diff --git a/docs/resources/google_compute_global_address.md b/docs/resources/google_compute_global_address.md new file mode 100644 index 000000000..85c913ad6 --- /dev/null +++ b/docs/resources/google_compute_global_address.md @@ -0,0 +1,39 @@ +--- +title: About the GlobalAddress resource +platform: gcp +--- + + +## Syntax +A `google_compute_global_address` is used to test a Google GlobalAddress resource + +## Examples +``` +describe google_compute_global_address(project: 'chef-gcp-inspec', name: 'inspec-gcp-global-address') do + it { should exist } + its('ip_version') { should eq 'IPV6' } +end + +describe google_compute_global_address(project: 'chef-gcp-inspec', name: 'nonexistent') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_global_address` resource: + + * `address`: The static external IP address represented by this resource. + + * `creation_timestamp`: Creation timestamp in RFC3339 text format. + + * `description`: An optional description of this resource. Provide this property when you create the resource. + + * `id`: The unique identifier for the resource. This identifier is defined by the server. + + * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `ip_version`: The IP Version that will be used by this address. Valid options are IPV4 or IPV6. The default value is IPV4. + + * `region`: A reference to the region where the regional address resides. + + * `address_type`: The type of the address to reserve, default is EXTERNAL. * EXTERNAL indicates public/external single IP address. * INTERNAL indicates internal IP ranges belonging to some network. diff --git a/docs/resources/google_compute_global_addresses.md b/docs/resources/google_compute_global_addresses.md new file mode 100644 index 000000000..c4d45ac12 --- /dev/null +++ b/docs/resources/google_compute_global_addresses.md @@ -0,0 +1,34 @@ +--- +title: About the GlobalAddress resource +platform: gcp +--- + + +## Syntax +A `google_compute_global_addresses` is used to test a Google GlobalAddress resource + +## Examples +``` +describe google_compute_global_addresses(project: 'chef-gcp-inspec', name: 'inspec-gcp-global-address') do + its('count') { should be >= 1 } + its('names') { should include 'inspec-gcp-global-address' } + its('ip_versions') { should include 'IPV6' } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_global_addresses` resource: + +See [google_compute_global_address.md](google_compute_global_address.md) for more detailed information + * `addresses`: an array of `google_compute_global_address` address + * `creation_timestamps`: an array of `google_compute_global_address` creation_timestamp + * `descriptions`: an array of `google_compute_global_address` description + * `ids`: an array of `google_compute_global_address` id + * `names`: an array of `google_compute_global_address` name + * `ip_versions`: an array of `google_compute_global_address` ip_version + * `regions`: an array of `google_compute_global_address` region + * `address_types`: an array of `google_compute_global_address` address_type + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. diff --git a/libraries/google_compute_global_address.rb b/libraries/google_compute_global_address.rb new file mode 100644 index 000000000..43da4d631 --- /dev/null +++ b/libraries/google_compute_global_address.rb @@ -0,0 +1,65 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' + +# A provider to manage Google Compute Engine resources. +class GlobalAddress < GcpResourceBase + name 'google_compute_global_address' + desc 'GlobalAddress' + supports platform: 'gcp' + + attr_reader :address + attr_reader :creation_timestamp + attr_reader :description + attr_reader :id + attr_reader :name + attr_reader :ip_version + attr_reader :region + attr_reader :address_type + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/addresses/{{name}}' + end + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @fetched = @connection.fetch(base, url, params) + parse unless @fetched.nil? + end + + def parse + @address = @fetched['address'] + @creation_timestamp = parse_time_string(@fetched['creationTimestamp']) + @description = @fetched['description'] + @id = @fetched['id'] + @name = @fetched['name'] + @ip_version = @fetched['ipVersion'] + @region = @fetched['region'] + @address_type = @fetched['addressType'] + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end + + def exists? + !