This repository has been archived by the owner on Nov 14, 2024. It is now read-only.
forked from inspec/inspec-gcp
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #102 from modular-magician/codegen-pr-1347
Inspec ssl certificate
- Loading branch information
Showing
14 changed files
with
678 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
--- | ||
title: About the google_compute_ssl_certificate resource | ||
platform: gcp | ||
--- | ||
|
||
## Syntax | ||
A `google_compute_ssl_certificate` is used to test a Google SslCertificate resource | ||
|
||
## Examples | ||
``` | ||
describe google_compute_ssl_certificate(project: 'chef-gcp-inspec', name: 'inspec-gcp-ssl-certificate') do | ||
it { should exist } | ||
its('description') { should eq 'A fake ssl certificate (DO NOT USE)' } | ||
its('certificate') { should eq '-----BEGIN CERTIFICATE----- | ||
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG | ||
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT | ||
BgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm | ||
b3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN | ||
AQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2 | ||
MDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP | ||
BgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM | ||
FUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z | ||
aXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH | ||
KoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ | ||
4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O | ||
BBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn | ||
0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O | ||
M3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ | ||
zqGNhIPGq2ULqXKK8BY= | ||
-----END CERTIFICATE----- | ||
' } | ||
end | ||
describe google_compute_ssl_certificate(project: 'chef-gcp-inspec', name: 'nonexistent') do | ||
it { should_not exist } | ||
end | ||
``` | ||
|
||
## Properties | ||
Properties that can be accessed from the `google_compute_ssl_certificate` resource: | ||
|
||
* `certificate`: The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. | ||
|
||
* `creation_timestamp`: Creation timestamp in RFC3339 text format. | ||
|
||
* `description`: An optional description of this resource. | ||
|
||
* `id`: The unique identifier for the resource. | ||
|
||
* `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. | ||
|
||
* `private_key`: The write-only private key in PEM format. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
--- | ||
title: About the google_compute_ssl_certificates resource | ||
platform: gcp | ||
--- | ||
|
||
## Syntax | ||
A `google_compute_ssl_certificates` is used to test a Google SslCertificate resource | ||
|
||
## Examples | ||
``` | ||
describe google_compute_ssl_certificates(project: 'chef-gcp-inspec') do | ||
its('names') { should include 'inspec-gcp-ssl-certificate' } | ||
its('descriptions') { should include 'A fake ssl certificate (DO NOT USE)' } | ||
its('certificates') { should include '-----BEGIN CERTIFICATE----- | ||
MIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG | ||
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT | ||
BgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm | ||
b3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN | ||
AQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2 | ||
MDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP | ||
BgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM | ||
FUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z | ||
aXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH | ||
KoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ | ||
4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O | ||
BBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn | ||
0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O | ||
M3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ | ||
zqGNhIPGq2ULqXKK8BY= | ||
-----END CERTIFICATE----- | ||
' } | ||
end | ||
``` | ||
|
||
## Properties | ||
Properties that can be accessed from the `google_compute_ssl_certificates` resource: | ||
|
||
See [google_compute_ssl_certificate.md](google_compute_ssl_certificate.md) for more detailed information | ||
* `certificates`: an array of `google_compute_ssl_certificate` certificate | ||
* `creation_timestamps`: an array of `google_compute_ssl_certificate` creation_timestamp | ||
