From ed63fb18656001b1dfd20b2871827bfebf7b3329 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Wed, 6 Feb 2019 21:51:48 +0000 Subject: [PATCH] InSpec add support for BigQuery Dataset Signed-off-by: Modular Magician --- docs/resources/google_bigquery_dataset.md | 82 +++++++++++++++++ docs/resources/google_bigquery_datasets.md | 30 +++++++ .../bigquery/property/dataset_access.rb | 53 +++++++++++ .../property/dataset_dataset_reference.rb | 32 +++++++ .../google/bigquery/property/dataset_view.rb | 35 ++++++++ libraries/google_bigquery_dataset.rb | 73 +++++++++++++++ libraries/google_bigquery_datasets.rb | 90 +++++++++++++++++++ test/integration/build/gcp-mm.tf | 23 +++++ .../configuration/mm-attributes.yml | 13 ++- .../controls/google_bigquery_dataset.rb | 63 +++++++++++++ .../controls/google_bigquery_datasets.rb | 38 ++++++++ .../google_compute_ssl_certificate.rb | 2 +- .../google_compute_ssl_certificates.rb | 2 +- 13 files changed, 533 insertions(+), 3 deletions(-) create mode 100644 docs/resources/google_bigquery_dataset.md create mode 100644 docs/resources/google_bigquery_datasets.md create mode 100644 libraries/google/bigquery/property/dataset_access.rb create mode 100644 libraries/google/bigquery/property/dataset_dataset_reference.rb create mode 100644 libraries/google/bigquery/property/dataset_view.rb create mode 100644 libraries/google_bigquery_dataset.rb create mode 100644 libraries/google_bigquery_datasets.rb create mode 100644 test/integration/verify/controls/google_bigquery_dataset.rb create mode 100644 test/integration/verify/controls/google_bigquery_datasets.rb diff --git a/docs/resources/google_bigquery_dataset.md b/docs/resources/google_bigquery_dataset.md new file mode 100644 index 000000000..2da3080a9 --- /dev/null +++ b/docs/resources/google_bigquery_dataset.md @@ -0,0 +1,82 @@ +--- +title: About the google_bigquery_dataset resource +platform: gcp +--- + +## Syntax +A `google_bigquery_dataset` is used to test a Google Dataset resource + +## Examples +``` +describe google_bigquery_dataset(project: 'chef-gcp-inspec', name: 'inspec_gcp_dataset') do + it { should exist } + + its('friendly_name') { should eq 'A BigQuery dataset test' } + its('location') { should eq 'EU' } + its('description') { should eq 'Test BigQuery dataset description' } + its('default_table_expiration_ms') { should cmp '3600000' } +end + +describe.one do + google_bigquery_dataset(project: 'chef-gcp-inspec', name: 'inspec_gcp_dataset').access.each do |dataset_access| + describe dataset_access do + its('role') { should eq 'READER' } + its('domain') { should eq 'example.com' } + end + end +end + +describe.one do + google_bigquery_dataset(project: 'chef-gcp-inspec', name: 'inspec_gcp_dataset').access.each do |dataset_access| + describe dataset_access do + its('role') { should eq 'WRITER' } + its('special_group') { should eq 'projectWriters' } + end + end +end + +describe google_bigquery_dataset(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_bigquery_dataset` resource: + + * `name`: Dataset name + + * `access`: Access controls on the bucket. + + * `domain`: A domain to grant access to. Any users signed in with the domain specified will be granted the specified access + + * `groupByEmail`: An email address of a Google Group to grant access to + + * `role`: Describes the rights granted to the user specified by the other member of the access object + + * `specialGroup`: A special group to grant access to. + + * `userByEmail`: An email address of a user to grant access to. For example: fred@example.com + + * `view`: A view from a different dataset to grant access to. Queries executed against that view will have read access to tables in this dataset. The role field is not required when this field is set. If that view is updated by any user, access to the view needs to be granted again via an update operation. + + * `creation_time`: The time when this dataset was created, in milliseconds since the epoch. + + * `dataset_reference`: A reference that identifies the dataset. + + * `datasetId`: A unique ID for this dataset, without the project name. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. + + * `projectId`: The ID of the project containing this dataset. + + * `default_table_expiration_ms`: The default lifetime of all tables in the dataset, in milliseconds + + * `description`: A user-friendly description of the dataset + + * `friendly_name`: A descriptive name for the dataset + + * `id`: The fully-qualified unique name of the dataset in the format projectId:datasetId. The dataset name without the project name is given in the datasetId field + + * `labels`: The labels associated with this dataset. You can use these to organize and group your datasets + + * `last_modified_time`: The date when this dataset or any of its tables was last modified, in milliseconds since the epoch. + + * `location`: The geographic location where the dataset should reside. Possible values include EU and US. The default value is US. diff --git a/docs/resources/google_bigquery_datasets.md b/docs/resources/google_bigquery_datasets.md new file mode 100644 index 000000000..f8412c64c --- /dev/null +++ b/docs/resources/google_bigquery_datasets.md @@ -0,0 +1,30 @@ +--- +title: About the google_bigquery_datasets resource +platform: gcp +--- + +## Syntax +A `google_bigquery_datasets` is used to test a Google Dataset resource + +## Examples +``` +describe google_bigquery_datasets(project: 'chef-gcp-inspec') do + its('count') { should be >= 1 } + its('friendly_names') { should include 'A BigQuery dataset test' } + its('locations') { should include 'EU' } +end +``` + +## Properties +Properties that can be accessed from the `google_bigquery_datasets` resource: + +See [google_bigquery_dataset.md](google_bigquery_dataset.md) for more detailed information + * `dataset_references`: an array of `google_bigquery_dataset` dataset_reference + * `friendly_names`: an array of `google_bigquery_dataset` friendly_name + * `ids`: an array of `google_bigquery_dataset` id + * `labels`: an array of `google_bigquery_dataset` labels + * `locations`: an array of `google_bigquery_dataset` location + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google/bigquery/property/dataset_access.rb b/libraries/google/bigquery/property/dataset_access.rb new file mode 100644 index 000000000..9fae4cea2 --- /dev/null +++ b/libraries/google/bigquery/property/dataset_access.rb @@ -0,0 +1,53 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/bigquery/property/dataset_view' +module GoogleInSpec + module BigQuery + module Property + class DatasetAccess + attr_reader :domain + + attr_reader :group_by_email + + attr_reader :role + + attr_reader :special_group + + attr_reader :user_by_email + + attr_reader :view + + def initialize(args = nil) + return if args.nil? + @domain = args['domain'] + @group_by_email = args['groupByEmail'] + @role = args['role'] + @special_group = args['specialGroup'] + @user_by_email = args['userByEmail'] + @view = GoogleInSpec::BigQuery::Property::DatasetView.new(args['view']) + end + end + + class DatasetAccessArray + def self.parse(value) + return if value.nil? + return DatasetAccess.new(value) unless value.is_a?(::Array) + value.map { |v| DatasetAccess.new(v) } + end + end + end + end +end diff --git a/libraries/google/bigquery/property/dataset_dataset_reference.rb b/libraries/google/bigquery/property/dataset_dataset_reference.rb new file mode 100644 index 000000000..de38bcafe --- /dev/null +++ b/libraries/google/bigquery/property/dataset_dataset_reference.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class DatasetDatasetreference + attr_reader :dataset_id + + attr_reader :project_id + + def initialize(args = nil) + return if args.nil? + @dataset_id = args['datasetId'] + @project_id = args['projectId'] + end + end + end + end +end diff --git a/libraries/google/bigquery/property/dataset_view.rb b/libraries/google/bigquery/property/dataset_view.rb new file mode 100644 index 000000000..96d6023d1 --- /dev/null +++ b/libraries/google/bigquery/property/dataset_view.