From e5925c6b6f13df151c18285605425550387f0708 Mon Sep 17 00:00:00 2001 From: Bharath B Date: Sat, 17 Feb 2024 13:40:48 +0530 Subject: [PATCH 1/3] CFE-857 : Update go mod with new pkgs for GCP tags --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index bc63de3ba06..921f6986fc6 100644 --- a/go.mod +++ b/go.mod @@ -43,6 +43,7 @@ require ( github.com/golang/protobuf v1.5.3 github.com/google/go-cmp v0.6.0 github.com/google/uuid v1.6.0 + github.com/googleapis/gax-go/v2 v2.12.0 github.com/gophercloud/gophercloud v1.6.0 github.com/gophercloud/utils v0.0.0-20230523080330-de873b9cf00d github.com/h2non/filetype v1.0.12 @@ -182,7 +183,6 @@ require ( github.com/google/s2a-go v0.1.7 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect - github.com/googleapis/gax-go/v2 v2.12.0 // indirect github.com/gorilla/websocket v1.5.0 // indirect github.com/gregjones/httpcache v0.0.0-20190212212710-3befbb6ad0cc // indirect github.com/hashicorp/errwrap v1.1.0 // indirect From 905abb419f72b7135992b832560786b65df0c32e Mon Sep 17 00:00:00 2001 From: Bharath B Date: Sat, 17 Feb 2024 13:41:01 +0530 Subject: [PATCH 2/3] CFE-857 : Add vendor pkgs for GCP tags --- .../v3/cloudresourcemanager-api.json | 3032 ++++ .../v3/cloudresourcemanager-gen.go | 11642 ++++++++++++++++ vendor/modules.txt | 1 + 3 files changed, 14675 insertions(+) create mode 100644 vendor/google.golang.org/api/cloudresourcemanager/v3/cloudresourcemanager-api.json create mode 100644 vendor/google.golang.org/api/cloudresourcemanager/v3/cloudresourcemanager-gen.go diff --git a/vendor/google.golang.org/api/cloudresourcemanager/v3/cloudresourcemanager-api.json b/vendor/google.golang.org/api/cloudresourcemanager/v3/cloudresourcemanager-api.json new file mode 100644 index 00000000000..d19bc7330bd --- /dev/null +++ b/vendor/google.golang.org/api/cloudresourcemanager/v3/cloudresourcemanager-api.json @@ -0,0 +1,3032 @@ +{ + "auth": { + "oauth2": { + "scopes": { + "https://www.googleapis.com/auth/cloud-platform": { + "description": "See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account." + }, + "https://www.googleapis.com/auth/cloud-platform.read-only": { + "description": "View your data across Google Cloud services and see the email address of your Google Account" + } + } + } + }, + "basePath": "", + "baseUrl": "https://cloudresourcemanager.googleapis.com/", + "batchPath": "batch", + "canonicalName": "Cloud Resource Manager", + "description": "Creates, reads, and updates metadata for Google Cloud Platform resource containers.", + "discoveryVersion": "v1", + "documentationLink": "https://cloud.google.com/resource-manager", + "fullyEncodeReservedExpansion": true, + "icons": { + "x16": "http://www.google.com/images/icons/product/search-16.gif", + "x32": "http://www.google.com/images/icons/product/search-32.gif" + }, + "id": "cloudresourcemanager:v3", + "kind": "discovery#restDescription", + "mtlsRootUrl": "https://cloudresourcemanager.mtls.googleapis.com/", + "name": "cloudresourcemanager", + "ownerDomain": "google.com", + "ownerName": "Google", + "parameters": { + "$.xgafv": { + "description": "V1 error format.", + "enum": [ + "1", + "2" + ], + "enumDescriptions": [ + "v1 error format", + "v2 error format" + ], + "location": "query", + "type": "string" + }, + "access_token": { + "description": "OAuth access token.", + "location": "query", + "type": "string" + }, + "alt": { + "default": "json", + "description": "Data format for response.", + "enum": [ + "json", + "media", + "proto" + ], + "enumDescriptions": [ + "Responses with Content-Type of application/json", + "Media download with context-dependent Content-Type", + "Responses with Content-Type of application/x-protobuf" + ], + "location": "query", + "type": "string" + }, + "callback": { + "description": "JSONP", + "location": "query", + "type": "string" + }, + "fields": { + "description": "Selector specifying which fields to include in a partial response.", + "location": "query", + "type": "string" + }, + "key": { + "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.", + "location": "query", + "type": "string" + }, + "oauth_token": { + "description": "OAuth 2.0 token for the current user.", + "location": "query", + "type": "string" + }, + "prettyPrint": { + "default": "true", + "description": "Returns response with indentations and line breaks.", + "location": "query", + "type": "boolean" + }, + "quotaUser": { + "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.", + "location": "query", + "type": "string" + }, + "uploadType": { + "description": "Legacy upload protocol for media (e.g. \"media\", \"multipart\").", + "location": "query", + "type": "string" + }, + "upload_protocol": { + "description": "Upload protocol for media (e.g. \"raw\", \"multipart\").", + "location": "query", + "type": "string" + } + }, + "protocol": "rest", + "resources": { + "effectiveTags": { + "methods": { + "list": { + "description": "Return a list of effective tags for the given Google Cloud resource, as specified in `parent`.", + "flatPath": "v3/effectiveTags", + "httpMethod": "GET", + "id": "cloudresourcemanager.effectiveTags.list", + "parameterOrder": [], + "parameters": { + "pageSize": { + "description": "Optional. The maximum number of effective tags to return in the response. The server allows a maximum of 300 effective tags to return in a single page. If unspecified, the server will use 100 as the default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. A pagination token returned from a previous call to `ListEffectiveTags` that indicates from where this listing should continue.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The full resource name of a resource for which you want to list the effective tags. E.g. \"//cloudresourcemanager.googleapis.com/projects/123\"", + "location": "query", + "type": "string" + } + }, + "path": "v3/effectiveTags", + "response": { + "$ref": "ListEffectiveTagsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + } + } + }, + "folders": { + "methods": { + "create": { + "description": "Creates a folder in the resource hierarchy. Returns an `Operation` which can be used to track the progress of the folder creation workflow. Upon success, the `Operation.response` field will be populated with the created Folder. In order to succeed, the addition of this new folder must not violate the folder naming, height, or fanout constraints. + The folder's `display_name` must be distinct from all other folders that share its parent. + The addition of the folder must not cause the active folder hierarchy to exceed a height of 10. Note, the full active + deleted folder hierarchy is allowed to reach a height of 20; this provides additional headroom when moving folders that contain deleted folders. + The addition of the folder must not cause the total number of folders under its parent to exceed 300. If the operation fails due to a folder constraint violation, some errors may be returned by the `CreateFolder` request, with status code `FAILED_PRECONDITION` and an error description. Other folder constraint violations will be communicated in the `Operation`, with the specific `PreconditionFailure` returned in the details list in the `Operation.error` field. The caller must have `resourcemanager.folders.create` permission on the identified parent.", + "flatPath": "v3/folders", + "httpMethod": "POST", + "id": "cloudresourcemanager.folders.create", + "parameterOrder": [], + "parameters": {}, + "path": "v3/folders", + "request": { + "$ref": "Folder" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "Requests deletion of a folder. The folder is moved into the DELETE_REQUESTED state immediately, and is deleted approximately 30 days later. This method may only be called on an empty folder, where a folder is empty if it doesn't contain any folders or projects in the ACTIVE state. If called on a folder in DELETE_REQUESTED state the operation will result in a no-op success. The caller must have `resourcemanager.folders.delete` permission on the identified folder.", + "flatPath": "v3/folders/{foldersId}", + "httpMethod": "DELETE", + "id": "cloudresourcemanager.folders.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name of the folder to be deleted. Must be of the form `folders/{folder_id}`.", + "location": "path", + "pattern": "^folders/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "get": { + "description": "Retrieves a folder identified by the supplied resource name. Valid folder resource names have the format `folders/{folder_id}` (for example, `folders/1234`). The caller must have `resourcemanager.folders.get` permission on the identified folder.", + "flatPath": "v3/folders/{foldersId}", + "httpMethod": "GET", + "id": "cloudresourcemanager.folders.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name of the folder to retrieve. Must be of the form `folders/{folder_id}`.", + "location": "path", + "pattern": "^folders/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "Folder" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "getIamPolicy": { + "description": "Gets the access control policy for a folder. The returned policy may be empty if no such policy or resource exists. The `resource` field should be the folder's resource name, for example: \"folders/1234\". The caller must have `resourcemanager.folders.getIamPolicy` permission on the identified folder.", + "flatPath": "v3/folders/{foldersId}:getIamPolicy", + "httpMethod": "POST", + "id": "cloudresourcemanager.folders.getIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^folders/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:getIamPolicy", + "request": { + "$ref": "GetIamPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "list": { + "description": "Lists the folders that are direct descendants of supplied parent resource. `list()` provides a strongly consistent view of the folders underneath the specified parent resource. `list()` returns folders sorted based upon the (ascending) lexical ordering of their display_name. The caller must have `resourcemanager.folders.list` permission on the identified parent.", + "flatPath": "v3/folders", + "httpMethod": "GET", + "id": "cloudresourcemanager.folders.list", + "parameterOrder": [], + "parameters": { + "pageSize": { + "description": "Optional. The maximum number of folders to return in the response. The server can return fewer folders than requested. If unspecified, server picks an appropriate default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. A pagination token returned from a previous call to `ListFolders` that indicates where this listing should continue from.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The name of the parent resource whose folders are being listed. Only children of this parent resource are listed; descendants are not listed. If the parent is a folder, use the value `folders/{folder_id}`. If the parent is an organization, use the value `organizations/{org_id}`. Access to this method is controlled by checking the `resourcemanager.folders.list` permission on the `parent`.", + "location": "query", + "type": "string" + }, + "showDeleted": { + "description": "Optional. Controls whether folders in the DELETE_REQUESTED state should be returned. Defaults to false.", + "location": "query", + "type": "boolean" + } + }, + "path": "v3/folders", + "response": { + "$ref": "ListFoldersResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "move": { + "description": "Moves a folder under a new resource parent. Returns an `Operation` which can be used to track the progress of the folder move workflow. Upon success, the `Operation.response` field will be populated with the moved folder. Upon failure, a `FolderOperationError` categorizing the failure cause will be returned - if the failure occurs synchronously then the `FolderOperationError` will be returned in the `Status.details` field. If it occurs asynchronously, then the FolderOperation will be returned in the `Operation.error` field. In addition, the `Operation.metadata` field will be populated with a `FolderOperation` message as an aid to stateless clients. Folder moves will be rejected if they violate either the naming, height, or fanout constraints described in the CreateFolder documentation. The caller must have `resourcemanager.folders.move` permission on the folder's current and proposed new parent.", + "flatPath": "v3/folders/{foldersId}:move", + "httpMethod": "POST", + "id": "cloudresourcemanager.folders.move", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name of the Folder to move. Must be of the form folders/{folder_id}", + "location": "path", + "pattern": "^folders/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}:move", + "request": { + "$ref": "MoveFolderRequest" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "patch": { + "description": "Updates a folder, changing its `display_name`. Changes to the folder `display_name` will be rejected if they violate either the `display_name` formatting rules or the naming constraints described in the CreateFolder documentation. The folder's `display_name` must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be between 3 and 30 characters. This is captured by the regular expression: `\\p{L}\\p{N}{1,28}[\\p{L}\\p{N}]`. The caller must have `resourcemanager.folders.update` permission on the identified folder. If the update fails due to the unique name constraint then a `PreconditionFailure` explaining this violation will be returned in the Status.details field.", + "flatPath": "v3/folders/{foldersId}", + "httpMethod": "PATCH", + "id": "cloudresourcemanager.folders.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Output only. The resource name of the folder. Its format is `folders/{folder_id}`, for example: \"folders/1234\".", + "location": "path", + "pattern": "^folders/[^/]+$", + "required": true, + "type": "string" + }, + "updateMask": { + "description": "Required. Fields to be updated. Only the `display_name` can be updated.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + } + }, + "path": "v3/{+name}", + "request": { + "$ref": "Folder" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "search": { + "description": "Search for folders that match specific filter criteria. `search()` provides an eventually consistent view of the folders a user has access to which meet the specified filter criteria. This will only return folders on which the caller has the permission `resourcemanager.folders.get`.", + "flatPath": "v3/folders:search", + "httpMethod": "GET", + "id": "cloudresourcemanager.folders.search", + "parameterOrder": [], + "parameters": { + "pageSize": { + "description": "Optional. The maximum number of folders to return in the response. The server can return fewer folders than requested. If unspecified, server picks an appropriate default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. A pagination token returned from a previous call to `SearchFolders` that indicates from where search should continue.", + "location": "query", + "type": "string" + }, + "query": { + "description": "Optional. Search criteria used to select the folders to return. If no search criteria is specified then all accessible folders will be returned. Query expressions can be used to restrict results based upon displayName, state and parent, where the operators `=` (`:`) `NOT`, `AND` and `OR` can be used along with the suffix wildcard symbol `*`. The `displayName` field in a query expression should use escaped quotes for values that include whitespace to prevent unexpected behavior. ``` | Field | Description | |-------------------------|----------------------------------------| | displayName | Filters by displayName. | | parent | Filters by parent (for example: folders/123). | | state, lifecycleState | Filters by state. | ``` Some example queries are: * Query `displayName=Test*` returns Folder resources whose display name starts with \"Test\". * Query `state=ACTIVE` returns Folder resources with `state` set to `ACTIVE`. * Query `parent=folders/123` returns Folder resources that have `folders/123` as a parent resource. * Query `parent=folders/123 AND state=ACTIVE` returns active Folder resources that have `folders/123` as a parent resource. * Query `displayName=\\\\\"Test String\\\\\"` returns Folder resources with display names that include both \"Test\" and \"String\".", + "location": "query", + "type": "string" + } + }, + "path": "v3/folders:search", + "response": { + "$ref": "SearchFoldersResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "setIamPolicy": { + "description": "Sets the access control policy on a folder, replacing any existing policy. The `resource` field should be the folder's resource name, for example: \"folders/1234\". The caller must have `resourcemanager.folders.setIamPolicy` permission on the identified folder.", + "flatPath": "v3/folders/{foldersId}:setIamPolicy", + "httpMethod": "POST", + "id": "cloudresourcemanager.folders.setIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^folders/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:setIamPolicy", + "request": { + "$ref": "SetIamPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "testIamPermissions": { + "description": "Returns permissions that a caller has on the specified folder. The `resource` field should be the folder's resource name, for example: \"folders/1234\". There are no permissions required for making this API call.", + "flatPath": "v3/folders/{foldersId}:testIamPermissions", + "httpMethod": "POST", + "id": "cloudresourcemanager.folders.testIamPermissions", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^folders/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:testIamPermissions", + "request": { + "$ref": "TestIamPermissionsRequest" + }, + "response": { + "$ref": "TestIamPermissionsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "undelete": { + "description": "Cancels the deletion request for a folder. This method may be called on a folder in any state. If the folder is in the ACTIVE state the result will be a no-op success. In order to succeed, the folder's parent must be in the ACTIVE state. In addition, reintroducing the folder into the tree must not violate folder naming, height, and fanout constraints described in the CreateFolder documentation. The caller must have `resourcemanager.folders.undelete` permission on the identified folder.", + "flatPath": "v3/folders/{foldersId}:undelete", + "httpMethod": "POST", + "id": "cloudresourcemanager.folders.undelete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name of the folder to undelete. Must be of the form `folders/{folder_id}`.", + "location": "path", + "pattern": "^folders/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}:undelete", + "request": { + "$ref": "UndeleteFolderRequest" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + } + }, + "liens": { + "methods": { + "create": { + "description": "Create a Lien which applies to the resource denoted by the `parent` field. Callers of this method will require permission on the `parent` resource. For example, applying to `projects/1234` requires permission `resourcemanager.projects.updateLiens`. NOTE: Some resources may limit the number of Liens which may be applied.", + "flatPath": "v3/liens", + "httpMethod": "POST", + "id": "cloudresourcemanager.liens.create", + "parameterOrder": [], + "parameters": {}, + "path": "v3/liens", + "request": { + "$ref": "Lien" + }, + "response": { + "$ref": "Lien" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "delete": { + "description": "Delete a Lien by `name`. Callers of this method will require permission on the `parent` resource. For example, a Lien with a `parent` of `projects/1234` requires permission `resourcemanager.projects.updateLiens`.", + "flatPath": "v3/liens/{liensId}", + "httpMethod": "DELETE", + "id": "cloudresourcemanager.liens.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name/identifier of the Lien to delete.", + "location": "path", + "pattern": "^liens/.*$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "Empty" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "get": { + "description": "Retrieve a Lien by `name`. Callers of this method will require permission on the `parent` resource. For example, a Lien with a `parent` of `projects/1234` requires permission `resourcemanager.projects.get`", + "flatPath": "v3/liens/{liensId}", + "httpMethod": "GET", + "id": "cloudresourcemanager.liens.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name/identifier of the Lien.", + "location": "path", + "pattern": "^liens/.*$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "Lien" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "list": { + "description": "List all Liens applied to the `parent` resource. Callers of this method will require permission on the `parent` resource. For example, a Lien with a `parent` of `projects/1234` requires permission `resourcemanager.projects.get`.", + "flatPath": "v3/liens", + "httpMethod": "GET", + "id": "cloudresourcemanager.liens.list", + "parameterOrder": [], + "parameters": { + "pageSize": { + "description": "The maximum number of items to return. This is a suggestion for the server. The server can return fewer liens than requested. If unspecified, server picks an appropriate default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "The `next_page_token` value returned from a previous List request, if any.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The name of the resource to list all attached Liens. For example, `projects/1234`. (google.api.field_policy).resource_type annotation is not set since the parent depends on the meta api implementation. This field could be a project or other sub project resources.", + "location": "query", + "type": "string" + } + }, + "path": "v3/liens", + "response": { + "$ref": "ListLiensResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + } + } + }, + "operations": { + "methods": { + "get": { + "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", + "flatPath": "v3/operations/{operationsId}", + "httpMethod": "GET", + "id": "cloudresourcemanager.operations.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "The name of the operation resource.", + "location": "path", + "pattern": "^operations/.*$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + } + } + }, + "organizations": { + "methods": { + "get": { + "description": "Fetches an organization resource identified by the specified resource name.", + "flatPath": "v3/organizations/{organizationsId}", + "httpMethod": "GET", + "id": "cloudresourcemanager.organizations.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name of the Organization to fetch. This is the organization's relative path in the API, formatted as \"organizations/[organizationId]\". For example, \"organizations/1234\".", + "location": "path", + "pattern": "^organizations/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "Organization" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "getIamPolicy": { + "description": "Gets the access control policy for an organization resource. The policy may be empty if no such policy or resource exists. The `resource` field should be the organization's resource name, for example: \"organizations/123\". Authorization requires the IAM permission `resourcemanager.organizations.getIamPolicy` on the specified organization.", + "flatPath": "v3/organizations/{organizationsId}:getIamPolicy", + "httpMethod": "POST", + "id": "cloudresourcemanager.organizations.getIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^organizations/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:getIamPolicy", + "request": { + "$ref": "GetIamPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "search": { + "description": "Searches organization resources that are visible to the user and satisfy the specified filter. This method returns organizations in an unspecified order. New organizations do not necessarily appear at the end of the results, and may take a small amount of time to appear. Search will only return organizations on which the user has the permission `resourcemanager.organizations.get` or has super admin privileges.", + "flatPath": "v3/organizations:search", + "httpMethod": "GET", + "id": "cloudresourcemanager.organizations.search", + "parameterOrder": [], + "parameters": { + "pageSize": { + "description": "Optional. The maximum number of organizations to return in the response. The server can return fewer organizations than requested. If unspecified, server picks an appropriate default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. A pagination token returned from a previous call to `SearchOrganizations` that indicates from where listing should continue.", + "location": "query", + "type": "string" + }, + "query": { + "description": "Optional. An optional query string used to filter the Organizations to return in the response. Query rules are case-insensitive. ``` | Field | Description | |------------------|--------------------------------------------| | directoryCustomerId, owner.directoryCustomerId | Filters by directory customer id. | | domain | Filters by domain. | ``` Organizations may be queried by `directoryCustomerId` or by `domain`, where the domain is a G Suite domain, for example: * Query `directorycustomerid:123456789` returns Organization resources with `owner.directory_customer_id` equal to `123456789`. * Query `domain:google.com` returns Organization resources corresponding to the domain `google.com`.", + "location": "query", + "type": "string" + } + }, + "path": "v3/organizations:search", + "response": { + "$ref": "SearchOrganizationsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "setIamPolicy": { + "description": "Sets the access control policy on an organization resource. Replaces any existing policy. The `resource` field should be the organization's resource name, for example: \"organizations/123\". Authorization requires the IAM permission `resourcemanager.organizations.setIamPolicy` on the specified organization.", + "flatPath": "v3/organizations/{organizationsId}:setIamPolicy", + "httpMethod": "POST", + "id": "cloudresourcemanager.organizations.setIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^organizations/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:setIamPolicy", + "request": { + "$ref": "SetIamPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "testIamPermissions": { + "description": "Returns the permissions that a caller has on the specified organization. The `resource` field should be the organization's resource name, for example: \"organizations/123\". There are no permissions required for making this API call.", + "flatPath": "v3/organizations/{organizationsId}:testIamPermissions", + "httpMethod": "POST", + "id": "cloudresourcemanager.organizations.testIamPermissions", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^organizations/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:testIamPermissions", + "request": { + "$ref": "TestIamPermissionsRequest" + }, + "response": { + "$ref": "TestIamPermissionsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + } + } + }, + "projects": { + "methods": { + "create": { + "description": "Request that a new project be created. The result is an `Operation` which can be used to track the creation process. This process usually takes a few seconds, but can sometimes take much longer. The tracking `Operation` is automatically deleted after a few hours, so there is no need to call `DeleteOperation`.", + "flatPath": "v3/projects", + "httpMethod": "POST", + "id": "cloudresourcemanager.projects.create", + "parameterOrder": [], + "parameters": {}, + "path": "v3/projects", + "request": { + "$ref": "Project" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "Marks the project identified by the specified `name` (for example, `projects/415104041262`) for deletion. This method will only affect the project if it has a lifecycle state of ACTIVE. This method changes the Project's lifecycle state from ACTIVE to DELETE_REQUESTED. The deletion starts at an unspecified time, at which point the Project is no longer accessible. Until the deletion completes, you can check the lifecycle state checked by retrieving the project with GetProject, and the project remains visible to ListProjects. However, you cannot update the project. After the deletion completes, the project is not retrievable by the GetProject, ListProjects, and SearchProjects methods. This method behaves idempotently, such that deleting a `DELETE_REQUESTED` project will not cause an error, but also won't do anything. The caller must have `resourcemanager.projects.delete` permissions for this project.", + "flatPath": "v3/projects/{projectsId}", + "httpMethod": "DELETE", + "id": "cloudresourcemanager.projects.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the Project (for example, `projects/415104041262`).", + "location": "path", + "pattern": "^projects/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "get": { + "description": "Retrieves the project identified by the specified `name` (for example, `projects/415104041262`). The caller must have `resourcemanager.projects.get` permission for this project.", + "flatPath": "v3/projects/{projectsId}", + "httpMethod": "GET", + "id": "cloudresourcemanager.projects.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the project (for example, `projects/415104041262`).", + "location": "path", + "pattern": "^projects/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "Project" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "getIamPolicy": { + "description": "Returns the IAM access control policy for the specified project, in the format `projects/{ProjectIdOrNumber}` e.g. projects/123. Permission is denied if the policy or the resource do not exist.", + "flatPath": "v3/projects/{projectsId}:getIamPolicy", + "httpMethod": "POST", + "id": "cloudresourcemanager.projects.getIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^projects/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:getIamPolicy", + "request": { + "$ref": "GetIamPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "list": { + "description": "Lists projects that are direct children of the specified folder or organization resource. `list()` provides a strongly consistent view of the projects underneath the specified parent resource. `list()` returns projects sorted based upon the (ascending) lexical ordering of their `display_name`. The caller must have `resourcemanager.projects.list` permission on the identified parent.", + "flatPath": "v3/projects", + "httpMethod": "GET", + "id": "cloudresourcemanager.projects.list", + "parameterOrder": [], + "parameters": { + "pageSize": { + "description": "Optional. The maximum number of projects to return in the response. The server can return fewer projects than requested. If unspecified, server picks an appropriate default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. A pagination token returned from a previous call to ListProjects that indicates from where listing should continue.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The name of the parent resource whose projects are being listed. Only children of this parent resource are listed; descendants are not listed. If the parent is a folder, use the value `folders/{folder_id}`. If the parent is an organization, use the value `organizations/{org_id}`.", + "location": "query", + "type": "string" + }, + "showDeleted": { + "description": "Optional. Indicate that projects in the `DELETE_REQUESTED` state should also be returned. Normally only `ACTIVE` projects are returned.", + "location": "query", + "type": "boolean" + } + }, + "path": "v3/projects", + "response": { + "$ref": "ListProjectsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "move": { + "description": "Move a project to another place in your resource hierarchy, under a new resource parent. Returns an operation which can be used to track the process of the project move workflow. Upon success, the `Operation.response` field will be populated with the moved project. The caller must have `resourcemanager.projects.move` permission on the project, on the project's current and proposed new parent. If project has no current parent, or it currently does not have an associated organization resource, you will also need the `resourcemanager.projects.setIamPolicy` permission in the project. ", + "flatPath": "v3/projects/{projectsId}:move", + "httpMethod": "POST", + "id": "cloudresourcemanager.projects.move", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the project to move.", + "location": "path", + "pattern": "^projects/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}:move", + "request": { + "$ref": "MoveProjectRequest" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "patch": { + "description": "Updates the `display_name` and labels of the project identified by the specified `name` (for example, `projects/415104041262`). Deleting all labels requires an update mask for labels field. The caller must have `resourcemanager.projects.update` permission for this project.", + "flatPath": "v3/projects/{projectsId}", + "httpMethod": "PATCH", + "id": "cloudresourcemanager.projects.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Output only. The unique resource name of the project. It is an int64 generated number prefixed by \"projects/\". Example: `projects/415104041262`", + "location": "path", + "pattern": "^projects/[^/]+$", + "required": true, + "type": "string" + }, + "updateMask": { + "description": "Optional. An update mask to selectively update fields.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + } + }, + "path": "v3/{+name}", + "request": { + "$ref": "Project" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "search": { + "description": "Search for projects that the caller has the `resourcemanager.projects.get` permission on, and also satisfy the specified query. This method returns projects in an unspecified order. This method is eventually consistent with project mutations; this means that a newly created project may not appear in the results or recent updates to an existing project may not be reflected in the results. To retrieve the latest state of a project, use the GetProject method.", + "flatPath": "v3/projects:search", + "httpMethod": "GET", + "id": "cloudresourcemanager.projects.search", + "parameterOrder": [], + "parameters": { + "pageSize": { + "description": "Optional. The maximum number of projects to return in the response. The server can return fewer projects than requested. If unspecified, server picks an appropriate default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. A pagination token returned from a previous call to ListProjects that indicates from where listing should continue.", + "location": "query", + "type": "string" + }, + "query": { + "description": "Optional. A query string for searching for projects that the caller has `resourcemanager.projects.get` permission to. If multiple fields are included in the query, then it will return results that match any of the fields. Some eligible fields are: ``` | Field | Description | |-------------------------|----------------------------------------------| | displayName, name | Filters by displayName. | | parent | Project's parent (for example: folders/123, organizations/*). Prefer parent field over parent.type and parent.id.| | parent.type | Parent's type: `folder` or `organization`. | | parent.id | Parent's id number (for example: 123) | | id, projectId | Filters by projectId. | | state, lifecycleState | Filters by state. | | labels | Filters by label name or value. | | labels.\\ (where *key* is the name of a label) | Filters by label name.