From e4f5d3e2aaa0f83d12ff87fae28a0729a81fe900 Mon Sep 17 00:00:00 2001 From: Sam Levenick Date: Sat, 26 Jan 2019 01:14:42 +0000 Subject: [PATCH] Add compute instance template for InSpec Signed-off-by: Modular Magician --- .../google_compute_instance_template.md | 63 +++++++++++++ .../google_compute_instance_templates.md | 29 ++++++ .../instancetemplate_access_configs.rb | 43 +++++++++ .../instancetemplate_alias_ip_ranges.rb | 40 +++++++++ .../instancetemplate_disk_encryption_key.rb | 35 ++++++++ .../property/instancetemplate_disks.rb | 67 ++++++++++++++ .../instancetemplate_guest_accelerators.rb | 40 +++++++++ .../instancetemplate_initialize_params.rb | 42 +++++++++ .../instancetemplate_network_interfaces.rb | 54 +++++++++++ .../property/instancetemplate_properties.rb | 65 ++++++++++++++ .../property/instancetemplate_scheduling.rb | 35 ++++++++ .../instancetemplate_service_accounts.rb | 40 +++++++++ ...ncetemplate_source_image_encryption_key.rb | 32 +++++++ .../compute/property/instancetemplate_tags.rb | 32 +++++++ libraries/google_compute_instance_template.rb | 66 ++++++++++++++ .../google_compute_instance_templates.rb | 90 +++++++++++++++++++ test/integration/build/gcp-mm.tf | 36 ++++++++ .../configuration/mm-attributes.yml | 15 ++++ .../google_compute_instance_template.rb | 53 +++++++++++ .../google_compute_instance_templates.rb | 40 +++++++++ 20 files changed, 917 insertions(+) create mode 100644 docs/resources/google_compute_instance_template.md create mode 100644 docs/resources/google_compute_instance_templates.md create mode 100644 libraries/google/compute/property/instancetemplate_access_configs.rb create mode 100644 libraries/google/compute/property/instancetemplate_alias_ip_ranges.rb create mode 100644 libraries/google/compute/property/instancetemplate_disk_encryption_key.rb create mode 100644 libraries/google/compute/property/instancetemplate_disks.rb create mode 100644 libraries/google/compute/property/instancetemplate_guest_accelerators.rb create mode 100644 libraries/google/compute/property/instancetemplate_initialize_params.rb create mode 100644 libraries/google/compute/property/instancetemplate_network_interfaces.rb create mode 100644 libraries/google/compute/property/instancetemplate_properties.rb create mode 100644 libraries/google/compute/property/instancetemplate_scheduling.rb create mode 100644 libraries/google/compute/property/instancetemplate_service_accounts.rb create mode 100644 libraries/google/compute/property/instancetemplate_source_image_encryption_key.rb create mode 100644 libraries/google/compute/property/instancetemplate_tags.rb create mode 100644 libraries/google_compute_instance_template.rb create mode 100644 libraries/google_compute_instance_templates.rb create mode 100644 test/integration/verify/controls/google_compute_instance_template.rb create mode 100644 test/integration/verify/controls/google_compute_instance_templates.rb diff --git a/docs/resources/google_compute_instance_template.md b/docs/resources/google_compute_instance_template.md new file mode 100644 index 000000000..be2c516ec --- /dev/null +++ b/docs/resources/google_compute_instance_template.md @@ -0,0 +1,63 @@ +--- +title: About the InstanceTemplate resource +platform: gcp +--- + + +## Syntax +A `google_compute_instance_template` is used to test a Google InstanceTemplate resource + +## Examples +``` +describe google_compute_instance_template(project: 'chef-gcp-inspec', name: 'inspec-gcp-instance-template') do + it { should exist } + its('description') { should eq 'A description of the instance template' } + its('properties.description') { should eq 'A description of the instance itself' } + its('properties.machine_type') { should eq 'n1-standard-1' } + its('properties.tags.items') { should include 'foo' } + its('properties.disks.count') { should eq 1 } + its('properties.disks.first.auto_delete') { should eq 'true' } + its('properties.disks.first.boot') { should eq 'true' } + its('properties.network_interfaces.count') { should eq 1 } + its('properties.service_accounts.count') { should eq 1 } +end + +describe google_compute_instance_template(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_instance_template` resource: + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `description`: An optional description of this resource. Provide this property when you create the resource. + + * `id`: The unique identifier for the resource. This identifier is defined by the server. + + * `name`: Name of the resource. The name is 1-63 characters long and complies with RFC1035. + + * `properties`: The instance properties for this instance template. + + * `canIpForward`: Enables instances created based on this template to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. + + * `description`: An optional text description for the instances that are created from this instance template. + + * `disks`: An array of disks that are associated with the instances that are created from this template. + + * `machineType`: The machine type to use in the VM instance template. + + * `minCpuPlatform`: Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms + + * `metadata`: The metadata key/value pairs to assign to instances that are created from this template. These