_proxy` ssl_policy
* `url_maps`: an array of `google_compute_target_https_proxy` url_map

## Filter Criteria
This resource supports all of the above properties as filter criteria, which can be used
with `where` as a block or a method.
39 changes: 39 additions & 0 deletions docs/resources/google_compute_target_https_proxy.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
---
title: About the google_compute_target_https_proxy resource
platform: gcp
---

## Syntax
A `google_compute_target_https_proxy` is used to test a Google TargetHttpsProxy resource

## Examples
```
describe google_compute_target_https_proxy(project: 'chef-gcp-inspec', name: 'inspec-gcp-https-proxy') do
it { should exist }
its('url_map') { should match /\/inspec-gcp-url-map$/ }
its('description') { should eq 'A HTTPS target proxy' }
end
describe google_compute_target_https_proxy(project: 'chef-gcp-inspec', name: 'nonexistent') do
it { should_not exist }
end
```

## Properties
Properties that can be accessed from the `google_compute_target_https_proxy` resource:

* `creation_timestamp`: Creation timestamp in RFC3339 text format.

* `description`: An optional description of this resource.

* `id`: The unique identifier for the resource.

* `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

* `quic_override`: Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy with no user overrides, which is equivalent to DISABLE. Not specifying this field is equivalent to specifying NONE.

* `ssl_certificates`: A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.

* `ssl_policy`: A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.

* `url_map`: A reference to the UrlMap resource that defines the mapping from URL to the BackendService.
61 changes: 61 additions & 0 deletions libraries/google_compute_ssl_certificate.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
# frozen_string_literal: false

# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in README.md and
# CONTRIBUTING.md located at the root of this package.
#
# ----------------------------------------------------------------------------
require 'gcp_backend'

# A provider to manage Google Compute Engine resources.
class SslCertificate < GcpResourceBase
name 'google_compute_ssl_certificate'
desc 'SslCertificate'
supports platform: 'gcp'

attr_reader :certificate
attr_reader :creation_timestamp
attr_reader :description
attr_reader :id
attr_reader :name
attr_reader :private_key
def base
'https://www.googleapis.com/compute/v1/'
end

def url
'projects/{{project}}/global/sslCertificates/{{name}}'
end

def initialize(params)
super(params.merge({ use_http_transport: true }))
@fetched = @connection.fetch(base, url, params)
parse unless @fetched.nil?
end

def parse
@certificate = @fetched['certificate']
@creation_timestamp = parse_time_string(@fetched['creationTimestamp'])
@description = @fetched['description']
@id = @fetched['id']
@name = @fetched['name']
@private_key = @fetched['privateKey']
end

# Handles parsing RFC3339 time string
def parse_time_string(time_string)
time_string ? Time.parse(time_string) : nil
end

def exists?
!@fetched.nil?
end
end
92 changes: 92 additions & 0 deletions libraries/google_compute_ssl_certificates.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
# frozen_string_literal: false

# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in README.md and
# CONTRIBUTING.md located at the root of this package.
#
# ----------------------------------------------------------------------------
require 'gcp_backend'
class SslCertificates < GcpResourceBase
name 'google_compute_ssl_certificates'
desc 'SslCertificate plural resource'
supports platform: 'gcp'

attr_reader :table

filter_table_config = FilterTable.create

filter_table_config.add(:certificates, field: :certificate)
filter_table_config.add(:creation_timestamps, field: :creation_timestamp)
filter_table_config.add(:descriptions, field: :description)
filter_table_config.add(:ids, field: :id)
filter_table_config.add(:names, field: :name)
filter_table_config.add(:private_keys, field: :private_key)

filter_table_config.connect(self, :table)

def base
'https://www.googleapis.com/compute/v1/'
end

def url
'projects/{{project}}/global/sslCertificates'
end

def initialize(params = {})
super(params.merge({ use_http_transport: true }))
@params = params
@table = fetch_wrapped_resource('items')
end

def fetch_wrapped_resource(wrap_path)
# fetch_resource returns an array of responses (to handle pagination)
result = @connection.fetch_all(base, url, @params)
return if result.nil?

# Conversion of string -> object hash to symbol -> object hash that InSpec needs
converted = []
result.each do |response|
next if response.nil? || !response.key?(wrap_path)
response[wrap_path].each do |hash|
hash_with_symbols = {}
hash.each_key do |key|
name, value = transform(key, hash)
hash_with_symbols[name] = value
end
converted.push(hash_with_symbols)
end
end

converted
end

def transform(key, value)
return transformers[key].call(value) if transformers.key?(key)

[key.to_sym, value]
end

def transformers
{
'certificate' => ->(obj) { return :certificate, obj['certificate'] },
'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) },
'description' => ->(obj) { return :description, obj['description'] },
'id' => ->(obj) { return :id, obj['id'] },
'name' => ->(obj) { return :name, obj['name'] },
'privateKey' => ->(obj) { return :private_key, obj['privateKey'] },
}
end

# Handles parsing RFC3339 time string
def parse_time_string(time_string)
time_string ? Time.parse(time_string) : nil
end
end
Loading

0 comments on commit 55558ec

Please sign in to comment.