| ``` Search expressions are case insensitive. Some examples queries: ``` | Query | Description | |------------------|-----------------------------------------------------| | name:how* | The project's name starts with \"how\". | | name:Howl | The project's name is `Howl` or `howl`. | | name:HOWL | Equivalent to above. | | NAME:howl | Equivalent to above. | | labels.color:* | The project has the label `color`. | | labels.color:red | The project's label `color` has the value `red`. | | labels.color:red labels.size:big | The project's label `color` has the value `red` or its label `size` has the value `big`. | ``` If no query is specified, the call will return projects for which the user has the `resourcemanager.projects.get` permission.", + "location": "query", + "type": "string" + } + }, + "path": "v3/projects:search", + "response": { + "$ref": "SearchProjectsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "setIamPolicy": { + "description": "Sets the IAM access control policy for the specified project, in the format `projects/{ProjectIdOrNumber}` e.g. projects/123. CAUTION: This method will replace the existing policy, and cannot be used to append additional IAM settings. Note: Removing service accounts from policies or changing their roles can render services completely inoperable. It is important to understand how the service account is being used before removing or updating its roles. The following constraints apply when using `setIamPolicy()`: + Project does not support `allUsers` and `allAuthenticatedUsers` as `members` in a `Binding` of a `Policy`. + The owner role can be granted to a `user`, `serviceAccount`, or a group that is part of an organization. For example, group@myownpersonaldomain.com could be added as an owner to a project in the myownpersonaldomain.com organization, but not the examplepetstore.com organization. + Service accounts can be made owners of a project directly without any restrictions. However, to be added as an owner, a user must be invited using the Cloud Platform console and must accept the invitation. + A user cannot be granted the owner role using `setIamPolicy()`. The user must be granted the owner role using the Cloud Platform Console and must explicitly accept the invitation. + Invitations to grant the owner role cannot be sent using `setIamPolicy()`; they must be sent only using the Cloud Platform Console. + If the project is not part of an organization, there must be at least one owner who has accepted the Terms of Service (ToS) agreement in the policy. Calling `setIamPolicy()` to remove the last ToS-accepted owner from the policy will fail. This restriction also applies to legacy projects that no longer have owners who have accepted the ToS. Edits to IAM policies will be rejected until the lack of a ToS-accepting owner is rectified. If the project is part of an organization, you can remove all owners, potentially making the organization inaccessible.", + "flatPath": "v3/projects/{projectsId}:setIamPolicy", + "httpMethod": "POST", + "id": "cloudresourcemanager.projects.setIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^projects/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:setIamPolicy", + "request": { + "$ref": "SetIamPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "testIamPermissions": { + "description": "Returns permissions that a caller has on the specified project, in the format `projects/{ProjectIdOrNumber}` e.g. projects/123..", + "flatPath": "v3/projects/{projectsId}:testIamPermissions", + "httpMethod": "POST", + "id": "cloudresourcemanager.projects.testIamPermissions", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^projects/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:testIamPermissions", + "request": { + "$ref": "TestIamPermissionsRequest" + }, + "response": { + "$ref": "TestIamPermissionsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "undelete": { + "description": "Restores the project identified by the specified `name` (for example, `projects/415104041262`). You can only use this method for a project that has a lifecycle state of DELETE_REQUESTED. After deletion starts, the project cannot be restored. The caller must have `resourcemanager.projects.undelete` permission for this project.", + "flatPath": "v3/projects/{projectsId}:undelete", + "httpMethod": "POST", + "id": "cloudresourcemanager.projects.undelete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the project (for example, `projects/415104041262`). Required.", + "location": "path", + "pattern": "^projects/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}:undelete", + "request": { + "$ref": "UndeleteProjectRequest" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + } + }, + "tagBindings": { + "methods": { + "create": { + "description": "Creates a TagBinding between a TagValue and a Google Cloud resource.", + "flatPath": "v3/tagBindings", + "httpMethod": "POST", + "id": "cloudresourcemanager.tagBindings.create", + "parameterOrder": [], + "parameters": { + "validateOnly": { + "description": "Optional. Set to true to perform the validations necessary for creating the resource, but not actually perform the action.", + "location": "query", + "type": "boolean" + } + }, + "path": "v3/tagBindings", + "request": { + "$ref": "TagBinding" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "Deletes a TagBinding.", + "flatPath": "v3/tagBindings/{tagBindingsId}", + "httpMethod": "DELETE", + "id": "cloudresourcemanager.tagBindings.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the TagBinding. This is a String of the form: `tagBindings/{id}` (e.g. `tagBindings/%2F%2Fcloudresourcemanager.googleapis.com%2Fprojects%2F123/tagValues/456`).", + "location": "path", + "pattern": "^tagBindings/.*$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "list": { + "description": "Lists the TagBindings for the given Google Cloud resource, as specified with `parent`. NOTE: The `parent` field is expected to be a full resource name: https://cloud.google.com/apis/design/resource_names#full_resource_name", + "flatPath": "v3/tagBindings", + "httpMethod": "GET", + "id": "cloudresourcemanager.tagBindings.list", + "parameterOrder": [], + "parameters": { + "pageSize": { + "description": "Optional. The maximum number of TagBindings to return in the response. The server allows a maximum of 300 TagBindings to return. If unspecified, the server will use 100 as the default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. A pagination token returned from a previous call to `ListTagBindings` that indicates where this listing should continue from.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The full resource name of a resource for which you want to list existing TagBindings. E.g. \"//cloudresourcemanager.googleapis.com/projects/123\"", + "location": "query", + "type": "string" + } + }, + "path": "v3/tagBindings", + "response": { + "$ref": "ListTagBindingsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + } + } + }, + "tagKeys": { + "methods": { + "create": { + "description": "Creates a new TagKey. If another request with the same parameters is sent while the original request is in process, the second request will receive an error. A maximum of 1000 TagKeys can exist under a parent at any given time.", + "flatPath": "v3/tagKeys", + "httpMethod": "POST", + "id": "cloudresourcemanager.tagKeys.create", + "parameterOrder": [], + "parameters": { + "validateOnly": { + "description": "Optional. Set to true to perform validations necessary for creating the resource, but not actually perform the action.", + "location": "query", + "type": "boolean" + } + }, + "path": "v3/tagKeys", + "request": { + "$ref": "TagKey" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "Deletes a TagKey. The TagKey cannot be deleted if it has any child TagValues.", + "flatPath": "v3/tagKeys/{tagKeysId}", + "httpMethod": "DELETE", + "id": "cloudresourcemanager.tagKeys.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "etag": { + "description": "Optional. The etag known to the client for the expected state of the TagKey. This is to be used for optimistic concurrency.", + "location": "query", + "type": "string" + }, + "name": { + "description": "Required. The resource name of a TagKey to be deleted in the format `tagKeys/123`. The TagKey cannot be a parent of any existing TagValues or it will not be deleted successfully.", + "location": "path", + "pattern": "^tagKeys/[^/]+$", + "required": true, + "type": "string" + }, + "validateOnly": { + "description": "Optional. Set as true to perform validations necessary for deletion, but not actually perform the action.", + "location": "query", + "type": "boolean" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "get": { + "description": "Retrieves a TagKey. This method will return `PERMISSION_DENIED` if the key does not exist or the user does not have permission to view it.", + "flatPath": "v3/tagKeys/{tagKeysId}", + "httpMethod": "GET", + "id": "cloudresourcemanager.tagKeys.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. A resource name in the format `tagKeys/{id}`, such as `tagKeys/123`.", + "location": "path", + "pattern": "^tagKeys/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "TagKey" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "getIamPolicy": { + "description": "Gets the access control policy for a TagKey. The returned policy may be empty if no such policy or resource exists. The `resource` field should be the TagKey's resource name. For example, \"tagKeys/1234\". The caller must have `cloudresourcemanager.googleapis.com/tagKeys.getIamPolicy` permission on the specified TagKey.", + "flatPath": "v3/tagKeys/{tagKeysId}:getIamPolicy", + "httpMethod": "POST", + "id": "cloudresourcemanager.tagKeys.getIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^tagKeys/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:getIamPolicy", + "request": { + "$ref": "GetIamPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "getNamespaced": { + "description": "Retrieves a TagKey by its namespaced name. This method will return `PERMISSION_DENIED` if the key does not exist or the user does not have permission to view it.", + "flatPath": "v3/tagKeys/namespaced", + "httpMethod": "GET", + "id": "cloudresourcemanager.tagKeys.getNamespaced", + "parameterOrder": [], + "parameters": { + "name": { + "description": "Required. A namespaced tag key name in the format `{parentId}/{tagKeyShort}`, such as `42/foo` for a key with short name \"foo\" under the organization with ID 42 or `r2-d2/bar` for a key with short name \"bar\" under the project `r2-d2`.", + "location": "query", + "type": "string" + } + }, + "path": "v3/tagKeys/namespaced", + "response": { + "$ref": "TagKey" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "list": { + "description": "Lists all TagKeys for a parent resource.", + "flatPath": "v3/tagKeys", + "httpMethod": "GET", + "id": "cloudresourcemanager.tagKeys.list", + "parameterOrder": [], + "parameters": { + "pageSize": { + "description": "Optional. The maximum number of TagKeys to return in the response. The server allows a maximum of 300 TagKeys to return. If unspecified, the server will use 100 as the default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. A pagination token returned from a previous call to `ListTagKey` that indicates where this listing should continue from.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The resource name of the TagKey's parent. Must be of the form `organizations/{org_id}` or `projects/{project_id}` or `projects/{project_number}`", + "location": "query", + "type": "string" + } + }, + "path": "v3/tagKeys", + "response": { + "$ref": "ListTagKeysResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "patch": { + "description": "Updates the attributes of the TagKey resource.", + "flatPath": "v3/tagKeys/{tagKeysId}", + "httpMethod": "PATCH", + "id": "cloudresourcemanager.tagKeys.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Immutable. The resource name for a TagKey. Must be in the format `tagKeys/{tag_key_id}`, where `tag_key_id` is the generated numeric id for the TagKey.", + "location": "path", + "pattern": "^tagKeys/[^/]+$", + "required": true, + "type": "string" + }, + "updateMask": { + "description": "Fields to be updated. The mask may only contain `description` or `etag`. If omitted entirely, both `description` and `etag` are assumed to be significant.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + }, + "validateOnly": { + "description": "Set as true to perform validations necessary for updating the resource, but not actually perform the action.", + "location": "query", + "type": "boolean" + } + }, + "path": "v3/{+name}", + "request": { + "$ref": "TagKey" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "setIamPolicy": { + "description": "Sets the access control policy on a TagKey, replacing any existing policy. The `resource` field should be the TagKey's resource name. For example, \"tagKeys/1234\". The caller must have `resourcemanager.tagKeys.setIamPolicy` permission on the identified tagValue.", + "flatPath": "v3/tagKeys/{tagKeysId}:setIamPolicy", + "httpMethod": "POST", + "id": "cloudresourcemanager.tagKeys.setIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^tagKeys/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:setIamPolicy", + "request": { + "$ref": "SetIamPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "testIamPermissions": { + "description": "Returns permissions that a caller has on the specified TagKey. The `resource` field should be the TagKey's resource name. For example, \"tagKeys/1234\". There are no permissions required for making this API call.", + "flatPath": "v3/tagKeys/{tagKeysId}:testIamPermissions", + "httpMethod": "POST", + "id": "cloudresourcemanager.tagKeys.testIamPermissions", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^tagKeys/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:testIamPermissions", + "request": { + "$ref": "TestIamPermissionsRequest" + }, + "response": { + "$ref": "TestIamPermissionsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + } + }, + "tagValues": { + "methods": { + "create": { + "description": "Creates a TagValue as a child of the specified TagKey. If a another request with the same parameters is sent while the original request is in process the second request will receive an error. A maximum of 1000 TagValues can exist under a TagKey at any given time.", + "flatPath": "v3/tagValues", + "httpMethod": "POST", + "id": "cloudresourcemanager.tagValues.create", + "parameterOrder": [], + "parameters": { + "validateOnly": { + "description": "Optional. Set as true to perform the validations necessary for creating the resource, but not actually perform the action.", + "location": "query", + "type": "boolean" + } + }, + "path": "v3/tagValues", + "request": { + "$ref": "TagValue" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "Deletes a TagValue. The TagValue cannot have any bindings when it is deleted.", + "flatPath": "v3/tagValues/{tagValuesId}", + "httpMethod": "DELETE", + "id": "cloudresourcemanager.tagValues.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "etag": { + "description": "Optional. The etag known to the client for the expected state of the TagValue. This is to be used for optimistic concurrency.", + "location": "query", + "type": "string" + }, + "name": { + "description": "Required. Resource name for TagValue to be deleted in the format tagValues/456.", + "location": "path", + "pattern": "^tagValues/[^/]+$", + "required": true, + "type": "string" + }, + "validateOnly": { + "description": "Optional. Set as true to perform the validations necessary for deletion, but not actually perform the action.", + "location": "query", + "type": "boolean" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "get": { + "description": "Retrieves a TagValue. This method will return `PERMISSION_DENIED` if the value does not exist or the user does not have permission to view it.", + "flatPath": "v3/tagValues/{tagValuesId}", + "httpMethod": "GET", + "id": "cloudresourcemanager.tagValues.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. Resource name for TagValue to be fetched in the format `tagValues/456`.", + "location": "path", + "pattern": "^tagValues/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "TagValue" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "getIamPolicy": { + "description": "Gets the access control policy for a TagValue. The returned policy may be empty if no such policy or resource exists. The `resource` field should be the TagValue's resource name. For example: `tagValues/1234`. The caller must have the `cloudresourcemanager.googleapis.com/tagValues.getIamPolicy` permission on the identified TagValue to get the access control policy.", + "flatPath": "v3/tagValues/{tagValuesId}:getIamPolicy", + "httpMethod": "POST", + "id": "cloudresourcemanager.tagValues.getIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^tagValues/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:getIamPolicy", + "request": { + "$ref": "GetIamPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "getNamespaced": { + "description": "Retrieves a TagValue by its namespaced name. This method will return `PERMISSION_DENIED` if the value does not exist or the user does not have permission to view it.", + "flatPath": "v3/tagValues/namespaced", + "httpMethod": "GET", + "id": "cloudresourcemanager.tagValues.getNamespaced", + "parameterOrder": [], + "parameters": { + "name": { + "description": "Required. A namespaced tag value name in the following format: `{parentId}/{tagKeyShort}/{tagValueShort}` Examples: - `42/foo/abc` for a value with short name \"abc\" under the key with short name \"foo\" under the organization with ID 42 - `r2-d2/bar/xyz` for a value with short name \"xyz\" under the key with short name \"bar\" under the project with ID \"r2-d2\"", + "location": "query", + "type": "string" + } + }, + "path": "v3/tagValues/namespaced", + "response": { + "$ref": "TagValue" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "list": { + "description": "Lists all TagValues for a specific TagKey.", + "flatPath": "v3/tagValues", + "httpMethod": "GET", + "id": "cloudresourcemanager.tagValues.list", + "parameterOrder": [], + "parameters": { + "pageSize": { + "description": "Optional. The maximum number of TagValues to return in the response. The server allows a maximum of 300 TagValues to return. If unspecified, the server will use 100 as the default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. A pagination token returned from a previous call to `ListTagValues` that indicates where this listing should continue from.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. Resource name for the parent of the TagValues to be listed, in the format `tagKeys/123` or `tagValues/123`.", + "location": "query", + "type": "string" + } + }, + "path": "v3/tagValues", + "response": { + "$ref": "ListTagValuesResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + }, + "patch": { + "description": "Updates the attributes of the TagValue resource.", + "flatPath": "v3/tagValues/{tagValuesId}", + "httpMethod": "PATCH", + "id": "cloudresourcemanager.tagValues.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Immutable. Resource name for TagValue in the format `tagValues/456`.", + "location": "path", + "pattern": "^tagValues/[^/]+$", + "required": true, + "type": "string" + }, + "updateMask": { + "description": "Optional. Fields to be updated.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + }, + "validateOnly": { + "description": "Optional. True to perform validations necessary for updating the resource, but not actually perform the action.", + "location": "query", + "type": "boolean" + } + }, + "path": "v3/{+name}", + "request": { + "$ref": "TagValue" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "setIamPolicy": { + "description": "Sets the access control policy on a TagValue, replacing any existing policy. The `resource` field should be the TagValue's resource name. For example: `tagValues/1234`. The caller must have `resourcemanager.tagValues.setIamPolicy` permission on the identified tagValue.", + "flatPath": "v3/tagValues/{tagValuesId}:setIamPolicy", + "httpMethod": "POST", + "id": "cloudresourcemanager.tagValues.setIamPolicy", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^tagValues/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:setIamPolicy", + "request": { + "$ref": "SetIamPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "testIamPermissions": { + "description": "Returns permissions that a caller has on the specified TagValue. The `resource` field should be the TagValue's resource name. For example: `tagValues/1234`. There are no permissions required for making this API call.", + "flatPath": "v3/tagValues/{tagValuesId}:testIamPermissions", + "httpMethod": "POST", + "id": "cloudresourcemanager.tagValues.testIamPermissions", + "parameterOrder": [ + "resource" + ], + "parameters": { + "resource": { + "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + "location": "path", + "pattern": "^tagValues/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+resource}:testIamPermissions", + "request": { + "$ref": "TestIamPermissionsRequest" + }, + "response": { + "$ref": "TestIamPermissionsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + }, + "resources": { + "tagHolds": { + "methods": { + "create": { + "description": "Creates a TagHold. Returns ALREADY_EXISTS if a TagHold with the same resource and origin exists under the same TagValue.", + "flatPath": "v3/tagValues/{tagValuesId}/tagHolds", + "httpMethod": "POST", + "id": "cloudresourcemanager.tagValues.tagHolds.create", + "parameterOrder": [ + "parent" + ], + "parameters": { + "parent": { + "description": "Required. The resource name of the TagHold's parent TagValue. Must be of the form: `tagValues/{tag-value-id}`.", + "location": "path", + "pattern": "^tagValues/[^/]+$", + "required": true, + "type": "string" + }, + "validateOnly": { + "description": "Optional. Set to true to perform the validations necessary for creating the resource, but not actually perform the action.", + "location": "query", + "type": "boolean" + } + }, + "path": "v3/{+parent}/tagHolds", + "request": { + "$ref": "TagHold" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "Deletes a TagHold.", + "flatPath": "v3/tagValues/{tagValuesId}/tagHolds/{tagHoldsId}", + "httpMethod": "DELETE", + "id": "cloudresourcemanager.tagValues.tagHolds.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name of the TagHold to delete. Must be of the form: `tagValues/{tag-value-id}/tagHolds/{tag-hold-id}`.", + "location": "path", + "pattern": "^tagValues/[^/]+/tagHolds/[^/]+$", + "required": true, + "type": "string" + }, + "validateOnly": { + "description": "Optional. Set to true to perform the validations necessary for deleting the resource, but not actually perform the action.", + "location": "query", + "type": "boolean" + } + }, + "path": "v3/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "list": { + "description": "Lists TagHolds under a TagValue.", + "flatPath": "v3/tagValues/{tagValuesId}/tagHolds", + "httpMethod": "GET", + "id": "cloudresourcemanager.tagValues.tagHolds.list", + "parameterOrder": [ + "parent" + ], + "parameters": { + "filter": { + "description": "Optional. Criteria used to select a subset of TagHolds parented by the TagValue to return. This field follows the syntax defined by aip.dev/160; the `holder` and `origin` fields are supported for filtering. Currently only `AND` syntax is supported. Some example queries are: * `holder = //compute.googleapis.com/compute/projects/myproject/regions/us-east-1/instanceGroupManagers/instance-group` * `origin = 35678234` * `holder = //compute.googleapis.com/compute/projects/myproject/regions/us-east-1/instanceGroupManagers/instance-group AND origin = 35678234`", + "location": "query", + "type": "string" + }, + "pageSize": { + "description": "Optional. The maximum number of TagHolds to return in the response. The server allows a maximum of 300 TagHolds to return. If unspecified, the server will use 100 as the default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. A pagination token returned from a previous call to `ListTagHolds` that indicates where this listing should continue from.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The resource name of the parent TagValue. Must be of the form: `tagValues/{tag-value-id}`.", + "location": "path", + "pattern": "^tagValues/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v3/{+parent}/tagHolds", + "response": { + "$ref": "ListTagHoldsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only" + ] + } + } + } + } + } + }, + "revision": "20231022", + "rootUrl": "https://cloudresourcemanager.googleapis.com/", + "schemas": { + "AuditConfig": { + "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", + "id": "AuditConfig", + "properties": { + "auditLogConfigs": { + "description": "The configuration for logging of each type of permission.", + "items": { + "$ref": "AuditLogConfig" + }, + "type": "array" + }, + "service": { + "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.", + "type": "string" + } + }, + "type": "object" + }, + "AuditLogConfig": { + "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", + "id": "AuditLogConfig", + "properties": { + "exemptedMembers": { + "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.", + "items": { + "type": "string" + }, + "type": "array" + }, + "logType": { + "description": "The log type that this config enables.", + "enum": [ + "LOG_TYPE_UNSPECIFIED", + "ADMIN_READ", + "DATA_WRITE", + "DATA_READ" + ], + "enumDescriptions": [ + "Default case. Should never be this.", + "Admin reads. Example: CloudIAM getIamPolicy", + "Data writes. Example: CloudSQL Users create", + "Data reads. Example: CloudSQL Users list" + ], + "type": "string" + } + }, + "type": "object" + }, + "Binding": { + "description": "Associates `members`, or principals, with a `role`.", + "id": "Binding", + "properties": { + "condition": { + "$ref": "Expr", + "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." + }, + "members": { + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", + "items": { + "type": "string" + }, + "type": "array" + }, + "role": { + "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.", + "type": "string" + } + }, + "type": "object" + }, + "CloudresourcemanagerGoogleCloudResourcemanagerV2alpha1FolderOperation": { + "description": "Metadata describing a long running folder operation", + "id": "CloudresourcemanagerGoogleCloudResourcemanagerV2alpha1FolderOperation", + "properties": { + "destinationParent": { + "description": "The resource name of the folder or organization we are either creating the folder under or moving the folder to.", + "type": "string" + }, + "displayName": { + "description": "The display name of the folder.", + "type": "string" + }, + "operationType": { + "description": "The type of this operation.", + "enum": [ + "OPERATION_TYPE_UNSPECIFIED", + "CREATE", + "MOVE" + ], + "enumDescriptions": [ + "Operation type not specified.", + "A create folder operation.", + "A move folder operation." + ], + "type": "string" + }, + "sourceParent": { + "description": "The resource name of the folder's parent. Only applicable when the operation_type is MOVE.", + "type": "string" + } + }, + "type": "object" + }, + "CloudresourcemanagerGoogleCloudResourcemanagerV2beta1FolderOperation": { + "description": "Metadata describing a long running folder operation", + "id": "CloudresourcemanagerGoogleCloudResourcemanagerV2beta1FolderOperation", + "properties": { + "destinationParent": { + "description": "The resource name of the folder or organization we are either creating the folder under or moving the folder to.", + "type": "string" + }, + "displayName": { + "description": "The display name of the folder.", + "type": "string" + }, + "operationType": { + "description": "The type of this operation.", + "enum": [ + "OPERATION_TYPE_UNSPECIFIED", + "CREATE", + "MOVE" + ], + "enumDescriptions": [ + "Operation type not specified.", + "A create folder operation.", + "A move folder operation." + ], + "type": "string" + }, + "sourceParent": { + "description": "The resource name of the folder's parent. Only applicable when the operation_type is MOVE.", + "type": "string" + } + }, + "type": "object" + }, + "CreateFolderMetadata": { + "description": "Metadata pertaining to the Folder creation process.", + "id": "CreateFolderMetadata", + "properties": { + "displayName": { + "description": "The display name of the folder.", + "type": "string" + }, + "parent": { + "description": "The resource name of the folder or organization we are creating the folder under.", + "type": "string" + } + }, + "type": "object" + }, + "CreateProjectMetadata": { + "description": "A status object which is used as the `metadata` field for the Operation returned by CreateProject. It provides insight for when significant phases of Project creation have completed.", + "id": "CreateProjectMetadata", + "properties": { + "createTime": { + "description": "Creation time of the project creation workflow.", + "format": "google-datetime", + "type": "string" + }, + "gettable": { + "description": "True if the project can be retrieved using `GetProject`. No other operations on the project are guaranteed to work until the project creation is complete.", + "type": "boolean" + }, + "ready": { + "description": "True if the project creation process is complete.", + "type": "boolean" + } + }, + "type": "object" + }, + "CreateTagBindingMetadata": { + "description": "Runtime operation information for creating a TagValue.", + "id": "CreateTagBindingMetadata", + "properties": {}, + "type": "object" + }, + "CreateTagKeyMetadata": { + "description": "Runtime operation information for creating a TagKey.", + "id": "CreateTagKeyMetadata", + "properties": {}, + "type": "object" + }, + "CreateTagValueMetadata": { + "description": "Runtime operation information for creating a TagValue.", + "id": "CreateTagValueMetadata", + "properties": {}, + "type": "object" + }, + "DeleteFolderMetadata": { + "description": "A status object which is used as the `metadata` field for the `Operation` returned by `DeleteFolder`.", + "id": "DeleteFolderMetadata", + "properties": {}, + "type": "object" + }, + "DeleteOrganizationMetadata": { + "description": "A status object which is used as the `metadata` field for the operation returned by DeleteOrganization.", + "id": "DeleteOrganizationMetadata", + "properties": {}, + "type": "object" + }, + "DeleteProjectMetadata": { + "description": "A status object which is used as the `metadata` field for the Operation returned by `DeleteProject`.", + "id": "DeleteProjectMetadata", + "properties": {}, + "type": "object" + }, + "DeleteTagBindingMetadata": { + "description": "Runtime operation information for deleting a TagBinding.", + "id": "DeleteTagBindingMetadata", + "properties": {}, + "type": "object" + }, + "DeleteTagKeyMetadata": { + "description": "Runtime operation information for deleting a TagKey.", + "id": "DeleteTagKeyMetadata", + "properties": {}, + "type": "object" + }, + "DeleteTagValueMetadata": { + "description": "Runtime operation information for deleting a TagValue.", + "id": "DeleteTagValueMetadata", + "properties": {}, + "type": "object" + }, + "EffectiveTag": { + "description": "An EffectiveTag represents a tag that applies to a resource during policy evaluation. Tags can be either directly bound to a resource or inherited from its ancestor. EffectiveTag contains the name and namespaced_name of the tag value and tag key, with additional fields of `inherited` to indicate the inheritance status of the effective tag.", + "id": "EffectiveTag", + "properties": { + "inherited": { + "description": "Indicates the inheritance status of a tag value attached to the given resource. If the tag value is inherited from one of the resource's ancestors, inherited will be true. If false, then the tag value is directly attached to the resource, inherited will be false.", + "type": "boolean" + }, + "namespacedTagKey": { + "description": "The namespaced name of the TagKey. Can be in the form `{organization_id}/{tag_key_short_name}` or `{project_id}/{tag_key_short_name}` or `{project_number}/{tag_key_short_name}`.", + "type": "string" + }, + "namespacedTagValue": { + "description": "The namespaced name of the TagValue. Can be in the form `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or `{project_number}/{tag_key_short_name}/{tag_value_short_name}`.", + "type": "string" + }, + "tagKey": { + "description": "The name of the TagKey, in the format `tagKeys/{id}`, such as `tagKeys/123`.", + "type": "string" + }, + "tagKeyParentName": { + "description": "The parent name of the tag key. Must be in the format `organizations/{organization_id}` or `projects/{project_number}`", + "type": "string" + }, + "tagValue": { + "description": "Resource name for TagValue in the format `tagValues/456`.", + "type": "string" + } + }, + "type": "object" + }, + "Empty": { + "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", + "id": "Empty", + "properties": {}, + "type": "object" + }, + "Expr": { + "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() \u003c 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' \u0026\u0026 document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", + "id": "Expr", + "properties": { + "description": { + "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.", + "type": "string" + }, + "expression": { + "description": "Textual representation of an expression in Common Expression Language syntax.", + "type": "string" + }, + "location": { + "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.", + "type": "string" + }, + "title": { + "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.", + "type": "string" + } + }, + "type": "object" + }, + "Folder": { + "description": "A folder in an organization's resource hierarchy, used to organize that organization's resources.", + "id": "Folder", + "properties": { + "createTime": { + "description": "Output only. Timestamp when the folder was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "deleteTime": { + "description": "Output only. Timestamp when the folder was requested to be deleted.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "displayName": { + "description": "The folder's display name. A folder's display name must be unique amongst its siblings. For example, no two folders with the same parent can share the same display name. The display name must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be no longer than 30 characters. This is captured by the regular expression: `[\\p{L}\\p{N}]([\\p{L}\\p{N}_- ]{0,28}[\\p{L}\\p{N}])?`.", + "type": "string" + }, + "etag": { + "description": "Output only. A checksum computed by the server based on the current value of the folder resource. This may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.", + "readOnly": true, + "type": "string" + }, + "name": { + "description": "Output only. The resource name of the folder. Its format is `folders/{folder_id}`, for example: \"folders/1234\".", + "readOnly": true, + "type": "string" + }, + "parent": { + "description": "Required. The folder's parent's resource name. Updates to the folder's parent must be performed using MoveFolder.", + "type": "string" + }, + "state": { + "description": "Output only. The lifecycle state of the folder. Updates to the state must be performed using DeleteFolder and UndeleteFolder.", + "enum": [ + "STATE_UNSPECIFIED", + "ACTIVE", + "DELETE_REQUESTED" + ], + "enumDescriptions": [ + "Unspecified state.", + "The normal and active state.", + "The folder has been marked for deletion by the user." + ], + "readOnly": true, + "type": "string" + }, + "updateTime": { + "description": "Output only. Timestamp when the folder was last modified.