pairs can consist of custom metadata or predefined keys. + + * `guestAccelerators`: List of the type and count of accelerator cards attached to the instance + + * `networkInterfaces`: An array of configurations for this interface. This specifies how this interface is configured to interact with other network services, such as connecting to the internet. Only one network interface is supported per instance. + + * `scheduling`: Sets the scheduling options for this instance. + + * `serviceAccounts`: A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported. + + * `tags`: A list of tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. diff --git a/docs/resources/google_compute_instance_templates.md b/docs/resources/google_compute_instance_templates.md new file mode 100644 index 000000000..abc173421 --- /dev/null +++ b/docs/resources/google_compute_instance_templates.md @@ -0,0 +1,29 @@ +--- +title: About the InstanceTemplate resource +platform: gcp +--- + + +## Syntax +A `google_compute_instance_templates` is used to test a Google InstanceTemplate resource + +## Examples +``` +describe google_compute_instance_templates(project: 'chef-gcp-inspec') do + its('names') { should include 'inspec-gcp-instance-template' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_instance_templates` resource: + +See [google_compute_instance_template.md](google_compute_instance_template.md) for more detailed information + * `creation_timestamps`: an array of `google_compute_instance_template` creation_timestamp + * `descriptions`: an array of `google_compute_instance_template` description + * `ids`: an array of `google_compute_instance_template` id + * `names`: an array of `google_compute_instance_template` name + * `properties`: an array of `google_compute_instance_template` properties + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google/compute/property/instancetemplate_access_configs.rb b/libraries/google/compute/property/instancetemplate_access_configs.rb new file mode 100644 index 000000000..f5a0a904c --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_access_configs.rb @@ -0,0 +1,43 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateAccessconfigs + attr_reader :name + + attr_reader :nat_ip + + attr_reader :type + + def initialize(args = nil) + return if args.nil? + @name = args['name'] + @nat_ip = args['natIP'] + @type = args['type'] + end + end + + class InstanceTemplateAccessconfigsArray + def self.parse(value) + return if value.nil? + return InstanceTemplateAccessconfigs.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplateAccessconfigs.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_alias_ip_ranges.rb b/libraries/google/compute/property/instancetemplate_alias_ip_ranges.rb new file mode 100644 index 000000000..3f4f0d3c9 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_alias_ip_ranges.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateAliasipranges + attr_reader :ip_cidr_range + + attr_reader :subnetwork_range_name + + def initialize(args = nil) + return if args.nil? + @ip_cidr_range = args['ipCidrRange'] + @subnetwork_range_name = args['subnetworkRangeName'] + end + end + + class InstanceTemplateAliasiprangesArray + def self.parse(value) + return if value.nil? + return InstanceTemplateAliasipranges.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplateAliasipranges.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_disk_encryption_key.rb b/libraries/google/compute/property/instancetemplate_disk_encryption_key.rb new file mode 100644 index 000000000..f48e897f2 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_disk_encryption_key.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateDiskencryptionkey + attr_reader :raw_key + + attr_reader :rsa_encrypted_key + + attr_reader :sha256 + + def initialize(args = nil) + return if args.nil? + @raw_key = args['rawKey'] + @rsa_encrypted_key = args['rsaEncryptedKey'] + @sha256 = args['sha256'] + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_disks.rb b/libraries/google/compute/property/instancetemplate_disks.rb new file mode 100644 index 000000000..8b35a6224 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_disks.rb @@ -0,0 +1,67 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/instancetemplate_disk_encryption_key' +require 'google/compute/property/instancetemplate_initialize_params' +require 'google/compute/property/instancetemplate_source_image_encryption_key' +module GoogleInSpec + module Compute + module Property + class InstanceTemplateDisks + attr_reader :auto_delete + + attr_reader :boot + + attr_reader :device_name + + attr_reader :disk_encryption_key + + attr_reader :index + + attr_reader :initialize_params + + attr_reader :interface + + attr_reader :mode + + attr_reader :source + + attr_reader :type + + def initialize(args = nil) + return if args.nil? + @auto_delete = args['autoDelete'] + @boot = args['boot'] + @device_name = args['deviceName'] + @disk_encryption_key = GoogleInSpec::Compute::Property::InstanceTemplateDiskencryptionkey.new(args['diskEncryptionKey']) + @index = args['index'] + @initialize_params = GoogleInSpec::Compute::Property::InstanceTemplateInitializeparams.new(args['initializeParams']) + @interface = args['interface'] + @mode = args['mode'] + @source = args['source'] + @type = args['type'] + end + end + + class InstanceTemplateDisksArray + def self.parse(value) + return if value.nil? + return InstanceTemplateDisks.