From c501e6eafd9ca7f03fb2d5b0d490de6f1e28b3da Mon Sep 17 00:00:00 2001 From: emily Date: Thu, 28 Mar 2019 18:03:04 +0000 Subject: [PATCH] Add backend bucket signed URL key (for CDN) support Signed-off-by: Modular Magician --- .../google_compute_backend_bucket.md | 4 +++ .../google_compute_backend_buckets.md | 1 + .../google_compute_backend_service.md | 2 ++ .../property/backendbucket_cdn_policy.rb | 34 +++++++++++++++++++ .../property/backendservice_cdn_policy.rb | 3 ++ libraries/google_compute_backend_bucket.rb | 3 ++ libraries/google_compute_backend_buckets.rb | 2 ++ .../google_cloudfunctions_cloud_function.rb | 6 ++-- .../google_cloudfunctions_cloud_functions.rb | 4 +-- 9 files changed, 54 insertions(+), 5 deletions(-) create mode 100644 libraries/google/compute/property/backendbucket_cdn_policy.rb diff --git a/docs/resources/google_compute_backend_bucket.md b/docs/resources/google_compute_backend_bucket.md index 8fa5e33d0..40ec5cfda 100644 --- a/docs/resources/google_compute_backend_bucket.md +++ b/docs/resources/google_compute_backend_bucket.md @@ -25,6 +25,10 @@ Properties that can be accessed from the `google_compute_backend_bucket` resourc * `bucket_name`: Cloud Storage bucket name. + * `cdn_policy`: Cloud CDN configuration for this Backend Bucket. + + * `signedUrlCacheMaxAgeSec`: Maximum number of seconds the response to a signed URL request will be considered fresh. Defaults to 1hr (3600s). After this time period, the response will be revalidated before being served. When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a "Cache-Control: public, max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered. + * `creation_timestamp`: Creation timestamp in RFC3339 text format. * `description`: An optional textual description of the resource; provided by the client when the resource is created. diff --git a/docs/resources/google_compute_backend_buckets.md b/docs/resources/google_compute_backend_buckets.md index b6d03b15a..7b78ecc8b 100644 --- a/docs/resources/google_compute_backend_buckets.md +++ b/docs/resources/google_compute_backend_buckets.md @@ -19,6 +19,7 @@ Properties that can be accessed from the `google_compute_backend_buckets` resour See [google_compute_backend_bucket.md](google_compute_backend_bucket.md) for more detailed information * `bucket_names`: an array of `google_compute_backend_bucket` bucket_name + * `cdn_policies`: an array of `google_compute_backend_bucket` cdn_policy * `creation_timestamps`: an array of `google_compute_backend_bucket` creation_timestamp * `descriptions`: an array of `google_compute_backend_bucket` description * `enable_cdns`: an array of `google_compute_backend_bucket` enable_cdn diff --git a/docs/resources/google_compute_backend_service.md b/docs/resources/google_compute_backend_service.md index 46218ce0c..68aea298f 100644 --- a/docs/resources/google_compute_backend_service.md +++ b/docs/resources/google_compute_backend_service.md @@ -51,6 +51,8 @@ Properties that can be accessed from the `google_compute_backend_service` resour * `cache_key_policy`: The CacheKeyPolicy for this CdnPolicy. + * `signedUrlCacheMaxAgeSec`: Maximum number of seconds the response to a signed URL request will be considered fresh, defaults to 1hr (3600s). After this time period, the response will be revalidated before being served. When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a "Cache-Control: public, max-age=[TTL]" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered. + * `connection_draining`: Settings for connection draining * `draining_timeout_sec`: Time for which instance will be drained (not accept new connections, but still work to finish started). diff --git a/libraries/google/compute/property/backendbucket_cdn_policy.rb b/libraries/google/compute/property/backendbucket_cdn_policy.rb new file mode 100644 index 000000000..7eaaa46d0 --- /dev/null +++ b/libraries/google/compute/property/backendbucket_cdn_policy.rb @@ -0,0 +1,34 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class BackendBucketCdnPolicy + attr_reader :signed_url_cache_max_age_sec + + def initialize(args = nil, parent_identifier = nil) + return if args.nil? + @parent_identifier = parent_identifier + @signed_url_cache_max_age_sec = args['signedUrlCacheMaxAgeSec'] + end + + def to_s + "#{@parent_identifier} BackendBucketCdnPolicy" + end + end + end + end +end diff --git a/libraries/google/compute/property/backendservice_cdn_policy.rb b/libraries/google/compute/property/backendservice_cdn_policy.rb index f34c5962d..04d2a1688 100644 --- a/libraries/google/compute/property/backendservice_cdn_policy.rb +++ b/libraries/google/compute/property/backendservice_cdn_policy.rb @@ -20,10 +20,13 @@ module Property class BackendServiceCdnPolicy attr_reader :cache_key_policy + attr_reader :signed_url_cache_max_age_sec + def initialize(args = nil, parent_identifier = nil) return if args.nil? @parent_identifier = parent_identifier @cache_key_policy = GoogleInSpec::Compute::Property::BackendServiceCdnPolicyCacheKeyPolicy.new(args['cacheKeyPolicy'], to_s) + @signed_url_cache_max_age_sec = args['signedUrlCacheMaxAgeSec'] end def to_s diff --git a/libraries/google_compute_backend_bucket.rb