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "FolderOperation": { + "description": "Metadata describing a long running folder operation", + "id": "FolderOperation", + "properties": { + "destinationParent": { + "description": "The resource name of the folder or organization we are either creating the folder under or moving the folder to.", + "type": "string" + }, + "displayName": { + "description": "The display name of the folder.", + "type": "string" + }, + "operationType": { + "description": "The type of this operation.", + "enum": [ + "OPERATION_TYPE_UNSPECIFIED", + "CREATE", + "MOVE" + ], + "enumDescriptions": [ + "Operation type not specified.", + "A create folder operation.", + "A move folder operation." + ], + "type": "string" + }, + "sourceParent": { + "description": "The resource name of the folder's parent. Only applicable when the operation_type is MOVE.", + "type": "string" + } + }, + "type": "object" + }, + "FolderOperationError": { + "description": "A classification of the Folder Operation error.", + "id": "FolderOperationError", + "properties": { + "errorMessageId": { + "description": "The type of operation error experienced.", + "enum": [ + "ERROR_TYPE_UNSPECIFIED", + "ACTIVE_FOLDER_HEIGHT_VIOLATION", + "MAX_CHILD_FOLDERS_VIOLATION", + "FOLDER_NAME_UNIQUENESS_VIOLATION", + "RESOURCE_DELETED_VIOLATION", + "PARENT_DELETED_VIOLATION", + "CYCLE_INTRODUCED_VIOLATION", + "FOLDER_BEING_MOVED_VIOLATION", + "FOLDER_TO_DELETE_NON_EMPTY_VIOLATION", + "DELETED_FOLDER_HEIGHT_VIOLATION" + ], + "enumDescriptions": [ + "The error type was unrecognized or unspecified.", + "The attempted action would violate the max folder depth constraint.", + "The attempted action would violate the max child folders constraint.", + "The attempted action would violate the locally-unique folder display_name constraint.", + "The resource being moved has been deleted.", + "The resource a folder was being added to has been deleted.", + "The attempted action would introduce cycle in resource path.", + "The attempted action would move a folder that is already being moved.", + "The folder the caller is trying to delete contains active resources.", + "The attempted action would violate the max deleted folder depth constraint." + ], + "type": "string" + } + }, + "type": "object" + }, + "GetIamPolicyRequest": { + "description": "Request message for `GetIamPolicy` method.", + "id": "GetIamPolicyRequest", + "properties": { + "options": { + "$ref": "GetPolicyOptions", + "description": "OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`." + } + }, + "type": "object" + }, + "GetPolicyOptions": { + "description": "Encapsulates settings provided to GetIamPolicy.", + "id": "GetPolicyOptions", + "properties": { + "requestedPolicyVersion": { + "description": "Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "Lien": { + "description": "A Lien represents an encumbrance on the actions that can be performed on a resource.", + "id": "Lien", + "properties": { + "createTime": { + "description": "The creation time of this Lien.", + "format": "google-datetime", + "type": "string" + }, + "name": { + "description": "A system-generated unique identifier for this Lien. Example: `liens/1234abcd`", + "type": "string" + }, + "origin": { + "description": "A stable, user-visible/meaningful string identifying the origin of the Lien, intended to be inspected programmatically. Maximum length of 200 characters. Example: 'compute.googleapis.com'", + "type": "string" + }, + "parent": { + "description": "A reference to the resource this Lien is attached to. The server will validate the parent against those for which Liens are supported. Example: `projects/1234`", + "type": "string" + }, + "reason": { + "description": "Concise user-visible strings indicating why an action cannot be performed on a resource. Maximum length of 200 characters. Example: 'Holds production API key'", + "type": "string" + }, + "restrictions": { + "description": "The types of operations which should be blocked as a result of this Lien. Each value should correspond to an IAM permission. The server will validate the permissions against those for which Liens are supported. An empty list is meaningless and will be rejected. Example: ['resourcemanager.projects.delete']", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ListEffectiveTagsResponse": { + "description": "The response of ListEffectiveTags.", + "id": "ListEffectiveTagsResponse", + "properties": { + "effectiveTags": { + "description": "A possibly paginated list of effective tags for the specified resource.", + "items": { + "$ref": "EffectiveTag" + }, + "type": "array" + }, + "nextPageToken": { + "description": "Pagination token. If the result set is too large to fit in a single response, this token is returned. It encodes the position of the current result cursor. Feeding this value into a new list request with the `page_token` parameter gives the next page of the results. When `next_page_token` is not filled in, there is no next page and the list returned is the last page in the result set. Pagination tokens have a limited lifetime.", + "type": "string" + } + }, + "type": "object" + }, + "ListFoldersResponse": { + "description": "The ListFolders response message.", + "id": "ListFoldersResponse", + "properties": { + "folders": { + "description": "A possibly paginated list of folders that are direct descendants of the specified parent resource.", + "items": { + "$ref": "Folder" + }, + "type": "array" + }, + "nextPageToken": { + "description": "A pagination token returned from a previous call to `ListFolders` that indicates from where listing should continue.", + "type": "string" + } + }, + "type": "object" + }, + "ListLiensResponse": { + "description": "The response message for Liens.ListLiens.", + "id": "ListLiensResponse", + "properties": { + "liens": { + "description": "A list of Liens.", + "items": { + "$ref": "Lien" + }, + "type": "array" + }, + "nextPageToken": { + "description": "Token to retrieve the next page of results, or empty if there are no more results in the list.", + "type": "string" + } + }, + "type": "object" + }, + "ListProjectsResponse": { + "description": "A page of the response received from the ListProjects method. A paginated response where more pages are available has `next_page_token` set. This token can be used in a subsequent request to retrieve the next request page. NOTE: A response may contain fewer elements than the request `page_size` and still have a `next_page_token`.", + "id": "ListProjectsResponse", + "properties": { + "nextPageToken": { + "description": "Pagination token. If the result set is too large to fit in a single response, this token is returned. It encodes the position of the current result cursor. Feeding this value into a new list request with the `page_token` parameter gives the next page of the results. When `next_page_token` is not filled in, there is no next page and the list returned is the last page in the result set. Pagination tokens have a limited lifetime.", + "type": "string" + }, + "projects": { + "description": "The list of Projects under the parent. This list can be paginated.", + "items": { + "$ref": "Project" + }, + "type": "array" + } + }, + "type": "object" + }, + "ListTagBindingsResponse": { + "description": "The ListTagBindings response.", + "id": "ListTagBindingsResponse", + "properties": { + "nextPageToken": { + "description": "Pagination token. If the result set is too large to fit in a single response, this token is returned. It encodes the position of the current result cursor. Feeding this value into a new list request with the `page_token` parameter gives the next page of the results. When `next_page_token` is not filled in, there is no next page and the list returned is the last page in the result set. Pagination tokens have a limited lifetime.", + "type": "string" + }, + "tagBindings": { + "description": "A possibly paginated list of TagBindings for the specified resource.", + "items": { + "$ref": "TagBinding" + }, + "type": "array" + } + }, + "type": "object" + }, + "ListTagHoldsResponse": { + "description": "The ListTagHolds response.", + "id": "ListTagHoldsResponse", + "properties": { + "nextPageToken": { + "description": "Pagination token. If the result set is too large to fit in a single response, this token is returned. It encodes the position of the current result cursor. Feeding this value into a new list request with the `page_token` parameter gives the next page of the results. When `next_page_token` is not filled in, there is no next page and the list returned is the last page in the result set. Pagination tokens have a limited lifetime.", + "type": "string" + }, + "tagHolds": { + "description": "A possibly paginated list of TagHolds.", + "items": { + "$ref": "TagHold" + }, + "type": "array" + } + }, + "type": "object" + }, + "ListTagKeysResponse": { + "description": "The ListTagKeys response message.", + "id": "ListTagKeysResponse", + "properties": { + "nextPageToken": { + "description": "A pagination token returned from a previous call to `ListTagKeys` that indicates from where listing should continue.", + "type": "string" + }, + "tagKeys": { + "description": "List of TagKeys that live under the specified parent in the request.", + "items": { + "$ref": "TagKey" + }, + "type": "array" + } + }, + "type": "object" + }, + "ListTagValuesResponse": { + "description": "The ListTagValues response.", + "id": "ListTagValuesResponse", + "properties": { + "nextPageToken": { + "description": "A pagination token returned from a previous call to `ListTagValues` that indicates from where listing should continue. This is currently not used, but the server may at any point start supplying a valid token.", + "type": "string" + }, + "tagValues": { + "description": "A possibly paginated list of TagValues that are direct descendants of the specified parent TagKey.", + "items": { + "$ref": "TagValue" + }, + "type": "array" + } + }, + "type": "object" + }, + "MoveFolderMetadata": { + "description": "Metadata pertaining to the folder move process.", + "id": "MoveFolderMetadata", + "properties": { + "destinationParent": { + "description": "The resource name of the folder or organization to move the folder to.", + "type": "string" + }, + "displayName": { + "description": "The display name of the folder.", + "type": "string" + }, + "sourceParent": { + "description": "The resource name of the folder's parent.", + "type": "string" + } + }, + "type": "object" + }, + "MoveFolderRequest": { + "description": "The MoveFolder request message.", + "id": "MoveFolderRequest", + "properties": { + "destinationParent": { + "description": "Required. The resource name of the folder or organization which should be the folder's new parent. Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.", + "type": "string" + } + }, + "type": "object" + }, + "MoveProjectMetadata": { + "description": "A status object which is used as the `metadata` field for the Operation returned by MoveProject.", + "id": "MoveProjectMetadata", + "properties": {}, + "type": "object" + }, + "MoveProjectRequest": { + "description": "The request sent to MoveProject method.", + "id": "MoveProjectRequest", + "properties": { + "destinationParent": { + "description": "Required. The new parent to move the Project under.", + "type": "string" + } + }, + "type": "object" + }, + "Operation": { + "description": "This resource represents a long-running operation that is the result of a network API call.", + "id": "Operation", + "properties": { + "done": { + "description": "If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.", + "type": "boolean" + }, + "error": { + "$ref": "Status", + "description": "The error result of the operation in case of failure or cancellation." + }, + "metadata": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.", + "type": "object" + }, + "name": { + "description": "The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.", + "type": "string" + }, + "response": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.", + "type": "object" + } + }, + "type": "object" + }, + "Organization": { + "description": "The root node in the resource hierarchy to which a particular entity's (a company, for example) resources belong.", + "id": "Organization", + "properties": { + "createTime": { + "description": "Output only. Timestamp when the Organization was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "deleteTime": { + "description": "Output only. Timestamp when the Organization was requested for deletion.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "directoryCustomerId": { + "description": "Immutable. The G Suite / Workspace customer id used in the Directory API.", + "type": "string" + }, + "displayName": { + "description": "Output only. A human-readable string that refers to the organization in the Google Cloud Console. This string is set by the server and cannot be changed. The string will be set to the primary domain (for example, \"google.com\") of the Google Workspace customer that owns the organization.", + "readOnly": true, + "type": "string" + }, + "etag": { + "description": "Output only. A checksum computed by the server based on the current value of the Organization resource. This may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.", + "readOnly": true, + "type": "string" + }, + "name": { + "description": "Output only. The resource name of the organization. This is the organization's relative path in the API. Its format is \"organizations/[organization_id]\". For example, \"organizations/1234\".", + "readOnly": true, + "type": "string" + }, + "state": { + "description": "Output only. The organization's current lifecycle state.", + "enum": [ + "STATE_UNSPECIFIED", + "ACTIVE", + "DELETE_REQUESTED" + ], + "enumDescriptions": [ + "Unspecified state. This is only useful for distinguishing unset values.", + "The normal and active state.", + "The organization has been marked for deletion by the user." + ], + "readOnly": true, + "type": "string" + }, + "updateTime": { + "description": "Output only. Timestamp when the Organization was last modified.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "Policy": { + "description": "An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** ``` { \"bindings\": [ { \"role\": \"roles/resourcemanager.organizationAdmin\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\" ] }, { \"role\": \"roles/resourcemanager.organizationViewer\", \"members\": [ \"user:eve@example.com\" ], \"condition\": { \"title\": \"expirable access\", \"description\": \"Does not grant access after Sep 2020\", \"expression\": \"request.time \u003c timestamp('2020-10-01T00:00:00.000Z')\", } } ], \"etag\": \"BwWWja0YfJA=\", \"version\": 3 } ``` **YAML example:** ``` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time \u003c timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).", + "id": "Policy", + "properties": { + "auditConfigs": { + "description": "Specifies cloud audit logging configuration for this policy.", + "items": { + "$ref": "AuditConfig" + }, + "type": "array" + }, + "bindings": { + "description": "Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.", + "items": { + "$ref": "Binding" + }, + "type": "array" + }, + "etag": { + "description": "`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.", + "format": "byte", + "type": "string" + }, + "version": { + "description": "Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "Project": { + "description": "A project is a high-level Google Cloud entity. It is a container for ACLs, APIs, App Engine Apps, VMs, and other Google Cloud Platform resources.", + "id": "Project", + "properties": { + "createTime": { + "description": "Output only. Creation time.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "deleteTime": { + "description": "Output only. The time at which this resource was requested for deletion.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "displayName": { + "description": "Optional. A user-assigned display name of the project. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, single-quote, double-quote, space, and exclamation point. Example: `My Project`", + "type": "string" + }, + "etag": { + "description": "Output only. A checksum computed by the server based on the current value of the Project resource. This may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.", + "readOnly": true, + "type": "string" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. The labels associated with this project. Label keys must be between 1 and 63 characters long and must conform to the following regular expression: \\[a-z\\](\\[-a-z0-9\\]*\\[a-z0-9\\])?. Label values must be between 0 and 63 characters long and must conform to the regular expression (\\[a-z\\](\\[-a-z0-9\\]*\\[a-z0-9\\])?)?. No more than 64 labels can be associated with a given resource. Clients should store labels in a representation such as JSON that does not depend on specific characters being disallowed. Example: `\"myBusinessDimension\" : \"businessValue\"`", + "type": "object" + }, + "name": { + "description": "Output only. The unique resource name of the project. It is an int64 generated number prefixed by \"projects/\". Example: `projects/415104041262`", + "readOnly": true, + "type": "string" + }, + "parent": { + "description": "Optional. A reference to a parent Resource. eg., `organizations/123` or `folders/876`.", + "type": "string" + }, + "projectId": { + "description": "Immutable. The unique, user-assigned id of the project. It must be 6 to 30 lowercase ASCII letters, digits, or hyphens. It must start with a letter. Trailing hyphens are prohibited. Example: `tokyo-rain-123`", + "type": "string" + }, + "state": { + "description": "Output only. The project lifecycle state.", + "enum": [ + "STATE_UNSPECIFIED", + "ACTIVE", + "DELETE_REQUESTED" + ], + "enumDescriptions": [ + "Unspecified state. This is only used/useful for distinguishing unset values.", + "The normal and active state.", + "The project has been marked for deletion by the user (by invoking DeleteProject) or by the system (Google Cloud Platform). This can generally be reversed by invoking UndeleteProject." + ], + "readOnly": true, + "type": "string" + }, + "updateTime": { + "description": "Output only. The most recent time this resource was modified.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "ProjectCreationStatus": { + "description": "A status object which is used as the `metadata` field for the Operation returned by CreateProject. It provides insight for when significant phases of Project creation have completed.", + "id": "ProjectCreationStatus", + "properties": { + "createTime": { + "description": "Creation time of the project creation workflow.", + "format": "google-datetime", + "type": "string" + }, + "gettable": { + "description": "True if the project can be retrieved using GetProject. No other operations on the project are guaranteed to work until the project creation is complete.", + "type": "boolean" + }, + "ready": { + "description": "True if the project creation process is complete.", + "type": "boolean" + } + }, + "type": "object" + }, + "SearchFoldersResponse": { + "description": "The response message for searching folders.", + "id": "SearchFoldersResponse", + "properties": { + "folders": { + "description": "A possibly paginated folder search results. the specified parent resource.", + "items": { + "$ref": "Folder" + }, + "type": "array" + }, + "nextPageToken": { + "description": "A pagination token returned from a previous call to `SearchFolders` that indicates from where searching should continue.", + "type": "string" + } + }, + "type": "object" + }, + "SearchOrganizationsResponse": { + "description": "The response returned from the `SearchOrganizations` method.", + "id": "SearchOrganizationsResponse", + "properties": { + "nextPageToken": { + "description": "A pagination token to be used to retrieve the next page of results. If the result is too large to fit within the page size specified in the request, this field will be set with a token that can be used to fetch the next page of results. If this field is empty, it indicates that this response contains the last page of results.", + "type": "string" + }, + "organizations": { + "description": "The list of Organizations that matched the search query, possibly paginated.", + "items": { + "$ref": "Organization" + }, + "type": "array" + } + }, + "type": "object" + }, + "SearchProjectsResponse": { + "description": "A page of the response received from the SearchProjects method. A paginated response where more pages are available has `next_page_token` set. This token can be used in a subsequent request to retrieve the next request page.", + "id": "SearchProjectsResponse", + "properties": { + "nextPageToken": { + "description": "Pagination token. If the result set is too large to fit in a single response, this token is returned. It encodes the position of the current result cursor. Feeding this value into a new list request with the `page_token` parameter gives the next page of the results. When `next_page_token` is not filled in, there is no next page and the list returned is the last page in the result set. Pagination tokens have a limited lifetime.", + "type": "string" + }, + "projects": { + "description": "The list of Projects that matched the list filter query. This list can be paginated.", + "items": { + "$ref": "Project" + }, + "type": "array" + } + }, + "type": "object" + }, + "SetIamPolicyRequest": { + "description": "Request message for `SetIamPolicy` method.", + "id": "SetIamPolicyRequest", + "properties": { + "policy": { + "$ref": "Policy", + "description": "REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Google Cloud services (such as Projects) might reject them." + }, + "updateMask": { + "description": "OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: \"bindings, etag\"`", + "format": "google-fieldmask", + "type": "string" + } + }, + "type": "object" + }, + "Status": { + "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", + "id": "Status", + "properties": { + "code": { + "description": "The status code, which should be an enum value of google.rpc.Code.", + "format": "int32", + "type": "integer" + }, + "details": { + "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use.", + "items": { + "additionalProperties": { + "description": "Properties of the object. Contains field @type with type URL.", + "type": "any" + }, + "type": "object" + }, + "type": "array" + }, + "message": { + "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.", + "type": "string" + } + }, + "type": "object" + }, + "TagBinding": { + "description": "A TagBinding represents a connection between a TagValue and a cloud resource Once a TagBinding is created, the TagValue is applied to all the descendants of the Google Cloud resource.", + "id": "TagBinding", + "properties": { + "name": { + "description": "Output only. The name of the TagBinding. This is a String of the form: `tagBindings/{full-resource-name}/{tag-value-name}` (e.g. `tagBindings/%2F%2Fcloudresourcemanager.googleapis.com%2Fprojects%2F123/tagValues/456`).", + "readOnly": true, + "type": "string" + }, + "parent": { + "description": "The full resource name of the resource the TagValue is bound to. E.g. `//cloudresourcemanager.googleapis.com/projects/123`", + "type": "string" + }, + "tagValue": { + "description": "The TagValue of the TagBinding. Must be of the form `tagValues/456`.", + "type": "string" + }, + "tagValueNamespacedName": { + "description": "The namespaced name for the TagValue of the TagBinding. Must be in the format `{parent_id}/{tag_key_short_name}/{short_name}`. For methods that support TagValue namespaced name, only one of tag_value_namespaced_name or tag_value may be filled. Requests with both fields will be rejected.", + "type": "string" + } + }, + "type": "object" + }, + "TagHold": { + "description": "A TagHold represents the use of a TagValue that is not captured by TagBindings. If a TagValue has any TagHolds, deletion will be blocked. This resource is intended to be created in the same cloud location as the `holder`.", + "id": "TagHold", + "properties": { + "createTime": { + "description": "Output only. The time this TagHold was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "helpLink": { + "description": "Optional. A URL where an end user can learn more about removing this hold. E.g. `https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing`", + "type": "string" + }, + "holder": { + "description": "Required. The name of the resource where the TagValue is being used. Must be less than 200 characters. E.g. `//compute.googleapis.com/compute/projects/myproject/regions/us-east-1/instanceGroupManagers/instance-group`", + "type": "string" + }, + "name": { + "description": "Output only. The resource name of a TagHold. This is a String of the form: `tagValues/{tag-value-id}/tagHolds/{tag-hold-id}` (e.g. `tagValues/123/tagHolds/456`). This resource name is generated by the server.", + "readOnly": true, + "type": "string" + }, + "origin": { + "description": "Optional. An optional string representing the origin of this request. This field should include human-understandable information to distinguish origins from each other. Must be less than 200 characters. E.g. `migs-35678234`", + "type": "string" + } + }, + "type": "object" + }, + "TagKey": { + "description": "A TagKey, used to group a set of TagValues.", + "id": "TagKey", + "properties": { + "createTime": { + "description": "Output only. Creation time.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "description": { + "description": "Optional. User-assigned description of the TagKey. Must not exceed 256 characters. Read-write.", + "type": "string" + }, + "etag": { + "description": "Optional. Entity tag which users can pass to prevent race conditions. This field is always set in server responses. See UpdateTagKeyRequest for details.", + "type": "string" + }, + "name": { + "description": "Immutable. The resource name for a TagKey. Must be in the format `tagKeys/{tag_key_id}`, where `tag_key_id` is the generated numeric id for the TagKey.", + "type": "string" + }, + "namespacedName": { + "description": "Output only. Immutable. Namespaced name of the TagKey.", + "readOnly": true, + "type": "string" + }, + "parent": { + "description": "Immutable. The resource name of the TagKey's parent. A TagKey can be parented by an Organization or a Project. For a TagKey parented by an Organization, its parent must be in the form `organizations/{org_id}`. For a TagKey parented by a Project, its parent can be in the form `projects/{project_id}` or `projects/{project_number}`.", + "type": "string" + }, + "purpose": { + "description": "Optional. A purpose denotes that this Tag is intended for use in policies of a specific policy engine, and will involve that policy engine in management operations involving this Tag. A purpose does not grant a policy engine exclusive rights to the Tag, and it may be referenced by other policy engines. A purpose cannot be changed once set.", + "enum": [ + "PURPOSE_UNSPECIFIED", + "GCE_FIREWALL", + "DATA_GOVERNANCE" + ], + "enumDescriptions": [ + "Unspecified purpose.", + "Purpose for Compute Engine firewalls. A corresponding `purpose_data` should be set for the network the tag is intended for. The key should be `network` and the value should be in ## either of these two formats: `https://www.googleapis.com/compute/{compute_version}/projects/{project_id}/global/networks/{network_id}` - `{project_id}/{network_name}` ## Examples: `https://www.googleapis.com/compute/staging_v1/projects/fail-closed-load-testing/global/networks/6992953698831725600` - `fail-closed-load-testing/load-testing-network`", + "Purpose for data governance. Tag Values created under a key with this purpose may have Tag Value children. No `purpose_data` should be set." + ], + "type": "string" + }, + "purposeData": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Purpose data corresponds to the policy system that the tag is intended for. See documentation for `Purpose` for formatting of this field. Purpose data cannot be changed once set.", + "type": "object" + }, + "shortName": { + "description": "Required. Immutable. The user friendly name for a TagKey. The short name should be unique for TagKeys within the same tag namespace. The short name must be 1-63 characters, beginning and ending with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), underscores (_), dots (.), and alphanumerics between.", + "type": "string" + }, + "updateTime": { + "description": "Output only. Update time.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "TagValue": { + "description": "A TagValue is a child of a particular TagKey. This is used to group cloud resources for the purpose of controlling them using policies.", + "id": "TagValue", + "properties": { + "createTime": { + "description": "Output only. Creation time.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "description": { + "description": "Optional. User-assigned description of the TagValue. Must not exceed 256 characters. Read-write.", + "type": "string" + }, + "etag": { + "description": "Optional. Entity tag which users can pass to prevent race conditions. This field is always set in server responses. See UpdateTagValueRequest for details.", + "type": "string" + }, + "name": { + "description": "Immutable. Resource name for TagValue in the format `tagValues/456`.", + "type": "string" + }, + "namespacedName": { + "description": "Output only. The namespaced name of the TagValue. Can be in the form `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or `{project_number}/{tag_key_short_name}/{tag_value_short_name}`.", + "readOnly": true, + "type": "string" + }, + "parent": { + "description": "Immutable. The resource name of the new TagValue's parent TagKey. Must be of the form `tagKeys/{tag_key_id}`.", + "type": "string" + }, + "shortName": { + "description": "Required. Immutable. User-assigned short name for TagValue. The short name should be unique for TagValues within the same parent TagKey. The short name must be 63 characters or less, beginning and ending with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), underscores (_), dots (.), and alphanumerics between.", + "type": "string" + }, + "updateTime": { + "description": "Output only. Update time.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "TestIamPermissionsRequest": { + "description": "Request message for `TestIamPermissions` method.", + "id": "TestIamPermissionsRequest", + "properties": { + "permissions": { + "description": "The set of permissions to check for the `resource`. Permissions with wildcards (such as `*` or `storage.*`) are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "TestIamPermissionsResponse": { + "description": "Response message for `TestIamPermissions` method.", + "id": "TestIamPermissionsResponse", + "properties": { + "permissions": { + "description": "A subset of `TestPermissionsRequest.permissions` that the caller is allowed.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "UndeleteFolderMetadata": { + "description": "A status object which is used as the `metadata` field for the `Operation` returned by `UndeleteFolder`.", + "id": "UndeleteFolderMetadata", + "properties": {}, + "type": "object" + }, + "UndeleteFolderRequest": { + "description": "The UndeleteFolder request message.", + "id": "UndeleteFolderRequest", + "properties": {}, + "type": "object" + }, + "UndeleteOrganizationMetadata": { + "description": "A status object which is used as the `metadata` field for the Operation returned by UndeleteOrganization.", + "id": "UndeleteOrganizationMetadata", + "properties": {}, + "type": "object" + }, + "UndeleteProjectMetadata": { + "description": "A status object which is used as the `metadata` field for the Operation returned by `UndeleteProject`.", + "id": "UndeleteProjectMetadata", + "properties": {}, + "type": "object" + }, + "UndeleteProjectRequest": { + "description": "The request sent to the UndeleteProject method.", + "id": "UndeleteProjectRequest", + "properties": {}, + "type": "object" + }, + "UpdateFolderMetadata": { + "description": "A status object which is used as the `metadata` field for the Operation returned by UpdateFolder.", + "id": "UpdateFolderMetadata", + "properties": {}, + "type": "object" + }, + "UpdateProjectMetadata": { + "description": "A status object which is used as the `metadata` field for the Operation returned by UpdateProject.", + "id": "UpdateProjectMetadata", + "properties": {}, + "type": "object" + }, + "UpdateTagKeyMetadata": { + "description": "Runtime operation information for updating a TagKey.", + "id": "UpdateTagKeyMetadata", + "properties": {}, + "type": "object" + }, + "UpdateTagValueMetadata": { + "description": "Runtime operation information for updating a TagValue.", + "id": "UpdateTagValueMetadata", + "properties": {}, + "type": "object" + } + }, + "servicePath": "", + "title": "Cloud Resource Manager API", + "version": "v3", + "version_module": true +} \ No newline at end of file diff --git a/vendor/google.golang.org/api/cloudresourcemanager/v3/cloudresourcemanager-gen.go b/vendor/google.golang.org/api/cloudresourcemanager/v3/cloudresourcemanager-gen.go new file mode 100644 index 00000000000..b7a24492095 --- /dev/null +++ b/vendor/google.golang.org/api/cloudresourcemanager/v3/cloudresourcemanager-gen.go @@ -0,0 +1,11642 @@ +// Copyright 2023 Google LLC. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Code generated file. DO NOT EDIT. + +// Package cloudresourcemanager provides access to the Cloud Resource Manager API. +// +// For product documentation, see: https://cloud.google.com/resource-manager +// +// # Library status +// +// These client libraries are officially supported by Google. However, this +// library is considered complete and is in maintenance mode. This means +// that we will address critical bugs and security issues but will not add +// any new features. +// +// When possible, we recommend using our newer +// [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go) +// that are still actively being worked and iterated on. +// +// # Creating a client +// +// Usage example: +// +// import "google.golang.org/api/cloudresourcemanager/v3" +// ... +// ctx := context.Background() +// cloudresourcemanagerService, err := cloudresourcemanager.NewService(ctx) +// +// In this example, Google Application Default Credentials are used for +// authentication. For information on how to create and obtain Application +// Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials. +// +// # Other authentication options +// +// By default, all available scopes (see "Constants") are used to authenticate. +// To restrict scopes, use [google.golang.org/api/option.WithScopes]: +// +// cloudresourcemanagerService, err := cloudresourcemanager.NewService(ctx, option.WithScopes(cloudresourcemanager.CloudPlatformReadOnlyScope)) +// +// To use an API key for authentication (note: some APIs do not support API +// keys), use [google.golang.org/api/option.WithAPIKey]: +// +// cloudresourcemanagerService, err := cloudresourcemanager.NewService(ctx, option.WithAPIKey("AIza...")) +// +// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth +// flow, use [google.golang.org/api/option.WithTokenSource]: +// +// config := &oauth2.Config{...} +// // ... +// token, err := config.Exchange(ctx, ...) +// cloudresourcemanagerService, err := cloudresourcemanager.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token))) +// +// See [google.golang.org/api/option.ClientOption] for details on options. +package cloudresourcemanager // import "google.golang.org/api/cloudresourcemanager/v3" + +import ( + "bytes" + "context" + "encoding/json" + "errors" + "fmt" + "io" + "net/http" + "net/url" + "strconv" + "strings" + + googleapi "google.golang.org/api/googleapi" + internal "google.golang.org/api/internal" + gensupport "google.golang.org/api/internal/gensupport" + option "google.golang.org/api/option" + internaloption "google.golang.org/api/option/internaloption" + htransport "google.golang.org/api/transport/http" +) + +// Always reference these packages, just in case the auto-generated code +// below doesn't. +var _ = bytes.NewBuffer +var _ = strconv.Itoa +var _ = fmt.Sprintf +var _ = json.NewDecoder +var _ = io.Copy +var _ = url.Parse +var _ = gensupport.MarshalJSON +var _ = googleapi.Version +var _ = errors.New +var _ = strings.Replace +var _ = context.Canceled +var _ = internaloption.WithDefaultEndpoint +var _ = internal.Version + +const apiId = "cloudresourcemanager:v3" +const apiName = "cloudresourcemanager" +const apiVersion = "v3" +const basePath = "https://cloudresourcemanager.googleapis.com/" +const mtlsBasePath = "https://cloudresourcemanager.mtls.googleapis.com/" + +// OAuth2 scopes used by this API. +const ( + // See, edit, configure, and delete your Google Cloud data and see the + // email address for your Google Account. + CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" + + // View your data across Google Cloud services and see the email address + // of your Google Account + CloudPlatformReadOnlyScope = "https://www.googleapis.com/auth/cloud-platform.read-only" +) + +// NewService creates a new Service. +func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { + scopesOption := internaloption.WithDefaultScopes( + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/cloud-platform.read-only", + ) + // NOTE: prepend, so we don't override user-specified scopes. + opts = append([]option.ClientOption{scopesOption}, opts...) + opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) + opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) + client, endpoint, err := htransport.NewClient(ctx, opts...) + if err != nil { + return nil, err + } + s, err := New(client) + if err != nil { + return nil, err + } + if endpoint != "" { + s.BasePath = endpoint + } + return s, nil +} + +// New creates a new Service. It uses the provided http.Client for requests. +// +// Deprecated: please use NewService instead. +// To provide a custom HTTP client, use option.WithHTTPClient. +// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead. +func New(client *http.Client) (*Service, error) { + if client == nil { + return nil, errors.New("client is nil") + } + s := &Service{client: client, BasePath: basePath} + s.EffectiveTags = NewEffectiveTagsService(s) + s.Folders = NewFoldersService(s) + s.Liens = NewLiensService(s) + s.Operations = NewOperationsService(s) + s.Organizations = NewOrganizationsService(s) + s.Projects = NewProjectsService(s) + s.TagBindings = NewTagBindingsService(s) + s.TagKeys = NewTagKeysService(s) + s.TagValues = NewTagValuesService(s) + return s, nil +} + +type Service struct { + client *http.Client + BasePath string // API endpoint base URL + UserAgent string // optional additional User-Agent fragment + + EffectiveTags *EffectiveTagsService + + Folders *FoldersService + + Liens *LiensService + + Operations *OperationsService + + Organizations *OrganizationsService + + Projects *ProjectsService + + TagBindings *TagBindingsService + + TagKeys *TagKeysService + + TagValues *TagValuesService +} + +func (s *Service) userAgent() string { + if s.UserAgent == "" { + return googleapi.UserAgent + } + return googleapi.UserAgent + " " + s.UserAgent +} + +func NewEffectiveTagsService(s *Service) *EffectiveTagsService { + rs := &EffectiveTagsService{s: s} + return rs +} + +type EffectiveTagsService struct { + s *Service +} + +func NewFoldersService(s *Service) *FoldersService { + rs := &FoldersService{s: s} + return rs +} + +type FoldersService struct { + s *Service +} + +func NewLiensService(s *Service) *LiensService { + rs := &LiensService{s: s} + return rs +} + +type LiensService struct { + s *Service +} + +func NewOperationsService(s *Service) *OperationsService { + rs := &OperationsService{s: s} + return rs +} + +type OperationsService struct { + s *Service +} + +func NewOrganizationsService(s *Service) *OrganizationsService { + rs := &OrganizationsService{s: s} + return rs +} + +type OrganizationsService struct { + s *Service +} + +func NewProjectsService(s *Service) *ProjectsService { + rs := &ProjectsService{s: s} + return rs +} + +type ProjectsService struct { + s *Service +} + +func NewTagBindingsService(s *Service) *TagBindingsService { + rs := &TagBindingsService{s: s} + return rs +} + +type TagBindingsService struct { + s *Service +} + +func NewTagKeysService(s *Service) *TagKeysService { + rs := &TagKeysService{s: s} + return rs +} + +type TagKeysService struct { + s *Service +} + +func NewTagValuesService(s *Service) *TagValuesService { + rs := &TagValuesService{s: s} + rs.TagHolds = NewTagValuesTagHoldsService(s) + return rs +} + +type TagValuesService struct { + s *Service + + TagHolds *TagValuesTagHoldsService +} + +func NewTagValuesTagHoldsService(s *Service) *TagValuesTagHoldsService { + rs := &TagValuesTagHoldsService{s: s} + return rs +} + +type TagValuesTagHoldsService struct { + s *Service +} + +// AuditConfig: Specifies the audit configuration for a service. The +// configuration determines which