* `descriptions`: an array of `google_compute_ssl_certificate` description | ||
* `ids`: an array of `google_compute_ssl_certificate` id | ||
* `names`: an array of `google_compute_ssl_certificate` name | ||
* `private_keys`: an array of `google_compute_ssl_certificate` private_key | ||
|
||
## Filter Criteria | ||
This resource supports all of the above properties as filter criteria, which can be used | ||
with `where` as a block or a method. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
--- | ||
title: About the google_compute_target_https_proxies resource | ||
platform: gcp | ||
--- | ||
|
||
## Syntax | ||
A `google_compute_target_https_proxies` is used to test a Google TargetHttpsProxy resource | ||
|
||
## Examples | ||
``` | ||
describe google_compute_target_https_proxies(project: 'chef-gcp-inspec') do | ||
its('names') { should include 'inspec-gcp-https-proxy' } | ||
its('descriptions') { should include 'A HTTPS target proxy' } | ||
end | ||
``` | ||
|
||
## Properties | ||
Properties that can be accessed from the `google_compute_target_https_proxies` resource: | ||
|
||
See [google_compute_target_https_proxy.md](google_compute_target_https_proxy.md) for more detailed information | ||
* `creation_timestamps`: an array of `google_compute_target_https_proxy` creation_timestamp | ||
* `descriptions`: an array of `google_compute_target_https_proxy` description | ||
* `ids`: an array of `google_compute_target_https_proxy` id | ||
* `names`: an array of `google_compute_target_https_proxy` name | ||
* `quic_overrides`: an array of `google_compute_target_https_proxy` quic_override | ||
* `ssl_certificates`: an array of `google_compute_target_https_proxy` ssl_certificates | ||
* `ssl_policies`: an array of `google_compute_target_https_proxy` ssl_policy | ||
* `url_maps`: an array of `google_compute_target_https_proxy` url_map | ||
|
||
## Filter Criteria | ||
This resource supports all of the above properties as filter criteria, which can be used | ||
with `where` as a block or a method. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
--- | ||
title: About the google_compute_target_https_proxy resource | ||
platform: gcp | ||
--- | ||
|
||
## Syntax | ||
A `google_compute_target_https_proxy` is used to test a Google TargetHttpsProxy resource | ||
|
||
## Examples | ||
``` | ||
describe google_compute_target_https_proxy(project: 'chef-gcp-inspec', name: 'inspec-gcp-https-proxy') do | ||
it { should exist } | ||
its('url_map') { should match /\/inspec-gcp-url-map$/ } | ||
its('description') { should eq 'A HTTPS target proxy' } | ||
end | ||
describe google_compute_target_https_proxy(project: 'chef-gcp-inspec', name: 'nonexistent') do | ||
it { should_not exist } | ||
end | ||
``` | ||
|
||
## Properties | ||
Properties that can be accessed from the `google_compute_target_https_proxy` resource: | ||
|
||
* `creation_timestamp`: Creation timestamp in RFC3339 text format. | ||
|
||
* `description`: An optional description of this resource. | ||
|
||
* `id`: The unique identifier for the resource. | ||
|
||
* `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. | ||
|
||
* `quic_override`: Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, uses the QUIC policy with no user overrides, which is equivalent to DISABLE. Not specifying this field is equivalent to specifying NONE. | ||
|
||
* `ssl_certificates`: A list of SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified. | ||
|
||
* `ssl_policy`: A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured. | ||
|
||
* `url_map`: A reference to the UrlMap resource that defines the mapping from URL to the BackendService. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
# frozen_string_literal: false | ||
|
||
# ---------------------------------------------------------------------------- | ||
# | ||
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** | ||
# | ||
# ---------------------------------------------------------------------------- | ||
# | ||
# This file is automatically generated by Magic Modules and manual | ||
# changes will be clobbered when the file is regenerated. | ||
# | ||
# Please read more about how to change this file in README.md and | ||
# CONTRIBUTING.md located at the root of this package. | ||
# | ||
# ---------------------------------------------------------------------------- | ||
require 'gcp_backend' | ||