b/libraries/google_compute_backend_bucket.rb index dd23d4b4c..8e58bbc40 100644 --- a/libraries/google_compute_backend_bucket.rb +++ b/libraries/google_compute_backend_bucket.rb @@ -14,6 +14,7 @@ # # ---------------------------------------------------------------------------- require 'gcp_backend' +require 'google/compute/property/backendbucket_cdn_policy' # A provider to manage Compute Engine resources. class BackendBucket < GcpResourceBase @@ -23,6 +24,7 @@ class BackendBucket < GcpResourceBase attr_reader :params attr_reader :bucket_name + attr_reader :cdn_policy attr_reader :creation_timestamp attr_reader :description attr_reader :enable_cdn @@ -38,6 +40,7 @@ def initialize(params) def parse @bucket_name = @fetched['bucketName'] + @cdn_policy = GoogleInSpec::Compute::Property::BackendBucketCdnPolicy.new(@fetched['cdnPolicy'], to_s) @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) @description = @fetched['description'] @enable_cdn = @fetched['enableCdn'] diff --git a/libraries/google_compute_backend_buckets.rb b/libraries/google_compute_backend_buckets.rb index d87e7468c..5fa1d5c25 100644 --- a/libraries/google_compute_backend_buckets.rb +++ b/libraries/google_compute_backend_buckets.rb @@ -24,6 +24,7 @@ class BackendBuckets < GcpResourceBase filter_table_config = FilterTable.create filter_table_config.add(:bucket_names, field: :bucket_name) + filter_table_config.add(:cdn_policies, field: :cdn_policy) filter_table_config.add(:creation_timestamps, field: :creation_timestamp) filter_table_config.add(:descriptions, field: :description) filter_table_config.add(:enable_cdns, field: :enable_cdn) @@ -69,6 +70,7 @@ def transform(key, value) def transformers { 'bucketName' => ->(obj) { return :bucket_name, obj['bucketName'] }, + 'cdnPolicy' => ->(obj) { return :cdn_policy, GoogleInSpec::Compute::Property::BackendBucketCdnPolicy.new(obj['cdnPolicy'], to_s) }, 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, 'description' => ->(obj) { return :description, obj['description'] }, 'enableCdn' => ->(obj) { return :enable_cdn, obj['enableCdn'] }, diff --git a/test/integration/verify/controls/google_cloudfunctions_cloud_function.rb b/test/integration/verify/controls/google_cloudfunctions_cloud_function.rb index 182e829ed..d14d7864d 100644 --- a/test/integration/verify/controls/google_cloudfunctions_cloud_function.rb +++ b/test/integration/verify/controls/google_cloudfunctions_cloud_function.rb @@ -15,9 +15,9 @@ title 'Test GCP google_cloudfunctions_cloud_function resource.' gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') -gcp_cloud_function_region = attribute(:gcp_cloud_function_region, default: 'gcp_cloud_function_region', description: 'The Cloud Function region.') cloudfunction = attribute('cloudfunction', default: { "name": "inspec-gcp-function", + "location": "europe-west1", "description": "A description of the function", "available_memory_mb": 128, "trigger_http": true, @@ -29,7 +29,7 @@ impact 1.0 title 'google_cloudfunctions_cloud_function resource test' - describe google_cloudfunctions_cloud_function(project: gcp_project_id, location: gcp_cloud_function_region, name: cloudfunction['name']) do + describe google_cloudfunctions_cloud_function(project: gcp_project_id, location: cloudfunction['location'], name: cloudfunction['name']) do it { should exist } its('description') { should eq cloudfunction['description'] } its('available_memory_mb') { should eq cloudfunction['available_memory_mb'] } @@ -38,7 +38,7 @@ its('environment_variables') { should include('MY_ENV_VAR' => cloudfunction['env_var_value']) } end - describe google_cloudfunctions_cloud_function(project: gcp_project_id, location: gcp_cloud_function_region, name: 'nonexistent') do + describe google_cloudfunctions_cloud_function(project: gcp_project_id, location: cloudfunction['location'], name: 'nonexistent') do it { should_not exist } end end diff --git a/test/integration/verify/controls/google_cloudfunctions_cloud_functions.rb b/test/integration/verify/controls/google_cloudfunctions_cloud_functions.rb index 41f937da8..25b810129 100644 --- a/test/integration/verify/controls/google_cloudfunctions_cloud_functions.rb +++ b/test/integration/verify/controls/google_cloudfunctions_cloud_functions.rb @@ -15,9 +15,9 @@ title 'Test GCP google_cloudfunctions_cloud_functions resource.' gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') -gcp_cloud_function_region = attribute(:gcp_cloud_function_region, default: 'gcp_cloud_function_region', description: 'The Cloud Function region.') cloudfunction = attribute('cloudfunction', default: { "name": "inspec-gcp-function", + "location": "europe-west1", "description": "A description of the function", "available_memory_mb": 128, "trigger_http": true, @@ -29,7 +29,7 @@ impact 1.0 title 'google_cloudfunctions_cloud_functions resource test' - describe google_cloudfunctions_cloud_functions(project: gcp_project_id, location: gcp_cloud_function_region) do + describe google_cloudfunctions_cloud_functions(project: gcp_project_id, location: cloudfunction['location']) do its('descriptions') { should include cloudfunction['description'] } its('entry_points') { should include cloudfunction['entry_point'] } end