permission types are logged, and what +// identities, if any, are exempted from logging. An AuditConfig must +// have one or more AuditLogConfigs. If there are AuditConfigs for both +// `allServices` and a specific service, the union of the two +// AuditConfigs is used for that service: the log_types specified in +// each AuditConfig are enabled, and the exempted_members in each +// AuditLogConfig are exempted. Example Policy with multiple +// AuditConfigs: { "audit_configs": [ { "service": "allServices", +// "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": +// [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { +// "log_type": "ADMIN_READ" } ] }, { "service": +// "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": +// "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ +// "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy +// enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts +// `jose@example.com` from DATA_READ logging, and `aliya@example.com` +// from DATA_WRITE logging. +type AuditConfig struct { + // AuditLogConfigs: The configuration for logging of each type of + // permission. + AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"` + + // Service: Specifies a service that will be enabled for audit logging. + // For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + // `allServices` is a special value that covers all services. + Service string `json:"service,omitempty"` + + // ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "AuditLogConfigs") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *AuditConfig) MarshalJSON() ([]byte, error) { + type NoMethod AuditConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// AuditLogConfig: Provides the configuration for logging a type of +// permissions. Example: { "audit_log_configs": [ { "log_type": +// "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { +// "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and +// 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ +// logging. +type AuditLogConfig struct { + // ExemptedMembers: Specifies the identities that do not cause logging + // for this type of permission. Follows the same format of + // Binding.members. + ExemptedMembers []string `json:"exemptedMembers,omitempty"` + + // LogType: The log type that this config enables. + // + // Possible values: + // "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this. + // "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy + // "DATA_WRITE" - Data writes. Example: CloudSQL Users create + // "DATA_READ" - Data reads. Example: CloudSQL Users list + LogType string `json:"logType,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ExemptedMembers") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "ExemptedMembers") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { + type NoMethod AuditLogConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// Binding: Associates `members`, or principals, with a `role`. +type Binding struct { + // Condition: The condition that is associated with this binding. If the + // condition evaluates to `true`, then this binding applies to the + // current request. If the condition evaluates to `false`, then this + // binding does not apply to the current request. However, a different + // role binding might grant the same role to one or more of the + // principals in this binding. To learn which resources support + // conditions in their IAM policies, see the IAM documentation + // (https://cloud.google.com/iam/help/conditions/resource-policies). + Condition *Expr `json:"condition,omitempty"` + + // Members: Specifies the principals requesting access for a Google + // Cloud resource. `members` can have the following values: * + // `allUsers`: A special identifier that represents anyone who is on the + // internet; with or without a Google account. * + // `allAuthenticatedUsers`: A special identifier that represents anyone + // who is authenticated with a Google account or a service account. Does + // not include identities that come from external identity providers + // (IdPs) through identity federation. * `user:{emailid}`: An email + // address that represents a specific Google account. For example, + // `alice@example.com` . * `serviceAccount:{emailid}`: An email address + // that represents a Google service account. For example, + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * `domain:{domain}`: The G Suite + // domain (primary) that represents all the users of that domain. For + // example, `google.com` or `example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * + // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address + // (plus unique identifier) representing a service account that has been + // recently deleted. For example, + // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. + // If the service account is undeleted, this value reverts to + // `serviceAccount:{emailid}` and the undeleted service account retains + // the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: + // An email address (plus unique identifier) representing a Google group + // that has been recently deleted. For example, + // `admins@example.com?uid=123456789012345678901`. If the group is + // recovered, this value reverts to `group:{emailid}` and the recovered + // group retains the role in the binding. + Members []string `json:"members,omitempty"` + + // Role: Role that is assigned to the list of `members`, or principals. + // For example, `roles/viewer`, `roles/editor`, or `roles/owner`. + Role string `json:"role,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Condition") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Condition") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *Binding) MarshalJSON() ([]byte, error) { + type NoMethod Binding + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// CloudresourcemanagerGoogleCloudResourcemanagerV2alpha1FolderOperation: +// +// Metadata describing a long running folder operation +type CloudresourcemanagerGoogleCloudResourcemanagerV2alpha1FolderOperation struct { + // DestinationParent: The resource name of the folder or organization we + // are either creating the folder under or moving the folder to. + DestinationParent string `json:"destinationParent,omitempty"` + + // DisplayName: The display name of the folder. + DisplayName string `json:"displayName,omitempty"` + + // OperationType: The type of this operation. + // + // Possible values: + // "OPERATION_TYPE_UNSPECIFIED" - Operation type not specified. + // "CREATE" - A create folder operation. + // "MOVE" - A move folder operation. + OperationType string `json:"operationType,omitempty"` + + // SourceParent: The resource name of the folder's parent. Only + // applicable when the operation_type is MOVE. + SourceParent string `json:"sourceParent,omitempty"` + + // ForceSendFields is a list of field names (e.g. "DestinationParent") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DestinationParent") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *CloudresourcemanagerGoogleCloudResourcemanagerV2alpha1FolderOperation) MarshalJSON() ([]byte, error) { + type NoMethod CloudresourcemanagerGoogleCloudResourcemanagerV2alpha1FolderOperation + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// CloudresourcemanagerGoogleCloudResourcemanagerV2beta1FolderOperation: +// Metadata describing a long running folder operation +type CloudresourcemanagerGoogleCloudResourcemanagerV2beta1FolderOperation struct { + // DestinationParent: The resource name of the folder or organization we + // are either creating the folder under or moving the folder to. + DestinationParent string `json:"destinationParent,omitempty"` + + // DisplayName: The display name of the folder. + DisplayName string `json:"displayName,omitempty"` + + // OperationType: The type of this operation. + // + // Possible values: + // "OPERATION_TYPE_UNSPECIFIED" - Operation type not specified. + // "CREATE" - A create folder operation. + // "MOVE" - A move folder operation. + OperationType string `json:"operationType,omitempty"` + + // SourceParent: The resource name of the folder's parent. Only + // applicable when the operation_type is MOVE. + SourceParent string `json:"sourceParent,omitempty"` + + // ForceSendFields is a list of field names (e.g. "DestinationParent") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DestinationParent") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *CloudresourcemanagerGoogleCloudResourcemanagerV2beta1FolderOperation) MarshalJSON() ([]byte, error) { + type NoMethod CloudresourcemanagerGoogleCloudResourcemanagerV2beta1FolderOperation + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// CreateFolderMetadata: Metadata pertaining to the Folder creation +// process. +type CreateFolderMetadata struct { + // DisplayName: The display name of the folder. + DisplayName string `json:"displayName,omitempty"` + + // Parent: The resource name of the folder or organization we are + // creating the folder under. + Parent string `json:"parent,omitempty"` + + // ForceSendFields is a list of field names (e.g. "DisplayName") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DisplayName") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *CreateFolderMetadata) MarshalJSON() ([]byte, error) { + type NoMethod CreateFolderMetadata + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// CreateProjectMetadata: A status object which is used as the +// `metadata` field for the Operation returned by CreateProject. It +// provides insight for when significant phases of Project creation have +// completed. +type CreateProjectMetadata struct { + // CreateTime: Creation time of the project creation workflow. + CreateTime string `json:"createTime,omitempty"` + + // Gettable: True if the project can be retrieved using `GetProject`. No + // other operations on the project are guaranteed to work until the + // project creation is complete. + Gettable bool `json:"gettable,omitempty"` + + // Ready: True if the project creation process is complete. + Ready bool `json:"ready,omitempty"` + + // ForceSendFields is a list of field names (e.g. "CreateTime") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "CreateTime") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *CreateProjectMetadata) MarshalJSON() ([]byte, error) { + type NoMethod CreateProjectMetadata + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// CreateTagBindingMetadata: Runtime operation information for creating +// a TagValue. +type CreateTagBindingMetadata struct { +} + +// CreateTagKeyMetadata: Runtime operation information for creating a +// TagKey. +type CreateTagKeyMetadata struct { +} + +// CreateTagValueMetadata: Runtime operation information for creating a +// TagValue. +type CreateTagValueMetadata struct { +} + +// DeleteFolderMetadata: A status object which is used as the `metadata` +// field for the `Operation` returned by `DeleteFolder`. +type DeleteFolderMetadata struct { +} + +// DeleteOrganizationMetadata: A status object which is used as the +// `metadata` field for the operation returned by DeleteOrganization. +type DeleteOrganizationMetadata struct { +} + +// DeleteProjectMetadata: A status object which is used as the +// `metadata` field for the Operation returned by `DeleteProject`. +type DeleteProjectMetadata struct { +} + +// DeleteTagBindingMetadata: Runtime operation information for deleting +// a TagBinding. +type DeleteTagBindingMetadata struct { +} + +// DeleteTagKeyMetadata: Runtime operation information for deleting a +// TagKey. +type DeleteTagKeyMetadata struct { +} + +// DeleteTagValueMetadata: Runtime operation information for deleting a +// TagValue. +type DeleteTagValueMetadata struct { +} + +// EffectiveTag: An EffectiveTag represents a tag that applies to a +// resource during policy evaluation. Tags can be either directly bound +// to a resource or inherited from its ancestor. EffectiveTag contains +// the name and namespaced_name of the tag value and tag key, with +// additional fields of `inherited` to indicate the inheritance status +// of the effective tag. +type EffectiveTag struct { + // Inherited: Indicates the inheritance status of a tag value attached + // to the given resource. If the tag value is inherited from one of the + // resource's ancestors, inherited will be true. If false, then the tag + // value is directly attached to the resource, inherited will be false. + Inherited bool `json:"inherited,omitempty"` + + // NamespacedTagKey: The namespaced name of the TagKey. Can be in the + // form `{organization_id}/{tag_key_short_name}` or + // `{project_id}/{tag_key_short_name}` or + // `{project_number}/{tag_key_short_name}`. + NamespacedTagKey string `json:"namespacedTagKey,omitempty"` + + // NamespacedTagValue: The namespaced name of the TagValue. Can be in + // the form + // `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or + // `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or + // `{project_number}/{tag_key_short_name}/{tag_value_short_name}`. + NamespacedTagValue string `json:"namespacedTagValue,omitempty"` + + // TagKey: The name of the TagKey, in the format `tagKeys/{id}`, such as + // `tagKeys/123`. + TagKey string `json:"tagKey,omitempty"` + + // TagKeyParentName: The parent name of the tag key. Must be in the + // format `organizations/{organization_id}` or + // `projects/{project_number}` + TagKeyParentName string `json:"tagKeyParentName,omitempty"` + + // TagValue: Resource name for TagValue in the format `tagValues/456`. + TagValue string `json:"tagValue,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Inherited") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Inherited") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *EffectiveTag) MarshalJSON() ([]byte, error) { + type NoMethod EffectiveTag + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// Empty: A generic empty message that you can re-use to avoid defining +// duplicated empty messages in your APIs. A typical example is to use +// it as the request or the response type of an API method. For +// instance: service Foo { rpc Bar(google.protobuf.Empty) returns +// (google.protobuf.Empty); } +type Empty struct { + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` +} + +// Expr: Represents a textual expression in the Common Expression +// Language (CEL) syntax. CEL is a C-like expression language. The +// syntax and semantics of CEL are documented at +// https://github.com/google/cel-spec. Example (Comparison): title: +// "Summary size limit" description: "Determines if a summary is less +// than 100 chars" expression: "document.summary.size() < 100" Example +// (Equality): title: "Requestor is owner" description: "Determines if +// requestor is the document owner" expression: "document.owner == +// request.auth.claims.email" Example (Logic): title: "Public documents" +// description: "Determine whether the document should be publicly +// visible" expression: "document.type != 'private' && document.type != +// 'internal'" Example (Data Manipulation): title: "Notification string" +// description: "Create a notification string with a timestamp." +// expression: "'New message received at ' + +// string(document.create_time)" The exact variables and functions that +// may be referenced within an expression are determined by the service +// that evaluates it. See the service documentation for additional +// information. +type Expr struct { + // Description: Optional. Description of the expression. This is a + // longer text which describes the expression, e.g. when hovered over it + // in a UI. + Description string `json:"description,omitempty"` + + // Expression: Textual representation of an expression in Common + // Expression Language syntax. + Expression string `json:"expression,omitempty"` + + // Location: Optional. String indicating the location of the expression + // for error reporting, e.g. a file name and a position in the file. + Location string `json:"location,omitempty"` + + // Title: Optional. Title for the expression, i.e. a short string + // describing its purpose. This can be used e.g. in UIs which allow to + // enter the expression. + Title string `json:"title,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Description") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Description") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *Expr) MarshalJSON() ([]byte, error) { + type NoMethod Expr + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// Folder: A folder in an organization's resource hierarchy, used to +// organize that organization's resources. +type Folder struct { + // CreateTime: Output only. Timestamp when the folder was created. + CreateTime string `json:"createTime,omitempty"` + + // DeleteTime: Output only. Timestamp when the folder was requested to + // be deleted. + DeleteTime string `json:"deleteTime,omitempty"` + + // DisplayName: The folder's display name. A folder's display name must + // be unique amongst its siblings. For example, no two folders with the + // same parent can share the same display name. The display name must + // start and end with a letter or digit, may contain letters, digits, + // spaces, hyphens and underscores and can be no longer than 30 + // characters. This is captured by the regular expression: + // `[\p{L}\p{N}]([\p{L}\p{N}_- ]{0,28}[\p{L}\p{N}])?`. + DisplayName string `json:"displayName,omitempty"` + + // Etag: Output only. A checksum computed by the server based on the + // current value of the folder resource. This may be sent on update and + // delete requests to ensure the client has an up-to-date value before + // proceeding. + Etag string `json:"etag,omitempty"` + + // Name: Output only. The resource name of the folder. Its format is + // `folders/{folder_id}`, for example: "folders/1234". + Name string `json:"name,omitempty"` + + // Parent: Required. The folder's parent's resource name. Updates to the + // folder's parent must be performed using MoveFolder. + Parent string `json:"parent,omitempty"` + + // State: Output only. The lifecycle state of the folder. Updates to the + // state must be performed using DeleteFolder and UndeleteFolder. + // + // Possible values: + // "STATE_UNSPECIFIED" - Unspecified state. + // "ACTIVE" - The normal and active state. + // "DELETE_REQUESTED" - The folder has been marked for deletion by the + // user. + State string `json:"state,omitempty"` + + // UpdateTime: Output only. Timestamp when the folder was last modified. + UpdateTime string `json:"updateTime,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "CreateTime") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "CreateTime") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *Folder) MarshalJSON() ([]byte, error) { + type NoMethod Folder + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// FolderOperation: Metadata describing a long running folder operation +type FolderOperation struct { + // DestinationParent: The resource name of the folder or organization we + // are either creating the folder under or moving the folder to. + DestinationParent string `json:"destinationParent,omitempty"` + + // DisplayName: The display name of the folder. + DisplayName string `json:"displayName,omitempty"` + + // OperationType: The type of this operation. + // + // Possible values: + // "OPERATION_TYPE_UNSPECIFIED" - Operation type not specified. + // "CREATE" - A create folder operation. + // "MOVE" - A move folder operation. + OperationType string `json:"operationType,omitempty"` + + // SourceParent: The resource name of the folder's parent. Only + // applicable when the operation_type is MOVE. + SourceParent string `json:"sourceParent,omitempty"` + + // ForceSendFields is a list of field names (e.g. "DestinationParent") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DestinationParent") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *FolderOperation) MarshalJSON() ([]byte, error) { + type NoMethod FolderOperation + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// FolderOperationError: A classification of the Folder Operation error. +type FolderOperationError struct { + // ErrorMessageId: The type of operation error experienced. + // + // Possible values: + // "ERROR_TYPE_UNSPECIFIED" - The error type was unrecognized or + // unspecified. + // "ACTIVE_FOLDER_HEIGHT_VIOLATION" - The attempted action would + // violate the max folder depth constraint. + // "MAX_CHILD_FOLDERS_VIOLATION" - The attempted action would violate + // the max child folders constraint. + // "FOLDER_NAME_UNIQUENESS_VIOLATION" - The attempted action would + // violate the locally-unique folder display_name constraint. + // "RESOURCE_DELETED_VIOLATION" - The resource being moved has been + // deleted. + // "PARENT_DELETED_VIOLATION" - The resource a folder was being added + // to has been deleted. + // "CYCLE_INTRODUCED_VIOLATION" - The attempted action would introduce + // cycle in resource path. + // "FOLDER_BEING_MOVED_VIOLATION" - The attempted action would move a + // folder that is already being moved. + // "FOLDER_TO_DELETE_NON_EMPTY_VIOLATION" - The folder the caller is + // trying to delete contains active resources. + // "DELETED_FOLDER_HEIGHT_VIOLATION" - The attempted action would + // violate the max deleted folder depth constraint. + ErrorMessageId string `json:"errorMessageId,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ErrorMessageId") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "ErrorMessageId") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *FolderOperationError) MarshalJSON() ([]byte, error) { + type NoMethod FolderOperationError + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// GetIamPolicyRequest: Request message for `GetIamPolicy` method. +type GetIamPolicyRequest struct { + // Options: OPTIONAL: A `GetPolicyOptions` object for specifying options + // to `GetIamPolicy`. + Options *GetPolicyOptions `json:"options,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Options") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Options") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *GetIamPolicyRequest) MarshalJSON() ([]byte, error) { + type NoMethod GetIamPolicyRequest + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// GetPolicyOptions: Encapsulates settings provided to GetIamPolicy. +type GetPolicyOptions struct { + // RequestedPolicyVersion: Optional. The maximum policy version that + // will be used to format the policy. Valid values are 0, 1, and 3. + // Requests specifying an invalid value will be rejected. Requests for + // policies with any conditional role bindings must specify version 3. + // Policies with no conditional role bindings may specify any valid + // value or leave the field unset. The policy in the response might use + // the policy version that you specified, or it might use a lower policy + // version. For example, if you specify version 3, but the policy has no + // conditional role bindings, the response uses version 1. To learn + // which resources support conditions in their IAM policies, see the IAM + // documentation + // (https://cloud.google.com/iam/help/conditions/resource-policies). + RequestedPolicyVersion int64 `json:"requestedPolicyVersion,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "RequestedPolicyVersion") to unconditionally include in API requests. + // By default, fields with empty or default values are omitted from API + // requests. However, any non-pointer, non-interface field appearing in + // ForceSendFields will be sent to the server regardless of whether the + // field is empty or not. This may be used to include empty fields in + // Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "RequestedPolicyVersion") + // to include in API requests with the JSON null value. By default, + // fields with empty values are omitted from API requests. However, any + // field with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *GetPolicyOptions) MarshalJSON() ([]byte, error) { + type NoMethod GetPolicyOptions + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// Lien: A Lien represents an encumbrance on the actions that can be +// performed on a resource. +type Lien struct { + // CreateTime: The creation time of this Lien. + CreateTime string `json:"createTime,omitempty"` + + // Name: A system-generated unique identifier for this Lien. Example: + // `liens/1234abcd` + Name string `json:"name,omitempty"` + + // Origin: A stable, user-visible/meaningful string identifying the + // origin of the Lien, intended to be inspected programmatically. + // Maximum length of 200 characters. Example: 'compute.googleapis.com' + Origin string `json:"origin,omitempty"` + + // Parent: A reference to the resource this Lien is attached to. The + // server will validate the parent against those for which Liens are + // supported. Example: `projects/1234` + Parent string `json:"parent,omitempty"` + + // Reason: Concise user-visible strings indicating why an action cannot + // be performed on a resource. Maximum length of 200 characters. + // Example: 'Holds production API key' + Reason string `json:"reason,omitempty"` + + // Restrictions: The types of operations which should be blocked as a + // result of this Lien. Each value should correspond to an IAM + // permission. The server will validate the permissions against those + // for which Liens are supported. An empty list is meaningless and will + // be rejected. Example: ['resourcemanager.projects.delete'] + Restrictions []string `json:"restrictions,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "CreateTime") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "CreateTime") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *Lien) MarshalJSON() ([]byte, error) { + type NoMethod Lien + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// ListEffectiveTagsResponse: The response of ListEffectiveTags. +type ListEffectiveTagsResponse struct { + // EffectiveTags: A possibly paginated list of effective tags for the + // specified resource. + EffectiveTags []*EffectiveTag `json:"effectiveTags,omitempty"` + + // NextPageToken: Pagination token. If the result set is too large to + // fit in a single response, this token is returned. It encodes the + // position of the current result cursor. Feeding this value into a new + // list request with the `page_token` parameter gives the next page of + // the results. When `next_page_token` is not filled in, there is no + // next page and the list returned is the last page in the result set. + // Pagination tokens have a limited lifetime. + NextPageToken string `json:"nextPageToken,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "EffectiveTags") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "EffectiveTags") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *ListEffectiveTagsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListEffectiveTagsResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// ListFoldersResponse: The ListFolders response message. +type ListFoldersResponse struct { + // Folders: A possibly paginated list of folders that are direct + // descendants of the specified parent resource. + Folders []*Folder `json:"folders,omitempty"` + + // NextPageToken: A pagination token returned from a previous call to + // `ListFolders` that indicates from where listing should continue. + NextPageToken string `json:"nextPageToken,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "Folders") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Folders") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *ListFoldersResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListFoldersResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// ListLiensResponse: The response message for Liens.ListLiens. +type ListLiensResponse struct { + // Liens: A list of Liens. + Liens []*Lien `json:"liens,omitempty"` + + // NextPageToken: Token to retrieve the next page of results, or empty + // if there are no more results in the list. + NextPageToken string `json:"nextPageToken,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "Liens") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Liens") to include in API + // requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *ListLiensResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListLiensResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// ListProjectsResponse: A page of the response received from the +// ListProjects method. A paginated response where more pages are +// available has `next_page_token` set. This token can be used in a +// subsequent request to retrieve the next request page. NOTE: A +// response may contain fewer elements than the request `page_size` and +// still have a `next_page_token`. +type ListProjectsResponse struct { + // NextPageToken: Pagination token. If the result set is too large to + // fit in a single response, this token is returned. It encodes the + // position of the current result cursor. Feeding this value into a new + // list request with the `page_token` parameter gives the next page of + // the results. When `next_page_token` is not filled in, there is no + // next page and the list returned is the last page in the result set. + // Pagination tokens have a limited lifetime. + NextPageToken string `json:"nextPageToken,omitempty"` + + // Projects: The list of Projects under the parent. This list can be + // paginated. + Projects []*Project `json:"projects,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "NextPageToken") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "NextPageToken") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *ListProjectsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListProjectsResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// ListTagBindingsResponse: The ListTagBindings response. +type ListTagBindingsResponse struct { + // NextPageToken: Pagination token. If the result set is too large to + // fit in a single response, this token is returned. It encodes the + // position of the current result cursor. Feeding this value into a new + // list request with the `page_token` parameter gives the next page of + // the results. When `next_page_token` is not filled in, there is no + // next page and the list returned is the last page in the result set. + // Pagination tokens have a limited lifetime. + NextPageToken string `json:"nextPageToken,omitempty"` + + // TagBindings: A possibly paginated list of TagBindings for the + // specified resource. + TagBindings []*TagBinding `json:"tagBindings,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "NextPageToken") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "NextPageToken") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *ListTagBindingsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListTagBindingsResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// ListTagHoldsResponse: The ListTagHolds response. +type ListTagHoldsResponse struct { + // NextPageToken: Pagination token. If the result set is too large to + // fit in a single response, this token is returned. It encodes the + // position of the current result cursor. Feeding this value into a new + // list request with the `page_token` parameter gives the next page of + // the results. When `next_page_token` is not filled in, there is no + // next page and the list returned is the last page in the result set. + // Pagination tokens have a limited lifetime. + NextPageToken string `json:"nextPageToken,omitempty"` + + // TagHolds: A possibly paginated list of TagHolds. + TagHolds []*TagHold `json:"tagHolds,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "NextPageToken") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "NextPageToken") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *ListTagHoldsResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListTagHoldsResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// ListTagKeysResponse: The ListTagKeys response message. +type ListTagKeysResponse struct { + // NextPageToken: A pagination token returned from a previous call to + // `ListTagKeys` that indicates from where listing should continue. + NextPageToken string `json:"nextPageToken,omitempty"` + + // TagKeys: List of TagKeys that live under the specified parent in the + // request. + TagKeys []*TagKey `json:"tagKeys,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "NextPageToken") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "NextPageToken") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *ListTagKeysResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListTagKeysResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// ListTagValuesResponse: The ListTagValues response. +type ListTagValuesResponse struct { + // NextPageToken: A pagination token returned from a previous call to + // `ListTagValues` that indicates from where listing should continue. + // This is currently not used, but the server may at any point start + // supplying a valid token. + NextPageToken string `json:"nextPageToken,omitempty"` + + // TagValues: A possibly paginated list of TagValues that are direct + // descendants of the specified parent TagKey. + TagValues []*TagValue `json:"tagValues,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "NextPageToken") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "NextPageToken") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *ListTagValuesResponse) MarshalJSON() ([]byte, error) { + type NoMethod ListTagValuesResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// MoveFolderMetadata: Metadata pertaining to the folder move process. +type MoveFolderMetadata struct { + // DestinationParent: The resource name of the folder or organization to + // move the folder to. + DestinationParent string `json:"destinationParent,omitempty"` + + // DisplayName: The display name of the folder. + DisplayName string `json:"displayName,omitempty"` + + // SourceParent: The resource name of the folder's parent. + SourceParent string `json:"sourceParent,omitempty"` + + // ForceSendFields is a list of field names (e.g. "DestinationParent") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DestinationParent") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *MoveFolderMetadata) MarshalJSON() ([]byte, error) { + type NoMethod MoveFolderMetadata + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// MoveFolderRequest: The MoveFolder request message. +type MoveFolderRequest struct { + // DestinationParent: Required. The resource name of the folder or + // organization which should be the folder's new parent. Must be of the + // form `folders/{folder_id}` or `organizations/{org_id}`. + DestinationParent string `json:"destinationParent,omitempty"` + + // ForceSendFields is a list of field names (e.g. "DestinationParent") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DestinationParent") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *MoveFolderRequest) MarshalJSON() ([]byte, error) { + type NoMethod MoveFolderRequest + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// MoveProjectMetadata: A status object which is used as the `metadata` +// field for the Operation returned by MoveProject. +type MoveProjectMetadata struct { +} + +// MoveProjectRequest: The request sent to MoveProject method. +type MoveProjectRequest struct { + // DestinationParent: Required. The new parent to move the Project + // under. + DestinationParent string `json:"destinationParent,omitempty"` + + // ForceSendFields is a list of field names (e.g. "DestinationParent") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "DestinationParent") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *MoveProjectRequest) MarshalJSON() ([]byte, error) { + type NoMethod MoveProjectRequest + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// Operation: This resource represents a long-running operation that is +// the result of a network API call. +type Operation struct { + // Done: If the value is `false`, it means the operation is still in + // progress. If `true`, the operation is completed, and either `error` + // or `response` is available. + Done bool `json:"done,omitempty"` + + // Error: The error result of the operation in case of failure or + // cancellation. + Error *Status `json:"error,omitempty"` + + // Metadata: Service-specific metadata associated with the operation. It + // typically contains progress information and common metadata such as + // create time. Some services might not provide such metadata. Any + // method that returns a long-running operation should document the + // metadata type, if any. + Metadata googleapi.RawMessage `json:"metadata,omitempty"` + + // Name: The server-assigned name, which is only unique within the same + // service that originally returns it. If you use the default HTTP + // mapping, the `name` should be a resource name ending with + // `operations/{unique_id}`. + Name string `json:"name,omitempty"` + + // Response: The normal, successful response of the operation. If the + // original method returns no data on success, such as `Delete`, the + // response is `google.protobuf.Empty`. If the original method is + // standard `Get`/`Create`/`Update`, the response should be the + // resource. For other methods, the response should have the type + // `XxxResponse`, where `Xxx` is the original method name. For example, + // if the original method name is `TakeSnapshot()`, the inferred + // response type is `TakeSnapshotResponse`. + Response googleapi.RawMessage `json:"response,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "Done") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Done") to