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplateDisks.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_guest_accelerators.rb b/libraries/google/compute/property/instancetemplate_guest_accelerators.rb new file mode 100644 index 000000000..5182be9dc --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_guest_accelerators.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateGuestaccelerators + attr_reader :accelerator_count + + attr_reader :accelerator_type + + def initialize(args = nil) + return if args.nil? + @accelerator_count = args['acceleratorCount'] + @accelerator_type = args['acceleratorType'] + end + end + + class InstanceTemplateGuestacceleratorsArray + def self.parse(value) + return if value.nil? + return InstanceTemplateGuestaccelerators.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplateGuestaccelerators.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_initialize_params.rb b/libraries/google/compute/property/instancetemplate_initialize_params.rb new file mode 100644 index 000000000..f7d77bc37 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_initialize_params.rb @@ -0,0 +1,42 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/instancetemplate_source_image_encryption_key' +module GoogleInSpec + module Compute + module Property + class InstanceTemplateInitializeparams + attr_reader :disk_name + + attr_reader :disk_size_gb + + attr_reader :disk_type + + attr_reader :source_image + + attr_reader :source_image_encryption_key + + def initialize(args = nil) + return if args.nil? + @disk_name = args['diskName'] + @disk_size_gb = args['diskSizeGb'] + @disk_type = args['diskType'] + @source_image = args['sourceImage'] + @source_image_encryption_key = GoogleInSpec::Compute::Property::InstanceTemplateSourceimageencryptionkey.new(args['sourceImageEncryptionKey']) + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_network_interfaces.rb b/libraries/google/compute/property/instancetemplate_network_interfaces.rb new file mode 100644 index 000000000..69140847f --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_network_interfaces.rb @@ -0,0 +1,54 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/instancetemplate_access_configs' +require 'google/compute/property/instancetemplate_alias_ip_ranges' +module GoogleInSpec + module Compute + module Property + class InstanceTemplateNetworkinterfaces + attr_reader :access_configs + + attr_reader :alias_ip_ranges + + attr_reader :name + + attr_reader :network + + attr_reader :network_ip + + attr_reader :subnetwork + + def initialize(args = nil) + return if args.nil? + @access_configs = GoogleInSpec::Compute::Property::InstanceTemplateAccessconfigsArray.parse(args['accessConfigs']) + @alias_ip_ranges = GoogleInSpec::Compute::Property::InstanceTemplateAliasiprangesArray.parse(args['aliasIpRanges']) + @name = args['name'] + @network = args['network'] + @network_ip = args['networkIP'] + @subnetwork = args['subnetwork'] + end + end + + class InstanceTemplateNetworkinterfacesArray + def self.parse(value) + return if value.nil? + return InstanceTemplateNetworkinterfaces.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplateNetworkinterfaces.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_properties.rb b/libraries/google/compute/property/instancetemplate_properties.rb new file mode 100644 index 000000000..c3b637ff1 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_properties.rb @@ -0,0 +1,65 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/compute/property/instancetemplate_disks' +require 'google/compute/property/instancetemplate_guest_accelerators' +require 'google/compute/property/instancetemplate_network_interfaces' +require 'google/compute/property/instancetemplate_scheduling' +require 'google/compute/property/instancetemplate_service_accounts' +require 'google/compute/property/instancetemplate_tags' +module GoogleInSpec + module Compute + module Property + class InstanceTemplateProperties + attr_reader :can_ip_forward + + attr_reader :description + + attr_reader :disks + + attr_reader :machine_type + + attr_reader :min_cpu_platform + + attr_reader :metadata + + attr_reader :guest_accelerators + + attr_reader :network_interfaces + + attr_reader :scheduling + + attr_reader :service_accounts + + attr_reader :tags + + def initialize(args = nil) + return if args.nil? + @can_ip_forward = args['canIpForward'] + @description = args['description'] + @disks = GoogleInSpec::Compute::Property::InstanceTemplateDisksArray.parse(args['disks']) + @machine_type = args['machineType'] + @min_cpu_platform = args['minCpuPlatform'] + @metadata = args['metadata'] + @guest_accelerators = GoogleInSpec::Compute::Property::InstanceTemplateGuestacceleratorsArray.parse(args['guestAccelerators']) + @network_interfaces = GoogleInSpec::Compute::Property::InstanceTemplateNetworkinterfacesArray.parse(args['networkInterfaces']) + @scheduling = GoogleInSpec::Compute::Property::InstanceTemplateScheduling.new(args['scheduling']) + @service_accounts = GoogleInSpec::Compute::Property::InstanceTemplateServiceaccountsArray.parse(args['serviceAccounts']) + @tags = GoogleInSpec::Compute::Property::InstanceTemplateTags.new(args['tags']) + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_scheduling.rb b/libraries/google/compute/property/instancetemplate_scheduling.rb new file mode 100644 index 000000000..33a95de09 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_scheduling.