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module BigQuery + module Property + class DatasetView + attr_reader :dataset_id + + attr_reader :project_id + + attr_reader :table_id + + def initialize(args = nil) + return if args.nil? + @dataset_id = args['datasetId'] + @project_id = args['projectId'] + @table_id = args['tableId'] + end + end + end + end +end diff --git a/libraries/google_bigquery_dataset.rb b/libraries/google_bigquery_dataset.rb new file mode 100644 index 000000000..57790a12f --- /dev/null +++ b/libraries/google_bigquery_dataset.rb @@ -0,0 +1,73 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +require 'google/bigquery/property/dataset_access' +require 'google/bigquery/property/dataset_dataset_reference' + +# A provider to manage Google Cloud BigQuery resources. +class Dataset < GcpResourceBase + name 'google_bigquery_dataset' + desc 'Dataset' + supports platform: 'gcp' + + attr_reader :name + attr_reader :access + attr_reader :creation_time + attr_reader :dataset_reference + attr_reader :default_table_expiration_ms + attr_reader :description + attr_reader :friendly_name + attr_reader :id + attr_reader :labels + attr_reader :last_modified_time + attr_reader :location + def base + 'https://www.googleapis.com/bigquery/v2/' + end + + def url + 'projects/{{project}}/datasets/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @name = @fetched['name'] + @access = GoogleInSpec::BigQuery::Property::DatasetAccessArray.parse(@fetched['access']) + @creation_time = @fetched['creationTime'] + @dataset_reference = GoogleInSpec::BigQuery::Property::DatasetDatasetreference.new(@fetched['datasetReference']) + @default_table_expiration_ms = @fetched['defaultTableExpirationMs'] + @description = @fetched['description'] + @friendly_name = @fetched['friendlyName'] + @id = @fetched['id'] + @labels = @fetched['labels'] + @last_modified_time = @fetched['lastModifiedTime'] + @location = @fetched['location'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_bigquery_datasets.rb b/libraries/google_bigquery_datasets.rb new file mode 100644 index 000000000..100350300 --- /dev/null +++ b/libraries/google_bigquery_datasets.rb @@ -0,0 +1,90 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class Datasets < GcpResourceBase + name 'google_bigquery_datasets' + desc 'Dataset plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:dataset_references, field: :dataset_reference) + filter_table_config.add(:friendly_names, field: :friendly_name) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:labels, field: :labels) + filter_table_config.add(:locations, field: :location) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/bigquery/v2/' + end + + def url + 'projects/{{project}}/datasets' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('datasets') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'datasetReference' => ->(obj) { return :dataset_reference, GoogleInSpec::BigQuery::Property::DatasetDatasetreference.new(obj['datasetReference']) }, + 'friendlyName' => ->(obj) { return :friendly_name, obj['friendlyName'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'labels' => ->(obj) { return :labels, obj['labels'] }, + 'location' => ->(obj) { return :location, obj['location'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index 23f803e70..17296b5c8 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -98,6 +98,10 @@ variable "ssl_certificate" { type = "map" } +variable "dataset" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -393,4 +397,23 @@ resource "google_compute_target_https_proxy" "gcp-inspec-https-proxy" { url_map = "${google_compute_url_map.gcp-inspec-url-map.self_link}" description = "${var.https_proxy["description"]}" ssl_certificates = ["${google_compute_ssl_certificate.gcp-inspec-ssl-certificate.self_link}"] +} + +resource "google_bigquery_dataset" "gcp-inspec-dataset" { + project = "${var.gcp_project_id}" + dataset_id = "${var.dataset["dataset_id"]}" + friendly_name = "${var.dataset["friendly_name"]}" + description = "${var.dataset["description"]}" + location = "${var.dataset["location"]}" + default_table_expiration_ms = "${var.dataset["default_table_expiration_ms"]}" + + access { + role = "${var.dataset["access_reader_role"]}" + domain = "${var.dataset["access_reader_domain"]}" + } + + access { + role = "${var.dataset["access_writer_role"]}" + special_group = "${var.dataset["access_writer_special_group"]}" + } } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index eb2437a4a..434d4130c 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -168,4 +168,15 @@ ssl_certificate: MHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49 AwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f OGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ== - -----END EC PRIVATE KEY----- \ No newline at end of file + -----END EC PRIVATE KEY----- + +dataset: + dataset_id: inspec_gcp_dataset + friendly_name: A BigQuery dataset test + description: Test BigQuery dataset description + location: EU + default_table_expiration_ms: 3600000 + access_reader_role: READER + access_reader_domain: example.com + access_writer_role: WRITER + access_writer_special_group: projectWriters \ No newline at end of file diff --git a/test/integration/verify/controls/google_bigquery_dataset.rb b/test/integration/verify/controls/google_bigquery_dataset.rb new file mode 100644 index 000000000..be8e94694 --- /dev/null +++ b/test/integration/verify/controls/google_bigquery_dataset.rb @@ -0,0 +1,63 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_bigquery_dataset resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +dataset = attribute('dataset', default: { + "dataset_id": "inspec_gcp_dataset", + "friendly_name": "A BigQuery dataset test", + "description": "Test BigQuery dataset description", + "location": "EU", + "default_table_expiration_ms": 3600000, + "access_reader_role": "READER", + "access_reader_domain": "example.com", + "access_writer_role": "WRITER", + "access_writer_special_group": "projectWriters" +}, description: 'BigQuery dataset definition') +control 'google_bigquery_dataset-1.0' do + impact 1.0 + title 'google_bigquery_dataset resource test' + + describe google_bigquery_dataset(project: gcp_project_id, name: dataset['dataset_id']) do + it { should exist } + + its('friendly_name') { should eq dataset['friendly_name'] } + its('location') { should eq dataset['location'] } + its('description') { should eq dataset['description'] } + its('default_table_expiration_ms') { should cmp dataset['default_table_expiration_ms'] } + end + + describe.one do + google_bigquery_dataset(project: gcp_project_id, name: dataset['dataset_id']).access.each do |dataset_access| + describe dataset_access do + its('role') { should eq dataset['access_reader_role'] } + its('domain') { should eq dataset['access_reader_domain'] } + end + end + end + + describe.one do + google_bigquery_dataset(project: gcp_project_id, name: dataset['dataset_id']).access.each do |dataset_access| + describe dataset_access do + its('role') { should eq dataset['access_writer_role'] } + its('special_group') { should eq dataset['access_writer_special_group'] } + end + end + end + + describe google_bigquery_dataset(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_bigquery_datasets.rb b/test/integration/verify/controls/google_bigquery_datasets.rb new file mode 100644 index 000000000..a7517de60 --- /dev/null +++ b/test/integration/verify/controls/google_bigquery_datasets.rb @@ -0,0 +1,38 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_bigquery_datasets resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +dataset = attribute('dataset', default: { + "dataset_id": "inspec_gcp_dataset", + "friendly_name": "A BigQuery dataset test", + "description": "Test BigQuery dataset description", + "location": "EU", + "default_table_expiration_ms": 3600000, + "access_reader_role": "READER", + "access_reader_domain": "example.com", + "access_writer_role": "WRITER", + "access_writer_special_group": "projectWriters" +}, description: 'BigQuery dataset definition') +control 'google_bigquery_datasets-1.0' do + impact 1.0 + title 'google_bigquery_datasets resource test' + + describe google_bigquery_datasets(project: gcp_project_id) do + its('count') { should be >= 1 } + its('friendly_names') { should include