include in API + // requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *Operation) MarshalJSON() ([]byte, error) { + type NoMethod Operation + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// Organization: The root node in the resource hierarchy to which a +// particular entity's (a company, for example) resources belong. +type Organization struct { + // CreateTime: Output only. Timestamp when the Organization was created. + CreateTime string `json:"createTime,omitempty"` + + // DeleteTime: Output only. Timestamp when the Organization was + // requested for deletion. + DeleteTime string `json:"deleteTime,omitempty"` + + // DirectoryCustomerId: Immutable. The G Suite / Workspace customer id + // used in the Directory API. + DirectoryCustomerId string `json:"directoryCustomerId,omitempty"` + + // DisplayName: Output only. A human-readable string that refers to the + // organization in the Google Cloud Console. This string is set by the + // server and cannot be changed. The string will be set to the primary + // domain (for example, "google.com") of the Google Workspace customer + // that owns the organization. + DisplayName string `json:"displayName,omitempty"` + + // Etag: Output only. A checksum computed by the server based on the + // current value of the Organization resource. This may be sent on + // update and delete requests to ensure the client has an up-to-date + // value before proceeding. + Etag string `json:"etag,omitempty"` + + // Name: Output only. The resource name of the organization. This is the + // organization's relative path in the API. Its format is + // "organizations/[organization_id]". For example, "organizations/1234". + Name string `json:"name,omitempty"` + + // State: Output only. The organization's current lifecycle state. + // + // Possible values: + // "STATE_UNSPECIFIED" - Unspecified state. This is only useful for + // distinguishing unset values. + // "ACTIVE" - The normal and active state. + // "DELETE_REQUESTED" - The organization has been marked for deletion + // by the user. + State string `json:"state,omitempty"` + + // UpdateTime: Output only. Timestamp when the Organization was last + // modified. + UpdateTime string `json:"updateTime,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "CreateTime") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "CreateTime") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *Organization) MarshalJSON() ([]byte, error) { + type NoMethod Organization + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// Policy: An Identity and Access Management (IAM) policy, which +// specifies access controls for Google Cloud resources. A `Policy` is a +// collection of `bindings`. A `binding` binds one or more `members`, or +// principals, to a single `role`. Principals can be user accounts, +// service accounts, Google groups, and domains (such as G Suite). A +// `role` is a named list of permissions; each `role` can be an IAM +// predefined role or a user-created custom role. For some types of +// Google Cloud resources, a `binding` can also specify a `condition`, +// which is a logical expression that allows access to a resource only +// if the expression evaluates to `true`. A condition can add +// constraints based on attributes of the request, the resource, or +// both. To learn which resources support conditions in their IAM +// policies, see the IAM documentation +// (https://cloud.google.com/iam/help/conditions/resource-policies). +// **JSON example:** ``` { "bindings": [ { "role": +// "roles/resourcemanager.organizationAdmin", "members": [ +// "user:mike@example.com", "group:admins@example.com", +// "domain:google.com", +// "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { +// "role": "roles/resourcemanager.organizationViewer", "members": [ +// "user:eve@example.com" ], "condition": { "title": "expirable access", +// "description": "Does not grant access after Sep 2020", "expression": +// "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], +// "etag": "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` +// bindings: - members: - user:mike@example.com - +// group:admins@example.com - domain:google.com - +// serviceAccount:my-project-id@appspot.gserviceaccount.com role: +// roles/resourcemanager.organizationAdmin - members: - +// user:eve@example.com role: roles/resourcemanager.organizationViewer +// condition: title: expirable access description: Does not grant access +// after Sep 2020 expression: request.time < +// timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 +// ``` For a description of IAM and its features, see the IAM +// documentation (https://cloud.google.com/iam/docs/). +type Policy struct { + // AuditConfigs: Specifies cloud audit logging configuration for this + // policy. + AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"` + + // Bindings: Associates a list of `members`, or principals, with a + // `role`. Optionally, may specify a `condition` that determines how and + // when the `bindings` are applied. Each of the `bindings` must contain + // at least one principal. The `bindings` in a `Policy` can refer to up + // to 1,500 principals; up to 250 of these principals can be Google + // groups. Each occurrence of a principal counts towards these limits. + // For example, if the `bindings` grant 50 different roles to + // `user:alice@example.com`, and not to any other principal, then you + // can add another 1,450 principals to the `bindings` in the `Policy`. + Bindings []*Binding `json:"bindings,omitempty"` + + // Etag: `etag` is used for optimistic concurrency control as a way to + // help prevent simultaneous updates of a policy from overwriting each + // other. It is strongly suggested that systems make use of the `etag` + // in the read-modify-write cycle to perform policy updates in order to + // avoid race conditions: An `etag` is returned in the response to + // `getIamPolicy`, and systems are expected to put that etag in the + // request to `setIamPolicy` to ensure that their change will be applied + // to the same version of the policy. **Important:** If you use IAM + // Conditions, you must include the `etag` field whenever you call + // `setIamPolicy`. If you omit this field, then IAM allows you to + // overwrite a version `3` policy with a version `1` policy, and all of + // the conditions in the version `3` policy are lost. + Etag string `json:"etag,omitempty"` + + // Version: Specifies the format of the policy. Valid values are `0`, + // `1`, and `3`. Requests that specify an invalid value are rejected. + // Any operation that affects conditional role bindings must specify + // version `3`. This requirement applies to the following operations: * + // Getting a policy that includes a conditional role binding * Adding a + // conditional role binding to a policy * Changing a conditional role + // binding in a policy * Removing any role binding, with or without a + // condition, from a policy that includes conditions **Important:** If + // you use IAM Conditions, you must include the `etag` field whenever + // you call `setIamPolicy`. If you omit this field, then IAM allows you + // to overwrite a version `3` policy with a version `1` policy, and all + // of the conditions in the version `3` policy are lost. If a policy + // does not include any conditions, operations on that policy may + // specify any valid version or leave the field unset. To learn which + // resources support conditions in their IAM policies, see the IAM + // documentation + // (https://cloud.google.com/iam/help/conditions/resource-policies). + Version int64 `json:"version,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "AuditConfigs") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "AuditConfigs") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *Policy) MarshalJSON() ([]byte, error) { + type NoMethod Policy + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// Project: A project is a high-level Google Cloud entity. It is a +// container for ACLs, APIs, App Engine Apps, VMs, and other Google +// Cloud Platform resources. +type Project struct { + // CreateTime: Output only. Creation time. + CreateTime string `json:"createTime,omitempty"` + + // DeleteTime: Output only. The time at which this resource was + // requested for deletion. + DeleteTime string `json:"deleteTime,omitempty"` + + // DisplayName: Optional. A user-assigned display name of the project. + // When present it must be between 4 to 30 characters. Allowed + // characters are: lowercase and uppercase letters, numbers, hyphen, + // single-quote, double-quote, space, and exclamation point. Example: + // `My Project` + DisplayName string `json:"displayName,omitempty"` + + // Etag: Output only. A checksum computed by the server based on the + // current value of the Project resource. This may be sent on update and + // delete requests to ensure the client has an up-to-date value before + // proceeding. + Etag string `json:"etag,omitempty"` + + // Labels: Optional. The labels associated with this project. Label keys + // must be between 1 and 63 characters long and must conform to the + // following regular expression: \a-z\ (\[-a-z0-9\]*\[a-z0-9\])?. Label + // values must be between 0 and 63 characters long and must conform to + // the regular expression (\a-z\ (\[-a-z0-9\]*\[a-z0-9\])?)?. No more + // than 64 labels can be associated with a given resource. Clients + // should store labels in a representation such as JSON that does not + // depend on specific characters being disallowed. Example: + // "myBusinessDimension" : "businessValue" + Labels map[string]string `json:"labels,omitempty"` + + // Name: Output only. The unique resource name of the project. It is an + // int64 generated number prefixed by "projects/". Example: + // `projects/415104041262` + Name string `json:"name,omitempty"` + + // Parent: Optional. A reference to a parent Resource. eg., + // `organizations/123` or `folders/876`. + Parent string `json:"parent,omitempty"` + + // ProjectId: Immutable. The unique, user-assigned id of the project. It + // must be 6 to 30 lowercase ASCII letters, digits, or hyphens. It must + // start with a letter. Trailing hyphens are prohibited. Example: + // `tokyo-rain-123` + ProjectId string `json:"projectId,omitempty"` + + // State: Output only. The project lifecycle state. + // + // Possible values: + // "STATE_UNSPECIFIED" - Unspecified state. This is only used/useful + // for distinguishing unset values. + // "ACTIVE" - The normal and active state. + // "DELETE_REQUESTED" - The project has been marked for deletion by + // the user (by invoking DeleteProject) or by the system (Google Cloud + // Platform). This can generally be reversed by invoking + // UndeleteProject. + State string `json:"state,omitempty"` + + // UpdateTime: Output only. The most recent time this resource was + // modified. + UpdateTime string `json:"updateTime,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "CreateTime") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "CreateTime") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *Project) MarshalJSON() ([]byte, error) { + type NoMethod Project + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// ProjectCreationStatus: A status object which is used as the +// `metadata` field for the Operation returned by CreateProject. It +// provides insight for when significant phases of Project creation have +// completed. +type ProjectCreationStatus struct { + // CreateTime: Creation time of the project creation workflow. + CreateTime string `json:"createTime,omitempty"` + + // Gettable: True if the project can be retrieved using GetProject. No + // other operations on the project are guaranteed to work until the + // project creation is complete. + Gettable bool `json:"gettable,omitempty"` + + // Ready: True if the project creation process is complete. + Ready bool `json:"ready,omitempty"` + + // ForceSendFields is a list of field names (e.g. "CreateTime") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "CreateTime") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *ProjectCreationStatus) MarshalJSON() ([]byte, error) { + type NoMethod ProjectCreationStatus + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// SearchFoldersResponse: The response message for searching folders. +type SearchFoldersResponse struct { + // Folders: A possibly paginated folder search results. the specified + // parent resource. + Folders []*Folder `json:"folders,omitempty"` + + // NextPageToken: A pagination token returned from a previous call to + // `SearchFolders` that indicates from where searching should continue. + NextPageToken string `json:"nextPageToken,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "Folders") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Folders") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *SearchFoldersResponse) MarshalJSON() ([]byte, error) { + type NoMethod SearchFoldersResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// SearchOrganizationsResponse: The response returned from the +// `SearchOrganizations` method. +type SearchOrganizationsResponse struct { + // NextPageToken: A pagination token to be used to retrieve the next + // page of results. If the result is too large to fit within the page + // size specified in the request, this field will be set with a token + // that can be used to fetch the next page of results. If this field is + // empty, it indicates that this response contains the last page of + // results. + NextPageToken string `json:"nextPageToken,omitempty"` + + // Organizations: The list of Organizations that matched the search + // query, possibly paginated. + Organizations []*Organization `json:"organizations,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "NextPageToken") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "NextPageToken") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *SearchOrganizationsResponse) MarshalJSON() ([]byte, error) { + type NoMethod SearchOrganizationsResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// SearchProjectsResponse: A page of the response received from the +// SearchProjects method. A paginated response where more pages are +// available has `next_page_token` set. This token can be used in a +// subsequent request to retrieve the next request page. +type SearchProjectsResponse struct { + // NextPageToken: Pagination token. If the result set is too large to + // fit in a single response, this token is returned. It encodes the + // position of the current result cursor. Feeding this value into a new + // list request with the `page_token` parameter gives the next page of + // the results. When `next_page_token` is not filled in, there is no + // next page and the list returned is the last page in the result set. + // Pagination tokens have a limited lifetime. + NextPageToken string `json:"nextPageToken,omitempty"` + + // Projects: The list of Projects that matched the list filter query. + // This list can be paginated. + Projects []*Project `json:"projects,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "NextPageToken") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "NextPageToken") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *SearchProjectsResponse) MarshalJSON() ([]byte, error) { + type NoMethod SearchProjectsResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// SetIamPolicyRequest: Request message for `SetIamPolicy` method. +type SetIamPolicyRequest struct { + // Policy: REQUIRED: The complete policy to be applied to the + // `resource`. The size of the policy is limited to a few 10s of KB. An + // empty policy is a valid policy but certain Google Cloud services + // (such as Projects) might reject them. + Policy *Policy `json:"policy,omitempty"` + + // UpdateMask: OPTIONAL: A FieldMask specifying which fields of the + // policy to modify. Only the fields in the mask will be modified. If no + // mask is provided, the following default mask is used: `paths: + // "bindings, etag" + UpdateMask string `json:"updateMask,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Policy") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Policy") to include in API + // requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) { + type NoMethod SetIamPolicyRequest + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// Status: The `Status` type defines a logical error model that is +// suitable for different programming environments, including REST APIs +// and RPC APIs. It is used by gRPC (https://github.com/grpc). Each +// `Status` message contains three pieces of data: error code, error +// message, and error details. You can find out more about this error +// model and how to work with it in the API Design Guide +// (https://cloud.google.com/apis/design/errors). +type Status struct { + // Code: The status code, which should be an enum value of + // google.rpc.Code. + Code int64 `json:"code,omitempty"` + + // Details: A list of messages that carry the error details. There is a + // common set of message types for APIs to use. + Details []googleapi.RawMessage `json:"details,omitempty"` + + // Message: A developer-facing error message, which should be in + // English. Any user-facing error message should be localized and sent + // in the google.rpc.Status.details field, or localized by the client. + Message string `json:"message,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Code") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Code") to include in API + // requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *Status) MarshalJSON() ([]byte, error) { + type NoMethod Status + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// TagBinding: A TagBinding represents a connection between a TagValue +// and a cloud resource Once a TagBinding is created, the TagValue is +// applied to all the descendants of the Google Cloud resource. +type TagBinding struct { + // Name: Output only. The name of the TagBinding. This is a String of + // the form: `tagBindings/{full-resource-name}/{tag-value-name}` (e.g. + // `tagBindings/%2F%2Fcloudresourcemanager.googleapis.com%2Fprojects%2F12 + // 3/tagValues/456`). + Name string `json:"name,omitempty"` + + // Parent: The full resource name of the resource the TagValue is bound + // to. E.g. `//cloudresourcemanager.googleapis.com/projects/123` + Parent string `json:"parent,omitempty"` + + // TagValue: The TagValue of the TagBinding. Must be of the form + // `tagValues/456`. + TagValue string `json:"tagValue,omitempty"` + + // TagValueNamespacedName: The namespaced name for the TagValue of the + // TagBinding. Must be in the format + // `{parent_id}/{tag_key_short_name}/{short_name}`. For methods that + // support TagValue namespaced name, only one of + // tag_value_namespaced_name or tag_value may be filled. Requests with + // both fields will be rejected. + TagValueNamespacedName string `json:"tagValueNamespacedName,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Name") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Name") to include in API + // requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *TagBinding) MarshalJSON() ([]byte, error) { + type NoMethod TagBinding + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// TagHold: A TagHold represents the use of a TagValue that is not +// captured by TagBindings. If a TagValue has any TagHolds, deletion +// will be blocked. This resource is intended to be created in the same +// cloud location as the `holder`. +type TagHold struct { + // CreateTime: Output only. The time this TagHold was created. + CreateTime string `json:"createTime,omitempty"` + + // HelpLink: Optional. A URL where an end user can learn more about + // removing this hold. E.g. + // `https://cloud.google.com/resource-manager/docs/tags/tags-creating-and + // -managing` + HelpLink string `json:"helpLink,omitempty"` + + // Holder: Required. The name of the resource where the TagValue is + // being used. Must be less than 200 characters. E.g. + // `//compute.googleapis.com/compute/projects/myproject/regions/us-east-1 + // /instanceGroupManagers/instance-group` + Holder string `json:"holder,omitempty"` + + // Name: Output only. The resource name of a TagHold. This is a String + // of the form: `tagValues/{tag-value-id}/tagHolds/{tag-hold-id}` (e.g. + // `tagValues/123/tagHolds/456`). This resource name is generated by the + // server. + Name string `json:"name,omitempty"` + + // Origin: Optional. An optional string representing the origin of this + // request. This field should include human-understandable information + // to distinguish origins from each other. Must be less than 200 + // characters. E.g. `migs-35678234` + Origin string `json:"origin,omitempty"` + + // ForceSendFields is a list of field names (e.g. "CreateTime") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "CreateTime") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *TagHold) MarshalJSON() ([]byte, error) { + type NoMethod TagHold + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// TagKey: A TagKey, used to group a set of TagValues. +type TagKey struct { + // CreateTime: Output only. Creation time. + CreateTime string `json:"createTime,omitempty"` + + // Description: Optional. User-assigned description of the TagKey. Must + // not exceed 256 characters. Read-write. + Description string `json:"description,omitempty"` + + // Etag: Optional. Entity tag which users can pass to prevent race + // conditions. This field is always set in server responses. See + // UpdateTagKeyRequest for details. + Etag string `json:"etag,omitempty"` + + // Name: Immutable. The resource name for a TagKey. Must be in the + // format `tagKeys/{tag_key_id}`, where `tag_key_id` is the generated + // numeric id for the TagKey. + Name string `json:"name,omitempty"` + + // NamespacedName: Output only. Immutable. Namespaced name of the + // TagKey. + NamespacedName string `json:"namespacedName,omitempty"` + + // Parent: Immutable. The resource name of the TagKey's parent. A TagKey + // can be parented by an Organization or a Project. For a TagKey + // parented by an Organization, its parent must be in the form + // `organizations/{org_id}`. For a TagKey parented by a Project, its + // parent can be in the form `projects/{project_id}` or + // `projects/{project_number}`. + Parent string `json:"parent,omitempty"` + + // Purpose: Optional. A purpose denotes that this Tag is intended for + // use in policies of a specific policy engine, and will involve that + // policy engine in management operations involving this Tag. A purpose + // does not grant a policy engine exclusive rights to the Tag, and it + // may be referenced by other policy engines. A purpose cannot be + // changed once set. + // + // Possible values: + // "PURPOSE_UNSPECIFIED" - Unspecified purpose. + // "GCE_FIREWALL" - Purpose for Compute Engine firewalls. A + // corresponding `purpose_data` should be set for the network the tag is + // intended for. The key should be `network` and the value should be in + // ## either of these two formats: + // `https://www.googleapis.com/compute/{compute_version}/projects/{projec + // t_id}/global/networks/{network_id}` - `{project_id}/{network_name}` + // ## Examples: + // `https://www.googleapis.com/compute/staging_v1/projects/fail-closed-lo + // ad-testing/global/networks/6992953698831725600` - + // `fail-closed-load-testing/load-testing-network` + // "DATA_GOVERNANCE" - Purpose for data governance. Tag Values created + // under a key with this purpose may have Tag Value children. No + // `purpose_data` should be set. + Purpose string `json:"purpose,omitempty"` + + // PurposeData: Optional. Purpose data corresponds to the policy system + // that the tag is intended for. See documentation for `Purpose` for + // formatting of this field. Purpose data cannot be changed once set. + PurposeData map[string]string `json:"purposeData,omitempty"` + + // ShortName: Required. Immutable. The user friendly name for a TagKey. + // The short name should be unique for TagKeys within the same tag + // namespace. The short name must be 1-63 characters, beginning and + // ending with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), + // underscores (_), dots (.), and alphanumerics between. + ShortName string `json:"shortName,omitempty"` + + // UpdateTime: Output only. Update time. + UpdateTime string `json:"updateTime,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "CreateTime") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "CreateTime") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *TagKey) MarshalJSON() ([]byte, error) { + type NoMethod TagKey + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// TagValue: A TagValue is a child of a particular TagKey. This is used +// to group cloud resources for the purpose of controlling them using +// policies. +type TagValue struct { + // CreateTime: Output only. Creation time. + CreateTime string `json:"createTime,omitempty"` + + // Description: Optional. User-assigned description of the TagValue. + // Must not exceed 256 characters. Read-write. + Description string `json:"description,omitempty"` + + // Etag: Optional. Entity tag which users can pass to prevent race + // conditions. This field is always set in server responses. See + // UpdateTagValueRequest for details. + Etag string `json:"etag,omitempty"` + + // Name: Immutable. Resource name for TagValue in the format + // `tagValues/456`. + Name string `json:"name,omitempty"` + + // NamespacedName: Output only. The namespaced name of the TagValue. Can + // be in the form + // `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or + // `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or + // `{project_number}/{tag_key_short_name}/{tag_value_short_name}`. + NamespacedName string `json:"namespacedName,omitempty"` + + // Parent: Immutable. The resource name of the new TagValue's parent + // TagKey. Must be of the form `tagKeys/{tag_key_id}`. + Parent string `json:"parent,omitempty"` + + // ShortName: Required. Immutable. User-assigned short name for + // TagValue. The short name should be unique for TagValues within the + // same parent TagKey. The short name must be 63 characters or less, + // beginning and ending with an alphanumeric character ([a-z0-9A-Z]) + // with dashes (-), underscores (_), dots (.), and alphanumerics + // between. + ShortName string `json:"shortName,omitempty"` + + // UpdateTime: Output only. Update time. + UpdateTime string `json:"updateTime,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "CreateTime") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "CreateTime") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *TagValue) MarshalJSON() ([]byte, error) { + type NoMethod TagValue + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// TestIamPermissionsRequest: Request message for `TestIamPermissions` +// method. +type TestIamPermissionsRequest struct { + // Permissions: The set of permissions to check for the `resource`. + // Permissions with wildcards (such as `*` or `storage.*`) are not + // allowed. For more information see IAM Overview + // (https://cloud.google.com/iam/docs/overview#permissions). + Permissions []string `json:"permissions,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Permissions") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Permissions") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) { + type NoMethod TestIamPermissionsRequest + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// TestIamPermissionsResponse: Response message for `TestIamPermissions` +// method. +type TestIamPermissionsResponse struct { + // Permissions: A subset of `TestPermissionsRequest.permissions` that + // the caller is allowed. + Permissions []string `json:"permissions,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "Permissions") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Permissions") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) { + type NoMethod TestIamPermissionsResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// UndeleteFolderMetadata: A status object which is used as the +// `metadata` field for the `Operation` returned by `UndeleteFolder`. +type UndeleteFolderMetadata struct { +} + +// UndeleteFolderRequest: The UndeleteFolder request message. +type UndeleteFolderRequest struct { +} + +// UndeleteOrganizationMetadata: A status object which is used as the +// `metadata` field for the Operation returned by UndeleteOrganization. +type UndeleteOrganizationMetadata struct { +} + +// UndeleteProjectMetadata: A status object which is used as the +// `metadata` field for the Operation returned by `UndeleteProject`. +type UndeleteProjectMetadata struct { +} + +// UndeleteProjectRequest: The request sent to the UndeleteProject +// method. +type UndeleteProjectRequest struct { +} + +// UpdateFolderMetadata: A status object which is used as the `metadata` +// field for the Operation returned by UpdateFolder. +type UpdateFolderMetadata struct { +} + +// UpdateProjectMetadata: A status object which is used as the +// `metadata` field for the Operation returned by UpdateProject. +type UpdateProjectMetadata struct { +} + +// UpdateTagKeyMetadata: Runtime operation information for updating a +// TagKey. +type UpdateTagKeyMetadata struct { +} + +// UpdateTagValueMetadata: Runtime operation information for updating a +// TagValue. +type UpdateTagValueMetadata struct { +} + +// method id "cloudresourcemanager.effectiveTags.list": + +type EffectiveTagsListCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Return a list of effective tags for the given Google Cloud +// resource, as specified in `parent`. +func (r *EffectiveTagsService) List() *EffectiveTagsListCall { + c := &EffectiveTagsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number +// of effective tags to return in the response. The server allows a +// maximum of 300 effective tags to return in a single page. If +// unspecified, the server will use 100 as the default. +func (c *EffectiveTagsListCall) PageSize(pageSize int64) *EffectiveTagsListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A pagination token +// returned from a previous call to `ListEffectiveTags` that indicates +// from where this listing should continue. +func (c *EffectiveTagsListCall) PageToken(pageToken string) *EffectiveTagsListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Parent sets the optional parameter "parent": Required. The full +// resource name of a resource for which you want to list the effective +// tags. E.g. "//cloudresourcemanager.googleapis.com/projects/123" +func (c *EffectiveTagsListCall) Parent(parent string) *EffectiveTagsListCall { + c.urlParams_.Set("parent", parent) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *EffectiveTagsListCall) Fields(s ...googleapi.Field) *EffectiveTagsListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *EffectiveTagsListCall) IfNoneMatch(entityTag string) *EffectiveTagsListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *EffectiveTagsListCall) Context(ctx context.Context) *EffectiveTagsListCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *EffectiveTagsListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *EffectiveTagsListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/effectiveTags") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.effectiveTags.list" call. +// Exactly one of *ListEffectiveTagsResponse or error will be non-nil. +// Any non-2xx status code is an error. Response headers are in either +// *ListEffectiveTagsResponse.ServerResponse.Header or (if a response +// was returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *EffectiveTagsListCall) Do(opts ...googleapi.CallOption) (*ListEffectiveTagsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ListEffectiveTagsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Return a list of effective tags for the given Google Cloud resource, as specified in `parent`.", + // "flatPath": "v3/effectiveTags", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.effectiveTags.list", + // "parameterOrder": [], + // "parameters": { + // "pageSize": { + // "description": "Optional. The maximum number of effective tags to return in the response. The server allows a maximum of 300 effective tags to return in a single page. If unspecified, the server will use 100 as the default.", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "pageToken": { + // "description": "Optional. A pagination token returned from a previous call to `ListEffectiveTags` that indicates from where this listing should continue.", + // "location": "query", + // "type": "string" + // }, + // "parent": { + // "description": "Required. The full resource name of a resource for which you want to list the effective tags. E.g. \"//cloudresourcemanager.googleapis.com/projects/123\"", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v3/effectiveTags", + // "response": { + // "$ref": "ListEffectiveTagsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *EffectiveTagsListCall) Pages(ctx context.Context, f func(*ListEffectiveTagsResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +// method id "cloudresourcemanager.folders.create": + +type FoldersCreateCall struct { + s *Service + folder *Folder + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Create: Creates a folder in the resource hierarchy. Returns an +// `Operation` which can be used to track the progress of the folder +// creation workflow. Upon success, the `Operation.response` field will +// be populated with the created Folder. In order to succeed, the +// addition of this new folder must not violate the folder naming, +// height, or fanout constraints. + The folder's `display_name` must be +// distinct from all other folders that share its parent. + The addition +// of the folder must not cause the active folder hierarchy to exceed a +// height of 10. Note, the full active + deleted folder hierarchy is +// allowed to reach a height of 20; this provides additional headroom +// when moving folders that contain deleted folders. + The addition of +// the folder must not cause the total number of folders under its +// parent to exceed 300. If the operation fails due to a folder +// constraint violation, some errors may be returned by the +// `CreateFolder` request, with status code `FAILED_PRECONDITION` and an +// error description. Other folder constraint violations will be +// communicated in the `Operation`, with the specific +// `PreconditionFailure` returned in the details list in the +// `Operation.error` field. The caller must have +// `resourcemanager.folders.create` permission on the identified parent. +func (r *FoldersService) Create(folder *Folder) *FoldersCreateCall { + c := &FoldersCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.folder = folder + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *FoldersCreateCall) Fields(s ...googleapi.Field) *FoldersCreateCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *FoldersCreateCall) Context(ctx context.Context) *FoldersCreateCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *FoldersCreateCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *FoldersCreateCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.folder) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/folders") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.folders.create" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *FoldersCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Creates a folder in the resource hierarchy. Returns an `Operation` which can be used to track the progress of the folder creation workflow. Upon success, the `Operation.response` field will be populated with the created Folder. In order to succeed, the addition of this new folder must not violate the folder naming, height, or fanout constraints. + The folder's `display_name` must be distinct from all other folders that share its parent. + The addition of the folder must not cause the active folder hierarchy to exceed a height of 10. Note, the full active + deleted folder hierarchy is allowed to reach a height of 20; this provides additional headroom when moving folders that contain deleted folders. + The addition of the folder must not cause the total number of folders under its parent to exceed 300. If the operation fails due to a folder constraint violation, some errors may be returned by the `CreateFolder` request, with status code `FAILED_PRECONDITION` and an error description. Other folder constraint violations will be communicated in the `Operation`, with the specific `PreconditionFailure` returned in the details list in the `Operation.error` field. The caller must have `resourcemanager.folders.create` permission on the identified parent.", + // "flatPath": "v3/folders", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.folders.create", + // "parameterOrder": [], + // "parameters": {}, + // "path": "v3/folders", + // "request": { + // "$ref": "Folder" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.folders.delete": + +type FoldersDeleteCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Requests deletion of a folder. The folder is moved into the +// DELETE_REQUESTED state immediately, and is deleted approximately 30 +// days later. This method may only be called on an empty folder, where +// a folder is empty if it doesn't contain any folders or projects in +// the ACTIVE state. If called on a folder in DELETE_REQUESTED state the +// operation will result in a no-op success. The caller must have +// `resourcemanager.folders.delete` permission on the identified folder. +// +// - name: The resource name of the folder to be deleted. Must be of the +// form `folders/{folder_id}`. +func (r *FoldersService) Delete(name string) *FoldersDeleteCall { + c := &FoldersDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *FoldersDeleteCall) Fields(s ...googleapi.Field) *FoldersDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *FoldersDeleteCall) Context(ctx context.Context) *FoldersDeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *FoldersDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *FoldersDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.folders.delete" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *FoldersDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Requests deletion of a folder. The folder is moved into the DELETE_REQUESTED state immediately, and is deleted approximately 30 days later. This method may only be called on an empty folder, where a folder is empty if it doesn't contain any folders or projects in the ACTIVE state. If called on a folder in DELETE_REQUESTED state the operation will result in a no-op success. The caller must have `resourcemanager.folders.delete` permission on the identified folder.", + // "flatPath": "v3/folders/{foldersId}", + // "httpMethod": "DELETE", + // "id": "cloudresourcemanager.folders.delete", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The resource name of the folder to be deleted. Must be of the form `folders/{folder_id}`.", + // "location": "path", + // "pattern": "^folders/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.folders.get": + +type FoldersGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Retrieves a folder identified by the supplied resource name. +// Valid folder resource names have the format `folders/{folder_id}` +// (for example, `folders/1234`). The caller must have +// `resourcemanager.folders.get` permission on the identified folder. +// +// - name: The resource name of the folder to retrieve. Must be of the +// form `folders/{folder_id}`. +func (r *FoldersService) Get(name string) *FoldersGetCall { + c := &FoldersGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *FoldersGetCall) Fields(s ...googleapi.Field) *FoldersGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *FoldersGetCall) IfNoneMatch(entityTag string) *FoldersGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *FoldersGetCall) Context(ctx context.Context) *FoldersGetCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *FoldersGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *FoldersGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.folders.get" call. +// Exactly one of *Folder or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Folder.