|
||
# A provider to manage Google Compute Engine resources. | ||
class SslCertificate < GcpResourceBase | ||
name 'google_compute_ssl_certificate' | ||
desc 'SslCertificate' | ||
supports platform: 'gcp' | ||
|
||
attr_reader :certificate | ||
attr_reader :creation_timestamp | ||
attr_reader :description | ||
attr_reader :id | ||
attr_reader :name | ||
attr_reader :private_key | ||
def base | ||
'https://www.googleapis.com/compute/v1/' | ||
end | ||
|
||
def url | ||
'projects/{{project}}/global/sslCertificates/{{name}}' | ||
end | ||
|
||
def initialize(params) | ||
super(params.merge({ use_http_transport: true })) | ||
@fetched = @connection.fetch(base, url, params) | ||
parse unless @fetched.nil? | ||
end | ||
|
||
def parse | ||
@certificate = @fetched['certificate'] | ||
@creation_timestamp = parse_time_string(@fetched['creationTimestamp']) | ||
@description = @fetched['description'] | ||
@id = @fetched['id'] | ||
@name = @fetched['name'] | ||
@private_key = @fetched['privateKey'] | ||
end | ||
|
||
# Handles parsing RFC3339 time string | ||
def parse_time_string(time_string) | ||
time_string ? Time.parse(time_string) : nil | ||
end | ||
|
||
def exists? | ||
!@fetched.nil? | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
# frozen_string_literal: false | ||
|
||
# ---------------------------------------------------------------------------- | ||
# | ||
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** | ||
# | ||
# ---------------------------------------------------------------------------- | ||
# | ||
# This file is automatically generated by Magic Modules and manual | ||
# changes will be clobbered when the file is regenerated. | ||
# | ||
# Please read more about how to change this file in README.md and | ||
# CONTRIBUTING.md located at the root of this package. | ||
# | ||
# ---------------------------------------------------------------------------- | ||
require 'gcp_backend' | ||
class SslCertificates < GcpResourceBase | ||
name 'google_compute_ssl_certificates' | ||
desc 'SslCertificate plural resource' | ||
supports platform: 'gcp' | ||
|
||
attr_reader :table | ||
|
||
filter_table_config = FilterTable.create | ||
|
||
filter_table_config.add(:certificates, field: :certificate) | ||
filter_table_config.add(:creation_timestamps, field: :creation_timestamp) | ||
filter_table_config.add(:descriptions, field: :description) | ||
filter_table_config.add(:ids, field: :id) | ||
filter_table_config.add(:names, field: :name) | ||
filter_table_config.add(:private_keys, field: :private_key) | ||
|
||
filter_table_config.connect(self, :table) | ||
|
||
def base | ||
'https://www.googleapis.com/compute/v1/' | ||
end | ||
|
||
def url | ||
'projects/{{project}}/global/sslCertificates' | ||
end | ||
|
||
def initialize(params = {}) | ||
super(params.merge({ use_http_transport: true })) | ||
@params = params | ||
@table = fetch_wrapped_resource('items') | ||
end | ||
|
||
def fetch_wrapped_resource(wrap_path) | ||
# fetch_resource returns an array of responses (to handle pagination) | ||
result = @connection.fetch_all(base, url, @params) | ||
return if result.nil? | ||
|
||
# Conversion of string -> object hash to symbol -> object hash that InSpec needs | ||
converted = [] | ||
result.each do |response| | ||
next if response.nil? || !response.key?(wrap_path) | ||
response[wrap_path].each do |hash| | ||
hash_with_symbols = {} | ||
hash.each_key do |key| | ||
name, value = transform(key, hash) | ||
hash_with_symbols[name] = value | ||
end | ||
converted.push(hash_with_symbols) | ||
end | ||
end | ||
|
||
converted | ||
end | ||
|
||
def transform(key, value) | ||
return transformers[key].call(value) if transformers.key?(key) | ||
|
||
[key.to_sym, value] | ||
end | ||
|
||
def transformers | ||
{ | ||
'certificate' => ->(obj) { return :certificate, obj['certificate'] }, | ||
'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, | ||
'description' => ->(obj) { return :description, obj['description'] }, | ||
'id' => ->(obj) { return :id, obj['id'] }, | ||
'name' => ->(obj) { return :name, obj['name'] }, | ||
'privateKey' => ->(obj) { return :private_key, obj['privateKey'] }, | ||
} | ||
end | ||
|
||
# Handles parsing RFC3339 time string | ||
def parse_time_string(time_string) | ||
time_string ? Time.parse(time_string) : nil | ||
end | ||
end |
Oops, something went wrong.