dataset['friendly_name'] } + its('locations') { should include dataset['location'] } + end +end diff --git a/test/integration/verify/controls/google_compute_ssl_certificate.rb b/test/integration/verify/controls/google_compute_ssl_certificate.rb index f9c8b544b..dfb45f5d7 100644 --- a/test/integration/verify/controls/google_compute_ssl_certificate.rb +++ b/test/integration/verify/controls/google_compute_ssl_certificate.rb @@ -19,7 +19,7 @@ "name": "inspec-gcp-ssl-certificate", "description": "A fake ssl certificate (DO NOT USE)", "certificate": "-----BEGIN CERTIFICATE-----\nMIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG\nEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT\nBgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm\nb3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN\nAQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2\nMDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP\nBgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM\nFUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z\naXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH\nKoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ\n4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O\nBBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn\n0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O\nM3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ\nzqGNhIPGq2ULqXKK8BY=\n-----END CERTIFICATE-----\n", - "private_key": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49\nAwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f\nOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ==\n-----END EC PRIVATE KEY-----" + "private_key": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49\nAwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f\nOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ==\n-----END EC PRIVATE KEY-----\n" }, description: 'A GCP SSL certificate definition') control 'google_compute_ssl_certificate-1.0' do impact 1.0 diff --git a/test/integration/verify/controls/google_compute_ssl_certificates.rb b/test/integration/verify/controls/google_compute_ssl_certificates.rb index 10ec90b24..2ef9bac7f 100644 --- a/test/integration/verify/controls/google_compute_ssl_certificates.rb +++ b/test/integration/verify/controls/google_compute_ssl_certificates.rb @@ -19,7 +19,7 @@ "name": "inspec-gcp-ssl-certificate", "description": "A fake ssl certificate (DO NOT USE)", "certificate": "-----BEGIN CERTIFICATE-----\nMIICqjCCAk+gAwIBAgIJAIuJ+0352Kq4MAoGCCqGSM49BAMCMIGwMQswCQYDVQQG\nEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjERMA8GA1UEBwwIS2lya2xhbmQxFTAT\nBgNVBAoMDEdvb2dsZSwgSW5jLjEeMBwGA1UECwwVR29vZ2xlIENsb3VkIFBsYXRm\nb3JtMR8wHQYDVQQDDBZ3d3cubXktc2VjdXJlLXNpdGUuY29tMSEwHwYJKoZIhvcN\nAQkBFhJuZWxzb25hQGdvb2dsZS5jb20wHhcNMTcwNjI4MDQ1NjI2WhcNMjcwNjI2\nMDQ1NjI2WjCBsDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xETAP\nBgNVBAcMCEtpcmtsYW5kMRUwEwYDVQQKDAxHb29nbGUsIEluYy4xHjAcBgNVBAsM\nFUdvb2dsZSBDbG91ZCBQbGF0Zm9ybTEfMB0GA1UEAwwWd3d3Lm15LXNlY3VyZS1z\naXRlLmNvbTEhMB8GCSqGSIb3DQEJARYSbmVsc29uYUBnb29nbGUuY29tMFkwEwYH\nKoZIzj0CAQYIKoZIzj0DAQcDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ\n4mzkzTv0dXyB750fOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwaNQME4wHQYDVR0O\nBBYEFKIQC3A2SDpxcdfn0YLKineDNq/BMB8GA1UdIwQYMBaAFKIQC3A2SDpxcdfn\n0YLKineDNq/BMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhALs4vy+O\nM3jcqgA4fSW/oKw6UJxp+M6a+nGMX+UJR3YgAiEAvvl39QRVAiv84hdoCuyON0lJ\nzqGNhIPGq2ULqXKK8BY=\n-----END CERTIFICATE-----\n", - "private_key": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49\nAwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f\nOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ==\n-----END EC PRIVATE KEY-----" + "private_key": "-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIObtRo8tkUqoMjeHhsOh2ouPpXCgBcP+EDxZCB/tws15oAoGCCqGSM49\nAwEHoUQDQgAEHGzpcRJ4XzfBJCCPMQeXQpTXwlblimODQCuQ4mzkzTv0dXyB750f\nOGN02HtkpBOZzzvUARTR10JQoSe2/5PIwQ==\n-----END EC PRIVATE KEY-----\n" }, description: 'A GCP SSL certificate definition') control 'google_compute_ssl_certificates-1.0' do impact 1.0