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *FoldersGetCall) Do(opts ...googleapi.CallOption) (*Folder, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Folder{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Retrieves a folder identified by the supplied resource name. Valid folder resource names have the format `folders/{folder_id}` (for example, `folders/1234`). The caller must have `resourcemanager.folders.get` permission on the identified folder.", + // "flatPath": "v3/folders/{foldersId}", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.folders.get", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The resource name of the folder to retrieve. Must be of the form `folders/{folder_id}`.", + // "location": "path", + // "pattern": "^folders/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "Folder" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.folders.getIamPolicy": + +type FoldersGetIamPolicyCall struct { + s *Service + resource string + getiampolicyrequest *GetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// GetIamPolicy: Gets the access control policy for a folder. The +// returned policy may be empty if no such policy or resource exists. +// The `resource` field should be the folder's resource name, for +// example: "folders/1234". The caller must have +// `resourcemanager.folders.getIamPolicy` permission on the identified +// folder. +// +// - resource: REQUIRED: The resource for which the policy is being +// requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *FoldersService) GetIamPolicy(resource string, getiampolicyrequest *GetIamPolicyRequest) *FoldersGetIamPolicyCall { + c := &FoldersGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.getiampolicyrequest = getiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *FoldersGetIamPolicyCall) Fields(s ...googleapi.Field) *FoldersGetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *FoldersGetIamPolicyCall) Context(ctx context.Context) *FoldersGetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *FoldersGetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *FoldersGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.getiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:getIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.folders.getIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *FoldersGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Gets the access control policy for a folder. The returned policy may be empty if no such policy or resource exists. The `resource` field should be the folder's resource name, for example: \"folders/1234\". The caller must have `resourcemanager.folders.getIamPolicy` permission on the identified folder.", + // "flatPath": "v3/folders/{foldersId}:getIamPolicy", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.folders.getIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^folders/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:getIamPolicy", + // "request": { + // "$ref": "GetIamPolicyRequest" + // }, + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.folders.list": + +type FoldersListCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Lists the folders that are direct descendants of supplied +// parent resource. `list()` provides a strongly consistent view of the +// folders underneath the specified parent resource. `list()` returns +// folders sorted based upon the (ascending) lexical ordering of their +// display_name. The caller must have `resourcemanager.folders.list` +// permission on the identified parent. +func (r *FoldersService) List() *FoldersListCall { + c := &FoldersListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number +// of folders to return in the response. The server can return fewer +// folders than requested. If unspecified, server picks an appropriate +// default. +func (c *FoldersListCall) PageSize(pageSize int64) *FoldersListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A pagination token +// returned from a previous call to `ListFolders` that indicates where +// this listing should continue from. +func (c *FoldersListCall) PageToken(pageToken string) *FoldersListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Parent sets the optional parameter "parent": Required. The name of +// the parent resource whose folders are being listed. Only children of +// this parent resource are listed; descendants are not listed. If the +// parent is a folder, use the value `folders/{folder_id}`. If the +// parent is an organization, use the value `organizations/{org_id}`. +// Access to this method is controlled by checking the +// `resourcemanager.folders.list` permission on the `parent`. +func (c *FoldersListCall) Parent(parent string) *FoldersListCall { + c.urlParams_.Set("parent", parent) + return c +} + +// ShowDeleted sets the optional parameter "showDeleted": Controls +// whether folders in the DELETE_REQUESTED state should be returned. +// Defaults to false. +func (c *FoldersListCall) ShowDeleted(showDeleted bool) *FoldersListCall { + c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *FoldersListCall) Fields(s ...googleapi.Field) *FoldersListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *FoldersListCall) IfNoneMatch(entityTag string) *FoldersListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *FoldersListCall) Context(ctx context.Context) *FoldersListCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *FoldersListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *FoldersListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/folders") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.folders.list" call. +// Exactly one of *ListFoldersResponse or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *ListFoldersResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *FoldersListCall) Do(opts ...googleapi.CallOption) (*ListFoldersResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ListFoldersResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Lists the folders that are direct descendants of supplied parent resource. `list()` provides a strongly consistent view of the folders underneath the specified parent resource. `list()` returns folders sorted based upon the (ascending) lexical ordering of their display_name. The caller must have `resourcemanager.folders.list` permission on the identified parent.", + // "flatPath": "v3/folders", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.folders.list", + // "parameterOrder": [], + // "parameters": { + // "pageSize": { + // "description": "Optional. The maximum number of folders to return in the response. The server can return fewer folders than requested. If unspecified, server picks an appropriate default.", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "pageToken": { + // "description": "Optional. A pagination token returned from a previous call to `ListFolders` that indicates where this listing should continue from.", + // "location": "query", + // "type": "string" + // }, + // "parent": { + // "description": "Required. The name of the parent resource whose folders are being listed. Only children of this parent resource are listed; descendants are not listed. If the parent is a folder, use the value `folders/{folder_id}`. If the parent is an organization, use the value `organizations/{org_id}`. Access to this method is controlled by checking the `resourcemanager.folders.list` permission on the `parent`.", + // "location": "query", + // "type": "string" + // }, + // "showDeleted": { + // "description": "Optional. Controls whether folders in the DELETE_REQUESTED state should be returned. Defaults to false.", + // "location": "query", + // "type": "boolean" + // } + // }, + // "path": "v3/folders", + // "response": { + // "$ref": "ListFoldersResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *FoldersListCall) Pages(ctx context.Context, f func(*ListFoldersResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +// method id "cloudresourcemanager.folders.move": + +type FoldersMoveCall struct { + s *Service + name string + movefolderrequest *MoveFolderRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Move: Moves a folder under a new resource parent. Returns an +// `Operation` which can be used to track the progress of the folder +// move workflow. Upon success, the `Operation.response` field will be +// populated with the moved folder. Upon failure, a +// `FolderOperationError` categorizing the failure cause will be +// returned - if the failure occurs synchronously then the +// `FolderOperationError` will be returned in the `Status.details` +// field. If it occurs asynchronously, then the FolderOperation will be +// returned in the `Operation.error` field. In addition, the +// `Operation.metadata` field will be populated with a `FolderOperation` +// message as an aid to stateless clients. Folder moves will be rejected +// if they violate either the naming, height, or fanout constraints +// described in the CreateFolder documentation. The caller must have +// `resourcemanager.folders.move` permission on the folder's current and +// proposed new parent. +// +// - name: The resource name of the Folder to move. Must be of the form +// folders/{folder_id}. +func (r *FoldersService) Move(name string, movefolderrequest *MoveFolderRequest) *FoldersMoveCall { + c := &FoldersMoveCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.movefolderrequest = movefolderrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *FoldersMoveCall) Fields(s ...googleapi.Field) *FoldersMoveCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *FoldersMoveCall) Context(ctx context.Context) *FoldersMoveCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *FoldersMoveCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *FoldersMoveCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.movefolderrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}:move") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.folders.move" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *FoldersMoveCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Moves a folder under a new resource parent. Returns an `Operation` which can be used to track the progress of the folder move workflow. Upon success, the `Operation.response` field will be populated with the moved folder. Upon failure, a `FolderOperationError` categorizing the failure cause will be returned - if the failure occurs synchronously then the `FolderOperationError` will be returned in the `Status.details` field. If it occurs asynchronously, then the FolderOperation will be returned in the `Operation.error` field. In addition, the `Operation.metadata` field will be populated with a `FolderOperation` message as an aid to stateless clients. Folder moves will be rejected if they violate either the naming, height, or fanout constraints described in the CreateFolder documentation. The caller must have `resourcemanager.folders.move` permission on the folder's current and proposed new parent.", + // "flatPath": "v3/folders/{foldersId}:move", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.folders.move", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The resource name of the Folder to move. Must be of the form folders/{folder_id}", + // "location": "path", + // "pattern": "^folders/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}:move", + // "request": { + // "$ref": "MoveFolderRequest" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.folders.patch": + +type FoldersPatchCall struct { + s *Service + name string + folder *Folder + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Patch: Updates a folder, changing its `display_name`. Changes to the +// folder `display_name` will be rejected if they violate either the +// `display_name` formatting rules or the naming constraints described +// in the CreateFolder documentation. The folder's `display_name` must +// start and end with a letter or digit, may contain letters, digits, +// spaces, hyphens and underscores and can be between 3 and 30 +// characters. This is captured by the regular expression: +// `\p{L}\p{N}{1,28}[\p{L}\p{N}]`. The caller must have +// `resourcemanager.folders.update` permission on the identified folder. +// If the update fails due to the unique name constraint then a +// `PreconditionFailure` explaining this violation will be returned in +// the Status.details field. +// +// - name: Output only. The resource name of the folder. Its format is +// `folders/{folder_id}`, for example: "folders/1234". +func (r *FoldersService) Patch(name string, folder *Folder) *FoldersPatchCall { + c := &FoldersPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.folder = folder + return c +} + +// UpdateMask sets the optional parameter "updateMask": Required. Fields +// to be updated. Only the `display_name` can be updated. +func (c *FoldersPatchCall) UpdateMask(updateMask string) *FoldersPatchCall { + c.urlParams_.Set("updateMask", updateMask) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *FoldersPatchCall) Fields(s ...googleapi.Field) *FoldersPatchCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *FoldersPatchCall) Context(ctx context.Context) *FoldersPatchCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *FoldersPatchCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *FoldersPatchCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.folder) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("PATCH", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.folders.patch" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *FoldersPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Updates a folder, changing its `display_name`. Changes to the folder `display_name` will be rejected if they violate either the `display_name` formatting rules or the naming constraints described in the CreateFolder documentation. The folder's `display_name` must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be between 3 and 30 characters. This is captured by the regular expression: `\\p{L}\\p{N}{1,28}[\\p{L}\\p{N}]`. The caller must have `resourcemanager.folders.update` permission on the identified folder. If the update fails due to the unique name constraint then a `PreconditionFailure` explaining this violation will be returned in the Status.details field.", + // "flatPath": "v3/folders/{foldersId}", + // "httpMethod": "PATCH", + // "id": "cloudresourcemanager.folders.patch", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Output only. The resource name of the folder. Its format is `folders/{folder_id}`, for example: \"folders/1234\".", + // "location": "path", + // "pattern": "^folders/[^/]+$", + // "required": true, + // "type": "string" + // }, + // "updateMask": { + // "description": "Required. Fields to be updated. Only the `display_name` can be updated.", + // "format": "google-fieldmask", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "request": { + // "$ref": "Folder" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.folders.search": + +type FoldersSearchCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Search: Search for folders that match specific filter criteria. +// `search()` provides an eventually consistent view of the folders a +// user has access to which meet the specified filter criteria. This +// will only return folders on which the caller has the permission +// `resourcemanager.folders.get`. +func (r *FoldersService) Search() *FoldersSearchCall { + c := &FoldersSearchCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number +// of folders to return in the response. The server can return fewer +// folders than requested. If unspecified, server picks an appropriate +// default. +func (c *FoldersSearchCall) PageSize(pageSize int64) *FoldersSearchCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A pagination token +// returned from a previous call to `SearchFolders` that indicates from +// where search should continue. +func (c *FoldersSearchCall) PageToken(pageToken string) *FoldersSearchCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Query sets the optional parameter "query": Search criteria used to +// select the folders to return. If no search criteria is specified then +// all accessible folders will be returned. Query expressions can be +// used to restrict results based upon displayName, state and parent, +// where the operators `=` (`:`) `NOT`, `AND` and `OR` can be used along +// with the suffix wildcard symbol `*`. The `displayName` field in a +// query expression should use escaped quotes for values that include +// whitespace to prevent unexpected behavior. ``` | Field | Description +// | +// |-------------------------|----------------------------------------| +// | displayName | Filters by displayName. | | parent | Filters by +// parent (for example: folders/123). | | state, lifecycleState | +// Filters by state. | ``` Some example queries are: * Query +// `displayName=Test*` returns Folder resources whose display name +// starts with "Test". * Query `state=ACTIVE` returns Folder resources +// with `state` set to `ACTIVE`. * Query `parent=folders/123` returns +// Folder resources that have `folders/123` as a parent resource. * +// Query `parent=folders/123 AND state=ACTIVE` returns active Folder +// resources that have `folders/123` as a parent resource. * Query +// `displayName=\\"Test String\\" returns Folder resources with display +// names that include both "Test" and "String". +func (c *FoldersSearchCall) Query(query string) *FoldersSearchCall { + c.urlParams_.Set("query", query) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *FoldersSearchCall) Fields(s ...googleapi.Field) *FoldersSearchCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *FoldersSearchCall) IfNoneMatch(entityTag string) *FoldersSearchCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *FoldersSearchCall) Context(ctx context.Context) *FoldersSearchCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *FoldersSearchCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *FoldersSearchCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/folders:search") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.folders.search" call. +// Exactly one of *SearchFoldersResponse or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *SearchFoldersResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *FoldersSearchCall) Do(opts ...googleapi.CallOption) (*SearchFoldersResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &SearchFoldersResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Search for folders that match specific filter criteria. `search()` provides an eventually consistent view of the folders a user has access to which meet the specified filter criteria. This will only return folders on which the caller has the permission `resourcemanager.folders.get`.", + // "flatPath": "v3/folders:search", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.folders.search", + // "parameterOrder": [], + // "parameters": { + // "pageSize": { + // "description": "Optional. The maximum number of folders to return in the response. The server can return fewer folders than requested. If unspecified, server picks an appropriate default.", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "pageToken": { + // "description": "Optional. A pagination token returned from a previous call to `SearchFolders` that indicates from where search should continue.", + // "location": "query", + // "type": "string" + // }, + // "query": { + // "description": "Optional. Search criteria used to select the folders to return. If no search criteria is specified then all accessible folders will be returned. Query expressions can be used to restrict results based upon displayName, state and parent, where the operators `=` (`:`) `NOT`, `AND` and `OR` can be used along with the suffix wildcard symbol `*`. The `displayName` field in a query expression should use escaped quotes for values that include whitespace to prevent unexpected behavior. ``` | Field | Description | |-------------------------|----------------------------------------| | displayName | Filters by displayName. | | parent | Filters by parent (for example: folders/123). | | state, lifecycleState | Filters by state. | ``` Some example queries are: * Query `displayName=Test*` returns Folder resources whose display name starts with \"Test\". * Query `state=ACTIVE` returns Folder resources with `state` set to `ACTIVE`. * Query `parent=folders/123` returns Folder resources that have `folders/123` as a parent resource. * Query `parent=folders/123 AND state=ACTIVE` returns active Folder resources that have `folders/123` as a parent resource. * Query `displayName=\\\\\"Test String\\\\\"` returns Folder resources with display names that include both \"Test\" and \"String\".", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v3/folders:search", + // "response": { + // "$ref": "SearchFoldersResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *FoldersSearchCall) Pages(ctx context.Context, f func(*SearchFoldersResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +// method id "cloudresourcemanager.folders.setIamPolicy": + +type FoldersSetIamPolicyCall struct { + s *Service + resource string + setiampolicyrequest *SetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// SetIamPolicy: Sets the access control policy on a folder, replacing +// any existing policy. The `resource` field should be the folder's +// resource name, for example: "folders/1234". The caller must have +// `resourcemanager.folders.setIamPolicy` permission on the identified +// folder. +// +// - resource: REQUIRED: The resource for which the policy is being +// specified. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *FoldersService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *FoldersSetIamPolicyCall { + c := &FoldersSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.setiampolicyrequest = setiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *FoldersSetIamPolicyCall) Fields(s ...googleapi.Field) *FoldersSetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *FoldersSetIamPolicyCall) Context(ctx context.Context) *FoldersSetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *FoldersSetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *FoldersSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:setIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.folders.setIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *FoldersSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Sets the access control policy on a folder, replacing any existing policy. The `resource` field should be the folder's resource name, for example: \"folders/1234\". The caller must have `resourcemanager.folders.setIamPolicy` permission on the identified folder.", + // "flatPath": "v3/folders/{foldersId}:setIamPolicy", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.folders.setIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^folders/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:setIamPolicy", + // "request": { + // "$ref": "SetIamPolicyRequest" + // }, + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.folders.testIamPermissions": + +type FoldersTestIamPermissionsCall struct { + s *Service + resource string + testiampermissionsrequest *TestIamPermissionsRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// TestIamPermissions: Returns permissions that a caller has on the +// specified folder. The `resource` field should be the folder's +// resource name, for example: "folders/1234". There are no permissions +// required for making this API call. +// +// - resource: REQUIRED: The resource for which the policy detail is +// being requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *FoldersService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *FoldersTestIamPermissionsCall { + c := &FoldersTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.testiampermissionsrequest = testiampermissionsrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *FoldersTestIamPermissionsCall) Fields(s ...googleapi.Field) *FoldersTestIamPermissionsCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *FoldersTestIamPermissionsCall) Context(ctx context.Context) *FoldersTestIamPermissionsCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *FoldersTestIamPermissionsCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *FoldersTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:testIamPermissions") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.folders.testIamPermissions" call. +// Exactly one of *TestIamPermissionsResponse or error will be non-nil. +// Any non-2xx status code is an error. Response headers are in either +// *TestIamPermissionsResponse.ServerResponse.Header or (if a response +// was returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *FoldersTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &TestIamPermissionsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Returns permissions that a caller has on the specified folder. The `resource` field should be the folder's resource name, for example: \"folders/1234\". There are no permissions required for making this API call.", + // "flatPath": "v3/folders/{foldersId}:testIamPermissions", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.folders.testIamPermissions", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^folders/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:testIamPermissions", + // "request": { + // "$ref": "TestIamPermissionsRequest" + // }, + // "response": { + // "$ref": "TestIamPermissionsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.folders.undelete": + +type FoldersUndeleteCall struct { + s *Service + name string + undeletefolderrequest *UndeleteFolderRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Undelete: Cancels the deletion request for a folder. This method may +// be called on a folder in any state. If the folder is in the ACTIVE +// state the result will be a no-op success. In order to succeed, the +// folder's parent must be in the ACTIVE state. In addition, +// reintroducing the folder into the tree must not violate folder +// naming, height, and fanout constraints described in the CreateFolder +// documentation. The caller must have +// `resourcemanager.folders.undelete` permission on the identified +// folder. +// +// - name: The resource name of the folder to undelete. Must be of the +// form `folders/{folder_id}`. +func (r *FoldersService) Undelete(name string, undeletefolderrequest *UndeleteFolderRequest) *FoldersUndeleteCall { + c := &FoldersUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.undeletefolderrequest = undeletefolderrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *FoldersUndeleteCall) Fields(s ...googleapi.Field) *FoldersUndeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *FoldersUndeleteCall) Context(ctx context.Context) *FoldersUndeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *FoldersUndeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *FoldersUndeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeletefolderrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}:undelete") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.folders.undelete" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *FoldersUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Cancels the deletion request for a folder. This method may be called on a folder in any state. If the folder is in the ACTIVE state the result will be a no-op success. In order to succeed, the folder's parent must be in the ACTIVE state. In addition, reintroducing the folder into the tree must not violate folder naming, height, and fanout constraints described in the CreateFolder documentation. The caller must have `resourcemanager.folders.undelete` permission on the identified folder.", + // "flatPath": "v3/folders/{foldersId}:undelete", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.folders.undelete", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The resource name of the folder to undelete. Must be of the form `folders/{folder_id}`.", + // "location": "path", + // "pattern": "^folders/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}:undelete", + // "request": { + // "$ref": "UndeleteFolderRequest" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.liens.create": + +type LiensCreateCall struct { + s *Service + lien *Lien + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Create: Create a Lien which applies to the resource denoted by the +// `parent` field. Callers of this method will require permission on the +// `parent` resource. For example, applying to `projects/1234` requires +// permission `resourcemanager.projects.updateLiens`. NOTE: Some +// resources may limit the number of Liens which may be applied. +func (r *LiensService) Create(lien *Lien) *LiensCreateCall { + c := &LiensCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.lien = lien + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *LiensCreateCall) Fields(s ...googleapi.Field) *LiensCreateCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *LiensCreateCall) Context(ctx context.Context) *LiensCreateCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *LiensCreateCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *LiensCreateCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.lien) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/liens") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.liens.create" call. +// Exactly one of *Lien or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Lien.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was +// returned. +func (c *LiensCreateCall) Do(opts ...googleapi.CallOption) (*Lien, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Lien{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Create a Lien which applies to the resource denoted by the `parent` field. Callers of this method will require permission on the `parent` resource. For example, applying to `projects/1234` requires permission `resourcemanager.projects.updateLiens`. NOTE: Some resources may limit the number of Liens which may be applied.", + // "flatPath": "v3/liens", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.liens.create", + // "parameterOrder": [], + // "parameters": {}, + // "path": "v3/liens", + // "request": { + // "$ref": "Lien" + // }, + // "response": { + // "$ref": "Lien" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.liens.delete": + +type LiensDeleteCall struct { + s *Service + nameid string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Delete a Lien by `name`. Callers of this method will require +// permission on the `parent` resource. For example, a Lien with a +// `parent` of `projects/1234` requires permission +// `resourcemanager.projects.updateLiens`. +// +// - name: The name/identifier of the Lien to delete. +func (r *LiensService) Delete(nameid string) *LiensDeleteCall { + c := &LiensDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.nameid = nameid + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *LiensDeleteCall) Fields(s ...googleapi.Field) *LiensDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *LiensDeleteCall) Context(ctx context.Context) *LiensDeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *LiensDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *LiensDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.nameid, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.liens.delete" call. +// Exactly one of *Empty or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Empty.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *LiensDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Empty{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Delete a Lien by `name`. Callers of this method will require permission on the `parent` resource. For example, a Lien with a `parent` of `projects/1234` requires permission `resourcemanager.projects.updateLiens`.", + // "flatPath": "v3/liens/{liensId}", + // "httpMethod": "DELETE", + // "id": "cloudresourcemanager.liens.delete", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The name/identifier of the Lien to delete.", + // "location": "path", + // "pattern": "^liens/.*$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "Empty" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.liens.get": + +type LiensGetCall struct { + s *Service + nameid string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Retrieve a Lien by `name`. Callers of this method will require +// permission on the `parent` resource. For example, a Lien with a +// `parent` of `projects/1234` requires permission +// `resourcemanager.projects.get` +// +// - name: The name/identifier of the Lien. +func (r *LiensService) Get(nameid string) *LiensGetCall { + c := &LiensGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.nameid = nameid + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *LiensGetCall) Fields(s ...googleapi.Field) *LiensGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *LiensGetCall) IfNoneMatch(entityTag string) *LiensGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *LiensGetCall) Context(ctx context.Context) *LiensGetCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *LiensGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *LiensGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.nameid, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.liens.get" call. +// Exactly one of *Lien or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Lien.ServerResponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was +// returned. +func (c *LiensGetCall) Do(opts ...googleapi.CallOption) (*Lien, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Lien{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Retrieve a Lien by `name`. Callers of this method will require permission on the `parent` resource. For example, a Lien with a `parent` of `projects/1234` requires permission `resourcemanager.projects.get`", + // "flatPath": "v3/liens/{liensId}", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.liens.get", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The name/identifier of the Lien.", + // "location": "path", + // "pattern": "^liens/.