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateScheduling + attr_reader :automatic_restart + + attr_reader :on_host_maintenance + + attr_reader :preemptible + + def initialize(args = nil) + return if args.nil? + @automatic_restart = args['automaticRestart'] + @on_host_maintenance = args['onHostMaintenance'] + @preemptible = args['preemptible'] + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_service_accounts.rb b/libraries/google/compute/property/instancetemplate_service_accounts.rb new file mode 100644 index 000000000..f48d2da81 --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_service_accounts.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateServiceaccounts + attr_reader :email + + attr_reader :scopes + + def initialize(args = nil) + return if args.nil? + @email = args['email'] + @scopes = args['scopes'] + end + end + + class InstanceTemplateServiceaccountsArray + def self.parse(value) + return if value.nil? + return InstanceTemplateServiceaccounts.new(value) unless value.is_a?(::Array) + value.map { |v| InstanceTemplateServiceaccounts.new(v) } + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_source_image_encryption_key.rb b/libraries/google/compute/property/instancetemplate_source_image_encryption_key.rb new file mode 100644 index 000000000..3e0543c7c --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_source_image_encryption_key.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateSourceimageencryptionkey + attr_reader :raw_key + + attr_reader :sha256 + + def initialize(args = nil) + return if args.nil? + @raw_key = args['rawKey'] + @sha256 = args['sha256'] + end + end + end + end +end diff --git a/libraries/google/compute/property/instancetemplate_tags.rb b/libraries/google/compute/property/instancetemplate_tags.rb new file mode 100644 index 000000000..65d7b1a1e --- /dev/null +++ b/libraries/google/compute/property/instancetemplate_tags.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class InstanceTemplateTags + attr_reader :fingerprint + + attr_reader :items + + def initialize(args = nil) + return if args.nil? + @fingerprint = args['fingerprint'] + @items = args['items'] + end + end + end + end +end diff --git a/libraries/google_compute_instance_template.rb b/libraries/google_compute_instance_template.rb new file mode 100644 index 000000000..3f68e55b2 --- /dev/null +++ b/libraries/google_compute_instance_template.rb @@ -0,0 +1,66 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +require 'google/compute/property/instancetemplate_disks' +require 'google/compute/property/instancetemplate_guest_accelerators' +require 'google/compute/property/instancetemplate_network_interfaces' +require 'google/compute/property/instancetemplate_properties' +require 'google/compute/property/instancetemplate_scheduling' +require 'google/compute/property/instancetemplate_service_accounts' +require 'google/compute/property/instancetemplate_tags' + +# A provider to manage Google Compute Engine resources. +class InstanceTemplate < GcpResourceBase + name 'google_compute_instance_template' + desc 'InstanceTemplate' + supports platform: 'gcp' + + attr_reader :creation_timestamp + attr_reader :description + attr_reader :id + attr_reader :name + attr_reader :properties + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/instanceTemplates/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @description = @fetched['description'] + @id = @fetched['id'] + @name = @fetched['name'] + @properties = GoogleInSpec::Compute::Property::InstanceTemplateProperties.new(@fetched['properties']) + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_instance_templates.rb b/libraries/google_compute_instance_templates.rb new file mode 100644 index 000000000..bd5248bc6 --- /dev/null +++ b/libraries/google_compute_instance_templates.rb @@ -0,0 +1,90 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class InstanceTemplates < GcpResourceBase + name 'google_compute_instance_templates' + desc 'InstanceTemplate plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:properties, field: :properties) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/instanceTemplates' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'properties' => ->(obj) { return :properties, GoogleInSpec::Compute::Property::InstanceTemplateProperties.new(obj['properties']) }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index 9901bcb9e..b5f7f6fa4 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -50,6 +50,10 @@ variable "https_health_check" { type = "map" } +variable "instance_template" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -187,4 +191,36 @@ resource "google_compute_https_health_check" "gcp-inspec-https-health-check" { timeout_sec = "${var.https_health_check["timeout_sec"]}" check_interval_sec = "${var.https_health_check["check_interval_sec"]}" unhealthy_threshold = "${var.https_health_check["unhealthy_threshold"]}" +} + +resource "google_compute_instance_template" "gcp-inspec-instance-template" { + project = "${var.gcp_project_id}" + name = "${var.instance_template["name"]}" + description = "${var.instance_template["description"]}" + + tags = ["${var.instance_template["tag"]}"] + + instance_description = "${var.instance_template["instance_description"]}" + machine_type = "${var.instance_template["machine_type"]}" + can_ip_forward = "${var.instance_template["can_ip_forward"]}" + + scheduling { + automatic_restart = "${var.instance_template["scheduling_automatic_restart"]}" + on_host_maintenance = "${var.instance_template["scheduling_on_host_maintenance"]}" + } + + // Create a new boot disk from an image + disk { + source_image = "${var.instance_template["disk_source_image"]}" + auto_delete = "${var.instance_template["disk_auto_delete"]}" + boot = "${var.instance_template["disk_boot"]}" + } + + network_interface { + network = "${var.instance_template["network_interface_network"]}" + } + + service_account { + scopes = ["${var.instance_template["service_account_scope"]}"] + } } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index c81af3529..e4e34dc6d 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -74,3 +74,18 @@ https_health_check: timeout_sec: 15 check_interval_sec: 15 unhealthy_threshold: 3 + +instance_template: + name: inspec-gcp-instance-template + description: A description of the instance template + instance_description: A description of the instance itself + machine_type: n1-standard-1 + tag: foo + can_ip_forward: false + scheduling_automatic_restart: true + scheduling_on_host_maintenance: MIGRATE + disk_source_image: debian-cloud/debian-9 + disk_auto_delete: true + disk_boot: true + network_interface_network: default + service_account_scope: storage-ro \ No newline at end of file diff --git a/test/integration/verify/controls/google_compute_instance_template.rb b/test/integration/verify/controls/google_compute_instance_template.rb new file mode 100644 index 000000000..5c159d01e --- /dev/null +++ b/test/integration/verify/controls/google_compute_instance_template.rb @@ -0,0 +1,53 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_instance_template resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +instance_template = attribute('instance_template', default: { + "name": "inspec-gcp-instance-template", + "description": "A description of the instance template", + "instance_description": "A description of the instance itself", + "machine_type": "n1-standard-1", + "tag": "foo", + "can_ip_forward": false, + "scheduling_automatic_restart": true, + "scheduling_on_host_maintenance": "MIGRATE", + "disk_source_image": "debian-cloud/debian-9", + "disk_auto_delete": true, + "disk_boot": true, + "network_interface_network": "default", + "service_account_scope": "storage-ro" +}, description: 'An instance template definition') +control 'google_compute_instance_template-1.0' do + impact 1.0 + title 'google_compute_instance_template resource test' + + describe google_compute_instance_template(project: gcp_project_id, name: instance_template['name']) do + it { should exist } + its('description') { should eq instance_template['description'] } + its('properties.description') { should eq instance_template['instance_description'] } + its('properties.machine_type') { should eq instance_template['machine_type'] } + its('properties.tags.items') { should include instance_template['tag'] } + its('properties.disks.count') { should eq 1 } + its('properties.disks.first.auto_delete') { should eq instance_template['disk_auto_delete'] } + its('properties.disks.first.boot') { should eq instance_template['disk_boot'] } + its('properties.network_interfaces.count') { should eq 1 } + its('properties.service_accounts.count') { should eq 1 } + end + + describe google_compute_instance_template(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_instance_templates.rb b/test/integration/verify/controls/google_compute_instance_templates.rb new file mode 100644 index 000000000..8708cb0b3 --- /dev/null +++ b/test/integration/verify/controls/google_compute_instance_templates.rb @@ -0,0 +1,40 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_instance_templates resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +instance_template = attribute('instance_template', default: { + "name": "inspec-gcp-instance-template", + "description": "A description of the instance template", + "instance_description": "A description of the instance itself", + "machine_type": "n1-standard-1", + "tag": "foo", + "can_ip_forward": false, + "scheduling_automatic_restart": true, + "scheduling_on_host_maintenance": "MIGRATE", + "disk_source_image": "debian-cloud/debian-9", + "disk_auto_delete": true, + "disk_boot": true, + "network_interface_network": "default", + "service_account_scope": "storage-ro" +}, description: 'An instance template definition') +control 'google_compute_instance_templates-1.0' do + impact 1.0 + title 'google_compute_instance_templates resource test' + + describe google_compute_instance_templates(project: gcp_project_id) do + its('names') { should include instance_template['name'] } + end +end