@fetched.nil? + end +end diff --git a/libraries/google_compute_global_addresses.rb b/libraries/google_compute_global_addresses.rb new file mode 100644 index 000000000..34f7eff0c --- /dev/null +++ b/libraries/google_compute_global_addresses.rb @@ -0,0 +1,96 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class GlobalAddresss < GcpResourceBase + name 'google_compute_global_addresses' + desc 'GlobalAddress plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:addresses, field: :address) + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:ip_versions, field: :ip_version) + filter_table_config.add(:regions, field: :region) + filter_table_config.add(:address_types, field: :address_type) + + filter_table_config.connect(self, :table) + + def base + 'https://www.googleapis.com/compute/v1/' + end + + def url + 'projects/{{project}}/global/addresses' + end + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('items') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(base, url, @params) + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'address' => ->(obj) { return :address, obj['address'] }, + 'creationTimestamp' => ->(obj) { return :creation_timestamp, parse_time_string(obj['creationTimestamp']) }, + 'description' => ->(obj) { return :description, obj['description'] }, + 'id' => ->(obj) { return :id, obj['id'] }, + 'name' => ->(obj) { return :name, obj['name'] }, + 'ipVersion' => ->(obj) { return :ip_version, obj['ipVersion'] }, + 'region' => ->(obj) { return :region, obj['region'] }, + 'addressType' => ->(obj) { return :address_type, obj['addressType'] }, + } + end + + # Handles parsing RFC3339 time string + def parse_time_string(time_string) + time_string ? Time.parse(time_string) : nil + end +end diff --git a/test/integration/build/gcp-mm.tf b/test/integration/build/gcp-mm.tf index b5f7f6fa4..659f5a8fd 100644 --- a/test/integration/build/gcp-mm.tf +++ b/test/integration/build/gcp-mm.tf @@ -54,6 +54,10 @@ variable "instance_template" { type = "map" } +variable "global_address" { + type = "map" +} + resource "google_compute_ssl_policy" "custom-ssl-policy" { name = "${var.ssl_policy["name"]}" min_tls_version = "${var.ssl_policy["min_tls_version"]}" @@ -223,4 +227,10 @@ resource "google_compute_instance_template" "gcp-inspec-instance-template" { service_account { scopes = ["${var.instance_template["service_account_scope"]}"] } +} + +resource "google_compute_global_address" "gcp-inspec-global-address" { + project = "${var.gcp_project_id}" + name = "${var.global_address["name"]}" + ip_version = "${var.global_address["ip_version"]}" } \ No newline at end of file diff --git a/test/integration/configuration/mm-attributes.yml b/test/integration/configuration/mm-attributes.yml index e4e34dc6d..b76e843e7 100644 --- a/test/integration/configuration/mm-attributes.yml +++ b/test/integration/configuration/mm-attributes.yml @@ -88,4 +88,8 @@ instance_template: disk_auto_delete: true disk_boot: true network_interface_network: default - service_account_scope: storage-ro \ No newline at end of file + service_account_scope: storage-ro + +global_address: + name: inspec-gcp-global-address + ip_version: IPV6 diff --git a/test/integration/verify/controls/google_compute_global_address.rb b/test/integration/verify/controls/google_compute_global_address.rb new file mode 100644 index 000000000..9af08a8b3 --- /dev/null +++ b/test/integration/verify/controls/google_compute_global_address.rb @@ -0,0 +1,34 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_global_address resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +global_address = attribute('global_address', default: { + "name": "inspec-gcp-global-address", + "ip_version": "IPV6" +}, description: 'Compute Global Address definition') +control 'google_compute_global_address-1.0' do + impact 1.0 + title 'google_compute_global_address resource test' + + describe google_compute_global_address(project: gcp_project_id, name: global_address['name']) do + it { should exist } + its('ip_version') { should eq global_address['ip_version'] } + end + + describe google_compute_global_address(project: gcp_project_id, name: 'nonexistent') do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_global_addresses.rb b/test/integration/verify/controls/google_compute_global_addresses.rb new file mode 100644 index 000000000..d63e225f2 --- /dev/null +++ b/test/integration/verify/controls/google_compute_global_addresses.rb @@ -0,0 +1,31 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_global_addresses resource.' + +gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') +global_address = attribute('global_address', default: { + "name": "inspec-gcp-global-address", + "ip_version": "IPV6" +}, description: 'Compute Global Address definition') +control 'google_compute_global_addresses-1.0' do + impact 1.0 + title 'google_compute_global_addresses resource test' + + describe google_compute_global_addresses(project: gcp_project_id, name: global_address['name']) do + its('count') { should be >= 1 } + its('names') { should include global_address['name'] } + its('ip_versions') { should include global_address['ip_version'] } + end +end