*$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "Lien" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.liens.list": + +type LiensListCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: List all Liens applied to the `parent` resource. Callers of +// this method will require permission on the `parent` resource. For +// example, a Lien with a `parent` of `projects/1234` requires +// permission `resourcemanager.projects.get`. +func (r *LiensService) List() *LiensListCall { + c := &LiensListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number +// of items to return. This is a suggestion for the server. The server +// can return fewer liens than requested. If unspecified, server picks +// an appropriate default. +func (c *LiensListCall) PageSize(pageSize int64) *LiensListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": The +// `next_page_token` value returned from a previous List request, if +// any. +func (c *LiensListCall) PageToken(pageToken string) *LiensListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Parent sets the optional parameter "parent": Required. The name of +// the resource to list all attached Liens. For example, +// `projects/1234`. (google.api.field_policy).resource_type annotation +// is not set since the parent depends on the meta api implementation. +// This field could be a project or other sub project resources. +func (c *LiensListCall) Parent(parent string) *LiensListCall { + c.urlParams_.Set("parent", parent) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *LiensListCall) Fields(s ...googleapi.Field) *LiensListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *LiensListCall) IfNoneMatch(entityTag string) *LiensListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *LiensListCall) Context(ctx context.Context) *LiensListCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *LiensListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *LiensListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/liens") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.liens.list" call. +// Exactly one of *ListLiensResponse or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *ListLiensResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *LiensListCall) Do(opts ...googleapi.CallOption) (*ListLiensResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ListLiensResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "List all Liens applied to the `parent` resource. Callers of this method will require permission on the `parent` resource. For example, a Lien with a `parent` of `projects/1234` requires permission `resourcemanager.projects.get`.", + // "flatPath": "v3/liens", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.liens.list", + // "parameterOrder": [], + // "parameters": { + // "pageSize": { + // "description": "The maximum number of items to return. This is a suggestion for the server. The server can return fewer liens than requested. If unspecified, server picks an appropriate default.", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "pageToken": { + // "description": "The `next_page_token` value returned from a previous List request, if any.", + // "location": "query", + // "type": "string" + // }, + // "parent": { + // "description": "Required. The name of the resource to list all attached Liens. For example, `projects/1234`. (google.api.field_policy).resource_type annotation is not set since the parent depends on the meta api implementation. This field could be a project or other sub project resources.", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v3/liens", + // "response": { + // "$ref": "ListLiensResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *LiensListCall) Pages(ctx context.Context, f func(*ListLiensResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +// method id "cloudresourcemanager.operations.get": + +type OperationsGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Gets the latest state of a long-running operation. Clients can +// use this method to poll the operation result at intervals as +// recommended by the API service. +// +// - name: The name of the operation resource. +func (r *OperationsService) Get(name string) *OperationsGetCall { + c := &OperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *OperationsGetCall) Fields(s ...googleapi.Field) *OperationsGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *OperationsGetCall) IfNoneMatch(entityTag string) *OperationsGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *OperationsGetCall) Context(ctx context.Context) *OperationsGetCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *OperationsGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OperationsGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.operations.get" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *OperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", + // "flatPath": "v3/operations/{operationsId}", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.operations.get", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "The name of the operation resource.", + // "location": "path", + // "pattern": "^operations/.*$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.organizations.get": + +type OrganizationsGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Fetches an organization resource identified by the specified +// resource name. +// +// - name: The resource name of the Organization to fetch. This is the +// organization's relative path in the API, formatted as +// "organizations/[organizationId]". For example, +// "organizations/1234". +func (r *OrganizationsService) Get(name string) *OrganizationsGetCall { + c := &OrganizationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *OrganizationsGetCall) Fields(s ...googleapi.Field) *OrganizationsGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *OrganizationsGetCall) IfNoneMatch(entityTag string) *OrganizationsGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *OrganizationsGetCall) Context(ctx context.Context) *OrganizationsGetCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *OrganizationsGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OrganizationsGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.organizations.get" call. +// Exactly one of *Organization or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Organization.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *OrganizationsGetCall) Do(opts ...googleapi.CallOption) (*Organization, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Organization{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Fetches an organization resource identified by the specified resource name.", + // "flatPath": "v3/organizations/{organizationsId}", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.organizations.get", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The resource name of the Organization to fetch. This is the organization's relative path in the API, formatted as \"organizations/[organizationId]\". For example, \"organizations/1234\".", + // "location": "path", + // "pattern": "^organizations/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "Organization" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.organizations.getIamPolicy": + +type OrganizationsGetIamPolicyCall struct { + s *Service + resource string + getiampolicyrequest *GetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// GetIamPolicy: Gets the access control policy for an organization +// resource. The policy may be empty if no such policy or resource +// exists. The `resource` field should be the organization's resource +// name, for example: "organizations/123". Authorization requires the +// IAM permission `resourcemanager.organizations.getIamPolicy` on the +// specified organization. +// +// - resource: REQUIRED: The resource for which the policy is being +// requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *OrganizationsService) GetIamPolicy(resource string, getiampolicyrequest *GetIamPolicyRequest) *OrganizationsGetIamPolicyCall { + c := &OrganizationsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.getiampolicyrequest = getiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *OrganizationsGetIamPolicyCall) Fields(s ...googleapi.Field) *OrganizationsGetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *OrganizationsGetIamPolicyCall) Context(ctx context.Context) *OrganizationsGetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *OrganizationsGetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OrganizationsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.getiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:getIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.organizations.getIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *OrganizationsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Gets the access control policy for an organization resource. The policy may be empty if no such policy or resource exists. The `resource` field should be the organization's resource name, for example: \"organizations/123\". Authorization requires the IAM permission `resourcemanager.organizations.getIamPolicy` on the specified organization.", + // "flatPath": "v3/organizations/{organizationsId}:getIamPolicy", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.organizations.getIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^organizations/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:getIamPolicy", + // "request": { + // "$ref": "GetIamPolicyRequest" + // }, + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.organizations.search": + +type OrganizationsSearchCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Search: Searches organization resources that are visible to the user +// and satisfy the specified filter. This method returns organizations +// in an unspecified order. New organizations do not necessarily appear +// at the end of the results, and may take a small amount of time to +// appear. Search will only return organizations on which the user has +// the permission `resourcemanager.organizations.get` or has super admin +// privileges. +func (r *OrganizationsService) Search() *OrganizationsSearchCall { + c := &OrganizationsSearchCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number +// of organizations to return in the response. The server can return +// fewer organizations than requested. If unspecified, server picks an +// appropriate default. +func (c *OrganizationsSearchCall) PageSize(pageSize int64) *OrganizationsSearchCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A pagination token +// returned from a previous call to `SearchOrganizations` that indicates +// from where listing should continue. +func (c *OrganizationsSearchCall) PageToken(pageToken string) *OrganizationsSearchCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Query sets the optional parameter "query": An optional query string +// used to filter the Organizations to return in the response. Query +// rules are case-insensitive. ``` | Field | Description | +// |------------------|--------------------------------------------| | +// directoryCustomerId, owner.directoryCustomerId | Filters by directory +// customer id. | | domain | Filters by domain. | ``` Organizations may +// be queried by `directoryCustomerId` or by `domain`, where the domain +// is a G Suite domain, for example: * Query +// `directorycustomerid:123456789` returns Organization resources with +// `owner.directory_customer_id` equal to `123456789`. * Query +// `domain:google.com` returns Organization resources corresponding to +// the domain `google.com`. +func (c *OrganizationsSearchCall) Query(query string) *OrganizationsSearchCall { + c.urlParams_.Set("query", query) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *OrganizationsSearchCall) Fields(s ...googleapi.Field) *OrganizationsSearchCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *OrganizationsSearchCall) IfNoneMatch(entityTag string) *OrganizationsSearchCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *OrganizationsSearchCall) Context(ctx context.Context) *OrganizationsSearchCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *OrganizationsSearchCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OrganizationsSearchCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/organizations:search") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.organizations.search" call. +// Exactly one of *SearchOrganizationsResponse or error will be non-nil. +// Any non-2xx status code is an error. Response headers are in either +// *SearchOrganizationsResponse.ServerResponse.Header or (if a response +// was returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *OrganizationsSearchCall) Do(opts ...googleapi.CallOption) (*SearchOrganizationsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &SearchOrganizationsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Searches organization resources that are visible to the user and satisfy the specified filter. This method returns organizations in an unspecified order. New organizations do not necessarily appear at the end of the results, and may take a small amount of time to appear. Search will only return organizations on which the user has the permission `resourcemanager.organizations.get` or has super admin privileges.", + // "flatPath": "v3/organizations:search", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.organizations.search", + // "parameterOrder": [], + // "parameters": { + // "pageSize": { + // "description": "Optional. The maximum number of organizations to return in the response. The server can return fewer organizations than requested. If unspecified, server picks an appropriate default.", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "pageToken": { + // "description": "Optional. A pagination token returned from a previous call to `SearchOrganizations` that indicates from where listing should continue.", + // "location": "query", + // "type": "string" + // }, + // "query": { + // "description": "Optional. An optional query string used to filter the Organizations to return in the response. Query rules are case-insensitive. ``` | Field | Description | |------------------|--------------------------------------------| | directoryCustomerId, owner.directoryCustomerId | Filters by directory customer id. | | domain | Filters by domain. | ``` Organizations may be queried by `directoryCustomerId` or by `domain`, where the domain is a G Suite domain, for example: * Query `directorycustomerid:123456789` returns Organization resources with `owner.directory_customer_id` equal to `123456789`. * Query `domain:google.com` returns Organization resources corresponding to the domain `google.com`.", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v3/organizations:search", + // "response": { + // "$ref": "SearchOrganizationsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *OrganizationsSearchCall) Pages(ctx context.Context, f func(*SearchOrganizationsResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +// method id "cloudresourcemanager.organizations.setIamPolicy": + +type OrganizationsSetIamPolicyCall struct { + s *Service + resource string + setiampolicyrequest *SetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// SetIamPolicy: Sets the access control policy on an organization +// resource. Replaces any existing policy. The `resource` field should +// be the organization's resource name, for example: +// "organizations/123". Authorization requires the IAM permission +// `resourcemanager.organizations.setIamPolicy` on the specified +// organization. +// +// - resource: REQUIRED: The resource for which the policy is being +// specified. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *OrganizationsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *OrganizationsSetIamPolicyCall { + c := &OrganizationsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.setiampolicyrequest = setiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *OrganizationsSetIamPolicyCall) Fields(s ...googleapi.Field) *OrganizationsSetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *OrganizationsSetIamPolicyCall) Context(ctx context.Context) *OrganizationsSetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *OrganizationsSetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OrganizationsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:setIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.organizations.setIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *OrganizationsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Sets the access control policy on an organization resource. Replaces any existing policy. The `resource` field should be the organization's resource name, for example: \"organizations/123\". Authorization requires the IAM permission `resourcemanager.organizations.setIamPolicy` on the specified organization.", + // "flatPath": "v3/organizations/{organizationsId}:setIamPolicy", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.organizations.setIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^organizations/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:setIamPolicy", + // "request": { + // "$ref": "SetIamPolicyRequest" + // }, + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.organizations.testIamPermissions": + +type OrganizationsTestIamPermissionsCall struct { + s *Service + resource string + testiampermissionsrequest *TestIamPermissionsRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// TestIamPermissions: Returns the permissions that a caller has on the +// specified organization. The `resource` field should be the +// organization's resource name, for example: "organizations/123". There +// are no permissions required for making this API call. +// +// - resource: REQUIRED: The resource for which the policy detail is +// being requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *OrganizationsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *OrganizationsTestIamPermissionsCall { + c := &OrganizationsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.testiampermissionsrequest = testiampermissionsrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *OrganizationsTestIamPermissionsCall) Fields(s ...googleapi.Field) *OrganizationsTestIamPermissionsCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *OrganizationsTestIamPermissionsCall) Context(ctx context.Context) *OrganizationsTestIamPermissionsCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *OrganizationsTestIamPermissionsCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *OrganizationsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:testIamPermissions") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.organizations.testIamPermissions" call. +// Exactly one of *TestIamPermissionsResponse or error will be non-nil. +// Any non-2xx status code is an error. Response headers are in either +// *TestIamPermissionsResponse.ServerResponse.Header or (if a response +// was returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *OrganizationsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &TestIamPermissionsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Returns the permissions that a caller has on the specified organization. The `resource` field should be the organization's resource name, for example: \"organizations/123\". There are no permissions required for making this API call.", + // "flatPath": "v3/organizations/{organizationsId}:testIamPermissions", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.organizations.testIamPermissions", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^organizations/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:testIamPermissions", + // "request": { + // "$ref": "TestIamPermissionsRequest" + // }, + // "response": { + // "$ref": "TestIamPermissionsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.projects.create": + +type ProjectsCreateCall struct { + s *Service + project *Project + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Create: Request that a new project be created. The result is an +// `Operation` which can be used to track the creation process. This +// process usually takes a few seconds, but can sometimes take much +// longer. The tracking `Operation` is automatically deleted after a few +// hours, so there is no need to call `DeleteOperation`. +func (r *ProjectsService) Create(project *Project) *ProjectsCreateCall { + c := &ProjectsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.project = project + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsCreateCall) Fields(s ...googleapi.Field) *ProjectsCreateCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsCreateCall) Context(ctx context.Context) *ProjectsCreateCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsCreateCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsCreateCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.project) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/projects") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.projects.create" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Request that a new project be created. The result is an `Operation` which can be used to track the creation process. This process usually takes a few seconds, but can sometimes take much longer. The tracking `Operation` is automatically deleted after a few hours, so there is no need to call `DeleteOperation`.", + // "flatPath": "v3/projects", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.projects.create", + // "parameterOrder": [], + // "parameters": {}, + // "path": "v3/projects", + // "request": { + // "$ref": "Project" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.projects.delete": + +type ProjectsDeleteCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Marks the project identified by the specified `name` (for +// example, `projects/415104041262`) for deletion. This method will only +// affect the project if it has a lifecycle state of ACTIVE. This method +// changes the Project's lifecycle state from ACTIVE to +// DELETE_REQUESTED. The deletion starts at an unspecified time, at +// which point the Project is no longer accessible. Until the deletion +// completes, you can check the lifecycle state checked by retrieving +// the project with GetProject, and the project remains visible to +// ListProjects. However, you cannot update the project. After the +// deletion completes, the project is not retrievable by the GetProject, +// ListProjects, and SearchProjects methods. This method behaves +// idempotently, such that deleting a `DELETE_REQUESTED` project will +// not cause an error, but also won't do anything. The caller must have +// `resourcemanager.projects.delete` permissions for this project. +// +// - name: The name of the Project (for example, +// `projects/415104041262`). +func (r *ProjectsService) Delete(name string) *ProjectsDeleteCall { + c := &ProjectsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsDeleteCall) Fields(s ...googleapi.Field) *ProjectsDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsDeleteCall) Context(ctx context.Context) *ProjectsDeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.projects.delete" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Marks the project identified by the specified `name` (for example, `projects/415104041262`) for deletion. This method will only affect the project if it has a lifecycle state of ACTIVE. This method changes the Project's lifecycle state from ACTIVE to DELETE_REQUESTED. The deletion starts at an unspecified time, at which point the Project is no longer accessible. Until the deletion completes, you can check the lifecycle state checked by retrieving the project with GetProject, and the project remains visible to ListProjects. However, you cannot update the project. After the deletion completes, the project is not retrievable by the GetProject, ListProjects, and SearchProjects methods. This method behaves idempotently, such that deleting a `DELETE_REQUESTED` project will not cause an error, but also won't do anything. The caller must have `resourcemanager.projects.delete` permissions for this project.", + // "flatPath": "v3/projects/{projectsId}", + // "httpMethod": "DELETE", + // "id": "cloudresourcemanager.projects.delete", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The name of the Project (for example, `projects/415104041262`).", + // "location": "path", + // "pattern": "^projects/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.projects.get": + +type ProjectsGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Retrieves the project identified by the specified `name` (for +// example, `projects/415104041262`). The caller must have +// `resourcemanager.projects.get` permission for this project. +// +// - name: The name of the project (for example, +// `projects/415104041262`). +func (r *ProjectsService) Get(name string) *ProjectsGetCall { + c := &ProjectsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsGetCall) Fields(s ...googleapi.Field) *ProjectsGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *ProjectsGetCall) IfNoneMatch(entityTag string) *ProjectsGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsGetCall) Context(ctx context.Context) *ProjectsGetCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.projects.get" call. +// Exactly one of *Project or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Project.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *ProjectsGetCall) Do(opts ...googleapi.CallOption) (*Project, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Project{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Retrieves the project identified by the specified `name` (for example, `projects/415104041262`). The caller must have `resourcemanager.projects.get` permission for this project.", + // "flatPath": "v3/projects/{projectsId}", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.projects.get", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The name of the project (for example, `projects/415104041262`).", + // "location": "path", + // "pattern": "^projects/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "Project" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.projects.getIamPolicy": + +type ProjectsGetIamPolicyCall struct { + s *Service + resource string + getiampolicyrequest *GetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// GetIamPolicy: Returns the IAM access control policy for the specified +// project, in the format `projects/{ProjectIdOrNumber}` e.g. +// projects/123. Permission is denied if the policy or the resource do +// not exist. +// +// - resource: REQUIRED: The resource for which the policy is being +// requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *ProjectsService) GetIamPolicy(resource string, getiampolicyrequest *GetIamPolicyRequest) *ProjectsGetIamPolicyCall { + c := &ProjectsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.getiampolicyrequest = getiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsGetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsGetIamPolicyCall) Context(ctx context.Context) *ProjectsGetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsGetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.getiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:getIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.projects.getIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *ProjectsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Returns the IAM access control policy for the specified project, in the format `projects/{ProjectIdOrNumber}` e.g. projects/123. Permission is denied if the policy or the resource do not exist.", + // "flatPath": "v3/projects/{projectsId}:getIamPolicy", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.projects.getIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^projects/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:getIamPolicy", + // "request": { + // "$ref": "GetIamPolicyRequest" + // }, + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.projects.list": + +type ProjectsListCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Lists projects that are direct children of the specified folder +// or organization resource. `list()` provides a strongly consistent +// view of the projects underneath the specified parent resource. +// `list()` returns projects sorted based upon the (ascending) lexical +// ordering of their `display_name`. The caller must have +// `resourcemanager.projects.list` permission on the identified parent. +func (r *ProjectsService) List() *ProjectsListCall { + c := &ProjectsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number +// of projects to return in the response. The server can return fewer +// projects than requested. If unspecified, server picks an appropriate +// default. +func (c *ProjectsListCall) PageSize(pageSize int64) *ProjectsListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A pagination token +// returned from a previous call to ListProjects that indicates from +// where listing should continue. +func (c *ProjectsListCall) PageToken(pageToken string) *ProjectsListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Parent sets the optional parameter "parent": Required. The name of +// the parent resource whose projects are being listed. Only children of +// this parent resource are listed; descendants are not listed. If the +// parent is a folder, use the value `folders/{folder_id}`. If the +// parent is an organization, use the value `organizations/{org_id}`. +func (c *ProjectsListCall) Parent(parent string) *ProjectsListCall { + c.urlParams_.Set("parent", parent) + return c +} + +// ShowDeleted sets the optional parameter "showDeleted": Indicate that +// projects in the `DELETE_REQUESTED` state should also be returned. +// Normally only `ACTIVE` projects are returned. +func (c *ProjectsListCall) ShowDeleted(showDeleted bool) *ProjectsListCall { + c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsListCall) Fields(s ...googleapi.Field) *ProjectsListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *ProjectsListCall) IfNoneMatch(entityTag string) *ProjectsListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsListCall) Context(ctx context.Context) *ProjectsListCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/projects") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.projects.list" call. +// Exactly one of *ListProjectsResponse or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *ListProjectsResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *ProjectsListCall) Do(opts ...googleapi.CallOption) (*ListProjectsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ListProjectsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Lists projects that are direct children of the specified folder or organization resource. `list()` provides a strongly consistent view of the projects underneath the specified parent resource. `list()` returns projects sorted based upon the (ascending) lexical ordering of their `display_name`. The caller must have `resourcemanager.projects.list` permission on the identified parent.", + // "flatPath": "v3/projects", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.projects.list", + // "parameterOrder": [], + // "parameters": { + // "pageSize": { + // "description": "Optional. The maximum number of projects to return in the response. The server can return fewer projects than requested. If unspecified, server picks an appropriate default.", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "pageToken": { + // "description": "Optional. A pagination token returned from a previous call to ListProjects that indicates from where listing should continue.", + // "location": "query", + // "type": "string" + // }, + // "parent": { + // "description": "Required. The name of the parent resource whose projects are being listed. Only children of this parent resource are listed; descendants are not listed. If the parent is a folder, use the value `folders/{folder_id}`. If the parent is an organization, use the value `organizations/{org_id}`.", + // "location": "query", + // "type": "string" + // }, + // "showDeleted": { + // "description": "Optional. Indicate that projects in the `DELETE_REQUESTED` state should also be returned. Normally only `ACTIVE` projects are returned.", + // "location": "query", + // "type": "boolean" + // } + // }, + // "path": "v3/projects", + // "response": { + // "$ref": "ListProjectsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *ProjectsListCall) Pages(ctx context.Context, f func(*ListProjectsResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +// method id "cloudresourcemanager.projects.move": + +type ProjectsMoveCall struct { + s *Service + name string + moveprojectrequest *MoveProjectRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Move: Move a project to another place in your resource hierarchy, +// under a new resource parent. Returns an operation which can be used +// to track the process of the project move workflow. Upon success, the +// `Operation.response` field will be populated with the moved project. +// The caller must have `resourcemanager.projects.move` permission on +// the project, on the project's current and proposed new parent. If +// project has no current parent, or it currently does not have an +// associated organization resource, you will also need the +// `resourcemanager.projects.setIamPolicy` permission in the project. +// +// - name: The name of the project to move. +func (r *ProjectsService) Move(name string, moveprojectrequest *MoveProjectRequest) *ProjectsMoveCall { + c := &ProjectsMoveCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.moveprojectrequest = moveprojectrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsMoveCall) Fields(s ...googleapi.Field) *ProjectsMoveCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsMoveCall) Context(ctx context.Context) *ProjectsMoveCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsMoveCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsMoveCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.moveprojectrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}:move") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.projects.move" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsMoveCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Move a project to another place in your resource hierarchy, under a new resource parent. Returns an operation which can be used to track the process of the project move workflow. Upon success, the `Operation.response` field will be populated with the moved project. The caller must have `resourcemanager.projects.move` permission on the project, on the project's current and proposed new parent. If project has no current parent, or it currently does not have an associated organization resource, you will also need the `resourcemanager.projects.setIamPolicy` permission in the project. ", + // "flatPath": "v3/projects/{projectsId}:move", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.projects.move", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The name of the project to move.", + // "location": "path", + // "pattern": "^projects/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}:move", + // "request": { + // "$ref": "MoveProjectRequest" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.projects.patch": + +type ProjectsPatchCall struct { + s *Service + name string + project *Project + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Patch: Updates the `display_name` and labels of the project +// identified by the specified `name` (for example, +// `projects/415104041262`). Deleting all labels requires an update mask +// for labels field. The caller must have +// `resourcemanager.projects.update` permission for this project. +// +// - name: Output only. The unique resource name of the project. It is +// an int64 generated number prefixed by "projects/". Example: +// `projects/415104041262`. +func (r *ProjectsService) Patch(name string, project *Project) *ProjectsPatchCall { + c := &ProjectsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.project = project + return c +} + +// UpdateMask sets the optional parameter "updateMask": An update mask +// to selectively update fields. +func (c *ProjectsPatchCall) UpdateMask(updateMask string) *ProjectsPatchCall { + c.urlParams_.Set("updateMask", updateMask) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsPatchCall) Fields(s ...googleapi.Field) *ProjectsPatchCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsPatchCall) Context(ctx context.Context) *ProjectsPatchCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsPatchCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsPatchCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.project) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("PATCH", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.projects.patch" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Updates the `display_name` and labels of the project identified by the specified `name` (for example, `projects/415104041262`). Deleting all labels requires an update mask for labels field. The caller must have `resourcemanager.projects.update` permission for this project.", + // "flatPath": "v3/projects/{projectsId}", + // "httpMethod": "PATCH", + // "id": "cloudresourcemanager.projects.patch", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Output only. The unique resource name of the project. It is an int64 generated number prefixed by \"projects/\". Example: `projects/415104041262`", + // "location": "path", + // "pattern": "^projects/[^/]+$", + // "required": true, + // "type": "string" + // }, + // "updateMask": { + // "description": "Optional. An update mask to selectively update fields.", + // "format": "google-fieldmask", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "request": { + // "$ref": "Project" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.projects.search": + +type ProjectsSearchCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Search: Search for projects that the caller has the +// `resourcemanager.projects.get` permission on, and also satisfy the +// specified query. This method returns projects in an unspecified +// order. This method is eventually consistent with project mutations; +// this means that a newly created project may not appear in the results +// or recent updates to an existing project may not be reflected in the +// results. To retrieve the latest state of a project, use the +// GetProject method. +func (r *ProjectsService) Search() *ProjectsSearchCall { + c := &ProjectsSearchCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number +// of projects to return in the response. The server can return fewer +// projects than requested. If unspecified, server picks an appropriate +// default. +func (c *ProjectsSearchCall) PageSize(pageSize int64) *ProjectsSearchCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A pagination token +// returned from a previous call to ListProjects that indicates from +// where listing should continue. +func (c *ProjectsSearchCall) PageToken(pageToken string) *ProjectsSearchCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Query sets the optional parameter "query": A query string for +// searching for projects that the caller has +// `resourcemanager.projects.get` permission to. If multiple fields are +// included in the query, then it will return results that match any of +// the fields. Some eligible fields are: ``` | Field | Description | +// |-------------------------|------------------------------------------- +// ---| | displayName, name | Filters by displayName. | | parent | +// Project's parent (for example: folders/123, organizations/*). Prefer +// parent field over parent.type and parent.id.| | parent.type | +// Parent's type: `folder` or `organization`. | | parent.id | Parent's +// id number (for example: 123) | | id, projectId | Filters by +// projectId. | | state, lifecycleState | Filters by state. | | labels | +// Filters by label name or value. | | labels.\ (where *key* is the name +// of a label) | Filters by label name.| ``` Search expressions are case +// insensitive. Some examples queries: ``` | Query | Description | +// |------------------|-------------------------------------------------- +// ---| | name:how* | The project's name starts with "how". | | +// name:Howl | The project's name is `Howl` or `howl`. | | name:HOWL | +// Equivalent to above. | | NAME:howl | Equivalent to above. | | +// labels.color:* | The project has the label `color`. | | +// labels.color:red | The project's label `color` has the value `red`. | +// | labels.color:red labels.size:big | The project's label `color` has +// the value `red` or its label `size` has the value `big`. | ``` If no +// query is specified, the call will return projects for which the user +// has the `resourcemanager.projects.get` permission. +func (c *ProjectsSearchCall) Query(query string) *ProjectsSearchCall { + c.urlParams_.Set("query", query) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsSearchCall) Fields(s ...googleapi.Field) *ProjectsSearchCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *ProjectsSearchCall) IfNoneMatch(entityTag string) *ProjectsSearchCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsSearchCall) Context(ctx context.Context) *ProjectsSearchCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsSearchCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsSearchCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/projects:search") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.projects.search" call. +// Exactly one of *SearchProjectsResponse or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *SearchProjectsResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *ProjectsSearchCall) Do(opts ...googleapi.CallOption) (*SearchProjectsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &SearchProjectsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Search for projects that the caller has the `resourcemanager.projects.get` permission on, and also satisfy the specified query. This method returns projects in an unspecified order. This method is eventually consistent with project mutations; this means that a newly created project may not appear in the results or recent updates to an existing project may not be reflected in the results. To retrieve the latest state of a project, use the GetProject method.", + // "flatPath": "v3/projects:search", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.projects.search", + // "parameterOrder": [], + // "parameters": { + // "pageSize": { + // "description": "Optional. The maximum number of projects to return in the response. The server can return fewer projects than requested. If unspecified, server picks an appropriate default.", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "pageToken": { + // "description": "Optional. A pagination token returned from a previous call to ListProjects that indicates from where listing should continue.", + // "location": "query", + // "type": "string" + // }, + // "query": { + // "description": "Optional. A query string for searching for projects that the caller has `resourcemanager.projects.get` permission to. If multiple fields are included in the query, then it will return results that match any of the fields. Some eligible fields are: ``` | Field | Description | |-------------------------|----------------------------------------------| | displayName, name | Filters by displayName. | | parent | Project's parent (for example: folders/123, organizations/*). Prefer parent field over parent.type and parent.id.| | parent.type | Parent's type: `folder` or `organization`. | | parent.id | Parent's id number (for example: 123) | | id, projectId | Filters by projectId. | | state, lifecycleState | Filters by state. | | labels | Filters by label name or value. | | labels.\\ (where *key* is the name of a label) | Filters by label name.| ``` Search expressions are case insensitive. Some examples queries: ``` | Query | Description | |------------------|-----------------------------------------------------| | name:how* | The project's name starts with \"how\". | | name:Howl | The project's name is `Howl` or `howl`. | | name:HOWL | Equivalent to above. | | NAME:howl | Equivalent to above. | | labels.color:* | The project has the label `color`. | | labels.color:red | The project's label `color` has the value `red`. | | labels.color:red labels.size:big | The project's label `color` has the value `red` or its label `size` has the value `big`. | ``` If no query is specified, the call will return projects for which the user has the `resourcemanager.projects.get` permission.", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v3/projects:search", + // "response": { + // "$ref": "SearchProjectsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *ProjectsSearchCall) Pages(ctx context.Context, f func(*SearchProjectsResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +// method id "cloudresourcemanager.projects.setIamPolicy": + +type ProjectsSetIamPolicyCall struct { + s *Service + resource string + setiampolicyrequest *SetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// SetIamPolicy: Sets the IAM access control policy for the specified +// project, in the format `projects/{ProjectIdOrNumber}` e.g. +// projects/123. CAUTION: This method will replace the existing policy, +// and cannot be used to append additional IAM settings. Note: Removing +// service accounts from policies or changing their roles can render +// services completely inoperable. It is important to understand how the +// service account is being used before removing or updating its roles. +// The following constraints apply when using `setIamPolicy()`: + +// Project does not support `allUsers` and `allAuthenticatedUsers` as +// `members` in a `Binding` of a `Policy`. + The owner role can be +// granted to a `user`, `serviceAccount`, or a group that is part of an +// organization. For example, group@myownpersonaldomain.com could be +// added as an owner to a project in the myownpersonaldomain.com +// organization, but not the examplepetstore.com organization. + Service +// accounts can be made owners of a project directly without any +// restrictions. However, to be added as an owner, a user must be +// invited using the Cloud Platform console and must accept the +// invitation. + A user cannot be granted the owner role using +// `setIamPolicy()`. The user must be granted the owner role using the +// Cloud Platform Console and must explicitly accept the invitation. + +// Invitations to grant the owner role cannot be sent using +// `setIamPolicy()`; they must be sent only using the Cloud Platform +// Console. + If the project is not part of an organization, there must +// be at least one owner who has accepted the Terms of Service (ToS) +// agreement in the policy. Calling `setIamPolicy()` to remove the last +// ToS-accepted owner from the policy will fail. This restriction also +// applies to legacy projects that no longer have owners who have +// accepted the ToS. Edits to IAM policies will be rejected until the +// lack of a ToS-accepting owner is rectified. If the project is part of +// an organization, you can remove all owners, potentially making the +// organization inaccessible. +// +// - resource: REQUIRED: The resource for which the policy is being +// specified. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *ProjectsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsSetIamPolicyCall { + c := &ProjectsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.setiampolicyrequest = setiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsSetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsSetIamPolicyCall) Context(ctx context.Context) *ProjectsSetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsSetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:setIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.projects.setIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *ProjectsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Sets the IAM access control policy for the specified project, in the format `projects/{ProjectIdOrNumber}` e.g. projects/123. CAUTION: This method will replace the existing policy, and cannot be used to append additional IAM settings. Note: Removing service accounts from policies or changing their roles can render services completely inoperable. It is important to understand how the service account is being used before removing or updating its roles. The following constraints apply when using `setIamPolicy()`: + Project does not support `allUsers` and `allAuthenticatedUsers` as `members` in a `Binding` of a `Policy`. + The owner role can be granted to a `user`, `serviceAccount`, or a group that is part of an organization. For example, group@myownpersonaldomain.com could be added as an owner to a project in the myownpersonaldomain.com organization, but not the examplepetstore.com organization. + Service accounts can be made owners of a project directly without any restrictions. However, to be added as an owner, a user must be invited using the Cloud Platform console and must accept the invitation. + A user cannot be granted the owner role using `setIamPolicy()`. The user must be granted the owner role using the Cloud Platform Console and must explicitly accept the invitation. + Invitations to grant the owner role cannot be sent using `setIamPolicy()`; they must be sent only using the Cloud Platform Console. + If the project is not part of an organization, there must be at least one owner who has accepted the Terms of Service (ToS) agreement in the policy. Calling `setIamPolicy()` to remove the last ToS-accepted owner from the policy will fail. This restriction also applies to legacy projects that no longer have owners who have accepted the ToS. Edits to IAM policies will be rejected until the lack of a ToS-accepting owner is rectified. If the project is part of an organization, you can remove all owners, potentially making the organization inaccessible.", + // "flatPath": "v3/projects/{projectsId}:setIamPolicy", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.projects.setIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^projects/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:setIamPolicy", + // "request": { + // "$ref": "SetIamPolicyRequest" + // }, + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.projects.testIamPermissions": + +type ProjectsTestIamPermissionsCall struct { + s *Service + resource string + testiampermissionsrequest *TestIamPermissionsRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// TestIamPermissions: Returns permissions that a caller has on the +// specified project, in the format `projects/{ProjectIdOrNumber}` e.g. +// projects/123.. +// +// - resource: REQUIRED: The resource for which the policy detail is +// being requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *ProjectsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsTestIamPermissionsCall { + c := &ProjectsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.testiampermissionsrequest = testiampermissionsrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsTestIamPermissionsCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsTestIamPermissionsCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsTestIamPermissionsCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:testIamPermissions") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.projects.testIamPermissions" call. +// Exactly one of *TestIamPermissionsResponse or error will be non-nil. +// Any non-2xx status code is an error. Response headers are in either +// *TestIamPermissionsResponse.ServerResponse.Header or (if a response +// was returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *ProjectsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &TestIamPermissionsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Returns permissions that a caller has on the specified project, in the format `projects/{ProjectIdOrNumber}` e.g. projects/123..", + // "flatPath": "v3/projects/{projectsId}:testIamPermissions", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.projects.testIamPermissions", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^projects/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:testIamPermissions", + // "request": { + // "$ref": "TestIamPermissionsRequest" + // }, + // "response": { + // "$ref": "TestIamPermissionsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.projects.undelete": + +type ProjectsUndeleteCall struct { + s *Service + name string + undeleteprojectrequest *UndeleteProjectRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Undelete: Restores the project identified by the specified `name` +// (for example, `projects/415104041262`). You can only use this method +// for a project that has a lifecycle state of DELETE_REQUESTED. After +// deletion starts, the project cannot be restored. The caller must have +// `resourcemanager.projects.undelete` permission for this project. +// +// - name: The name of the project (for example, +// `projects/415104041262`). Required. +func (r *ProjectsService) Undelete(name string, undeleteprojectrequest *UndeleteProjectRequest) *ProjectsUndeleteCall { + c := &ProjectsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.undeleteprojectrequest = undeleteprojectrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *ProjectsUndeleteCall) Fields(s ...googleapi.Field) *ProjectsUndeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *ProjectsUndeleteCall) Context(ctx context.Context) *ProjectsUndeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *ProjectsUndeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *ProjectsUndeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteprojectrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}:undelete") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.projects.undelete" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *ProjectsUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Restores the project identified by the specified `name` (for example, `projects/415104041262`). You can only use this method for a project that has a lifecycle state of DELETE_REQUESTED. After deletion starts, the project cannot be restored. The caller must have `resourcemanager.projects.undelete` permission for this project.", + // "flatPath": "v3/projects/{projectsId}:undelete", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.projects.undelete", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The name of the project (for example, `projects/415104041262`). Required.", + // "location": "path", + // "pattern": "^projects/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}:undelete", + // "request": { + // "$ref": "UndeleteProjectRequest" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagBindings.create": + +type TagBindingsCreateCall struct { + s *Service + tagbinding *TagBinding + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Create: Creates a TagBinding between a TagValue and a Google Cloud +// resource. +func (r *TagBindingsService) Create(tagbinding *TagBinding) *TagBindingsCreateCall { + c := &TagBindingsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.tagbinding = tagbinding + return c +} + +// ValidateOnly sets the optional parameter "validateOnly": Set to true +// to perform the validations necessary for creating the resource, but +// not actually perform the action. +func (c *TagBindingsCreateCall) ValidateOnly(validateOnly bool) *TagBindingsCreateCall { + c.urlParams_.Set("validateOnly", fmt.Sprint(validateOnly)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagBindingsCreateCall) Fields(s ...googleapi.Field) *TagBindingsCreateCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagBindingsCreateCall) Context(ctx context.Context) *TagBindingsCreateCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagBindingsCreateCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagBindingsCreateCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.tagbinding) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/tagBindings") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagBindings.create" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *TagBindingsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Creates a TagBinding between a TagValue and a Google Cloud resource.", + // "flatPath": "v3/tagBindings", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.tagBindings.create", + // "parameterOrder": [], + // "parameters": { + // "validateOnly": { + // "description": "Optional. Set to true to perform the validations necessary for creating the resource, but not actually perform the action.", + // "location": "query", + // "type": "boolean" + // } + // }, + // "path": "v3/tagBindings", + // "request": { + // "$ref": "TagBinding" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagBindings.delete": + +type TagBindingsDeleteCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Deletes a TagBinding. +// +// - name: The name of the TagBinding. This is a String of the form: +// `tagBindings/{id}` (e.g. +// `tagBindings/%2F%2Fcloudresourcemanager.googleapis.com%2Fprojects%2F +// 123/tagValues/456`). +func (r *TagBindingsService) Delete(name string) *TagBindingsDeleteCall { + c := &TagBindingsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagBindingsDeleteCall) Fields(s ...googleapi.Field) *TagBindingsDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagBindingsDeleteCall) Context(ctx context.Context) *TagBindingsDeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagBindingsDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagBindingsDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagBindings.delete" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *TagBindingsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Deletes a TagBinding.", + // "flatPath": "v3/tagBindings/{tagBindingsId}", + // "httpMethod": "DELETE", + // "id": "cloudresourcemanager.tagBindings.delete", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The name of the TagBinding. This is a String of the form: `tagBindings/{id}` (e.g. `tagBindings/%2F%2Fcloudresourcemanager.googleapis.com%2Fprojects%2F123/tagValues/456`).", + // "location": "path", + // "pattern": "^tagBindings/.*$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagBindings.list": + +type TagBindingsListCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Lists the TagBindings for the given Google Cloud resource, as +// specified with `parent`. NOTE: The `parent` field is expected to be a +// full resource name: +// https://cloud.google.com/apis/design/resource_names#full_resource_name +func (r *TagBindingsService) List() *TagBindingsListCall { + c := &TagBindingsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number +// of TagBindings to return in the response. The server allows a maximum +// of 300 TagBindings to return. If unspecified, the server will use 100 +// as the default. +func (c *TagBindingsListCall) PageSize(pageSize int64) *TagBindingsListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A pagination token +// returned from a previous call to `ListTagBindings` that indicates +// where this listing should continue from. +func (c *TagBindingsListCall) PageToken(pageToken string) *TagBindingsListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Parent sets the optional parameter "parent": Required. The full +// resource name of a resource for which you want to list existing +// TagBindings. E.g. +// "//cloudresourcemanager.googleapis.com/projects/123" +func (c *TagBindingsListCall) Parent(parent string) *TagBindingsListCall { + c.urlParams_.Set("parent", parent) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagBindingsListCall) Fields(s ...googleapi.Field) *TagBindingsListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *TagBindingsListCall) IfNoneMatch(entityTag string) *TagBindingsListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagBindingsListCall) Context(ctx context.Context) *TagBindingsListCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagBindingsListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagBindingsListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/tagBindings") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagBindings.list" call. +// Exactly one of *ListTagBindingsResponse or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *ListTagBindingsResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *TagBindingsListCall) Do(opts ...googleapi.CallOption) (*ListTagBindingsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ListTagBindingsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Lists the TagBindings for the given Google Cloud resource, as specified with `parent`. NOTE: The `parent` field is expected to be a full resource name: https://cloud.google.com/apis/design/resource_names#full_resource_name", + // "flatPath": "v3/tagBindings", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.tagBindings.list", + // "parameterOrder": [], + // "parameters": { + // "pageSize": { + // "description": "Optional. The maximum number of TagBindings to return in the response. The server allows a maximum of 300 TagBindings to return. If unspecified, the server will use 100 as the default.", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "pageToken": { + // "description": "Optional. A pagination token returned from a previous call to `ListTagBindings` that indicates where this listing should continue from.", + // "location": "query", + // "type": "string" + // }, + // "parent": { + // "description": "Required. The full resource name of a resource for which you want to list existing TagBindings. E.g. \"//cloudresourcemanager.googleapis.com/projects/123\"", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v3/tagBindings", + // "response": { + // "$ref": "ListTagBindingsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *TagBindingsListCall) Pages(ctx context.Context, f func(*ListTagBindingsResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +// method id "cloudresourcemanager.tagKeys.create": + +type TagKeysCreateCall struct { + s *Service + tagkey *TagKey + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Create: Creates a new TagKey. If another request with the same +// parameters is sent while the original request is in process, the +// second request will receive an error. A maximum of 1000 TagKeys can +// exist under a parent at any given time. +func (r *TagKeysService) Create(tagkey *TagKey) *TagKeysCreateCall { + c := &TagKeysCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.tagkey = tagkey + return c +} + +// ValidateOnly sets the optional parameter "validateOnly": Set to true +// to perform validations necessary for creating the resource, but not +// actually perform the action. +func (c *TagKeysCreateCall) ValidateOnly(validateOnly bool) *TagKeysCreateCall { + c.urlParams_.Set("validateOnly", fmt.Sprint(validateOnly)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagKeysCreateCall) Fields(s ...googleapi.Field) *TagKeysCreateCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagKeysCreateCall) Context(ctx context.Context) *TagKeysCreateCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagKeysCreateCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagKeysCreateCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.tagkey) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/tagKeys") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagKeys.create" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *TagKeysCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Creates a new TagKey. If another request with the same parameters is sent while the original request is in process, the second request will receive an error. A maximum of 1000 TagKeys can exist under a parent at any given time.", + // "flatPath": "v3/tagKeys", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.tagKeys.create", + // "parameterOrder": [], + // "parameters": { + // "validateOnly": { + // "description": "Optional. Set to true to perform validations necessary for creating the resource, but not actually perform the action.", + // "location": "query", + // "type": "boolean" + // } + // }, + // "path": "v3/tagKeys", + // "request": { + // "$ref": "TagKey" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagKeys.delete": + +type TagKeysDeleteCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Deletes a TagKey. The TagKey cannot be deleted if it has any +// child TagValues. +// +// - name: The resource name of a TagKey to be deleted in the format +// `tagKeys/123`. The TagKey cannot be a parent of any existing +// TagValues or it will not be deleted successfully. +func (r *TagKeysService) Delete(name string) *TagKeysDeleteCall { + c := &TagKeysDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Etag sets the optional parameter "etag": The etag known to the client +// for the expected state of the TagKey. This is to be used for +// optimistic concurrency. +func (c *TagKeysDeleteCall) Etag(etag string) *TagKeysDeleteCall { + c.urlParams_.Set("etag", etag) + return c +} + +// ValidateOnly sets the optional parameter "validateOnly": Set as true +// to perform validations necessary for deletion, but not actually +// perform the action. +func (c *TagKeysDeleteCall) ValidateOnly(validateOnly bool) *TagKeysDeleteCall { + c.urlParams_.Set("validateOnly", fmt.Sprint(validateOnly)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagKeysDeleteCall) Fields(s ...googleapi.Field) *TagKeysDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagKeysDeleteCall) Context(ctx context.Context) *TagKeysDeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagKeysDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagKeysDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagKeys.delete" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *TagKeysDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Deletes a TagKey. The TagKey cannot be deleted if it has any child TagValues.", + // "flatPath": "v3/tagKeys/{tagKeysId}", + // "httpMethod": "DELETE", + // "id": "cloudresourcemanager.tagKeys.delete", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "etag": { + // "description": "Optional. The etag known to the client for the expected state of the TagKey. This is to be used for optimistic concurrency.", + // "location": "query", + // "type": "string" + // }, + // "name": { + // "description": "Required. The resource name of a TagKey to be deleted in the format `tagKeys/123`. The TagKey cannot be a parent of any existing TagValues or it will not be deleted successfully.", + // "location": "path", + // "pattern": "^tagKeys/[^/]+$", + // "required": true, + // "type": "string" + // }, + // "validateOnly": { + // "description": "Optional. Set as true to perform validations necessary for deletion, but not actually perform the action.", + // "location": "query", + // "type": "boolean" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagKeys.get": + +type TagKeysGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Retrieves a TagKey. This method will return `PERMISSION_DENIED` +// if the key does not exist or the user does not have permission to +// view it. +// +// - name: A resource name in the format `tagKeys/{id}`, such as +// `tagKeys/123`. +func (r *TagKeysService) Get(name string) *TagKeysGetCall { + c := &TagKeysGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagKeysGetCall) Fields(s ...googleapi.Field) *TagKeysGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *TagKeysGetCall) IfNoneMatch(entityTag string) *TagKeysGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagKeysGetCall) Context(ctx context.Context) *TagKeysGetCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagKeysGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagKeysGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagKeys.get" call. +// Exactly one of *TagKey or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *TagKey.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *TagKeysGetCall) Do(opts ...googleapi.CallOption) (*TagKey, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &TagKey{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Retrieves a TagKey. This method will return `PERMISSION_DENIED` if the key does not exist or the user does not have permission to view it.", + // "flatPath": "v3/tagKeys/{tagKeysId}", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.tagKeys.get", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. A resource name in the format `tagKeys/{id}`, such as `tagKeys/123`.", + // "location": "path", + // "pattern": "^tagKeys/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "TagKey" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.tagKeys.getIamPolicy": + +type TagKeysGetIamPolicyCall struct { + s *Service + resource string + getiampolicyrequest *GetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// GetIamPolicy: Gets the access control policy for a TagKey. The +// returned policy may be empty if no such policy or resource exists. +// The `resource` field should be the TagKey's resource name. For +// example, "tagKeys/1234". The caller must have +// `cloudresourcemanager.googleapis.com/tagKeys.getIamPolicy` permission +// on the specified TagKey. +// +// - resource: REQUIRED: The resource for which the policy is being +// requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *TagKeysService) GetIamPolicy(resource string, getiampolicyrequest *GetIamPolicyRequest) *TagKeysGetIamPolicyCall { + c := &TagKeysGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.getiampolicyrequest = getiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagKeysGetIamPolicyCall) Fields(s ...googleapi.Field) *TagKeysGetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagKeysGetIamPolicyCall) Context(ctx context.Context) *TagKeysGetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagKeysGetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagKeysGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.getiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:getIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagKeys.getIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *TagKeysGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Gets the access control policy for a TagKey. The returned policy may be empty if no such policy or resource exists. The `resource` field should be the TagKey's resource name. For example, \"tagKeys/1234\". The caller must have `cloudresourcemanager.googleapis.com/tagKeys.getIamPolicy` permission on the specified TagKey.", + // "flatPath": "v3/tagKeys/{tagKeysId}:getIamPolicy", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.tagKeys.getIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^tagKeys/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:getIamPolicy", + // "request": { + // "$ref": "GetIamPolicyRequest" + // }, + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.tagKeys.getNamespaced": + +type TagKeysGetNamespacedCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// GetNamespaced: Retrieves a TagKey by its namespaced name. This method +// will return `PERMISSION_DENIED` if the key does not exist or the user +// does not have permission to view it. +func (r *TagKeysService) GetNamespaced() *TagKeysGetNamespacedCall { + c := &TagKeysGetNamespacedCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// Name sets the optional parameter "name": Required. A namespaced tag +// key name in the format `{parentId}/{tagKeyShort}`, such as `42/foo` +// for a key with short name "foo" under the organization with ID 42 or +// `r2-d2/bar` for a key with short name "bar" under the project +// `r2-d2`. +func (c *TagKeysGetNamespacedCall) Name(name string) *TagKeysGetNamespacedCall { + c.urlParams_.Set("name", name) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagKeysGetNamespacedCall) Fields(s ...googleapi.Field) *TagKeysGetNamespacedCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *TagKeysGetNamespacedCall) IfNoneMatch(entityTag string) *TagKeysGetNamespacedCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagKeysGetNamespacedCall) Context(ctx context.Context) *TagKeysGetNamespacedCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagKeysGetNamespacedCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagKeysGetNamespacedCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/tagKeys/namespaced") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagKeys.getNamespaced" call. +// Exactly one of *TagKey or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *TagKey.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *TagKeysGetNamespacedCall) Do(opts ...googleapi.CallOption) (*TagKey, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &TagKey{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Retrieves a TagKey by its namespaced name. This method will return `PERMISSION_DENIED` if the key does not exist or the user does not have permission to view it.", + // "flatPath": "v3/tagKeys/namespaced", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.tagKeys.getNamespaced", + // "parameterOrder": [], + // "parameters": { + // "name": { + // "description": "Required. A namespaced tag key name in the format `{parentId}/{tagKeyShort}`, such as `42/foo` for a key with short name \"foo\" under the organization with ID 42 or `r2-d2/bar` for a key with short name \"bar\" under the project `r2-d2`.", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v3/tagKeys/namespaced", + // "response": { + // "$ref": "TagKey" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.tagKeys.list": + +type TagKeysListCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Lists all TagKeys for a parent resource. +func (r *TagKeysService) List() *TagKeysListCall { + c := &TagKeysListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number +// of TagKeys to return in the response. The server allows a maximum of +// 300 TagKeys to return. If unspecified, the server will use 100 as the +// default. +func (c *TagKeysListCall) PageSize(pageSize int64) *TagKeysListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A pagination token +// returned from a previous call to `ListTagKey` that indicates where +// this listing should continue from. +func (c *TagKeysListCall) PageToken(pageToken string) *TagKeysListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Parent sets the optional parameter "parent": Required. The resource +// name of the TagKey's parent. Must be of the form +// `organizations/{org_id}` or `projects/{project_id}` or +// `projects/{project_number}` +func (c *TagKeysListCall) Parent(parent string) *TagKeysListCall { + c.urlParams_.Set("parent", parent) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagKeysListCall) Fields(s ...googleapi.Field) *TagKeysListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *TagKeysListCall) IfNoneMatch(entityTag string) *TagKeysListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagKeysListCall) Context(ctx context.Context) *TagKeysListCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagKeysListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagKeysListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/tagKeys") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagKeys.list" call. +// Exactly one of *ListTagKeysResponse or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *ListTagKeysResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *TagKeysListCall) Do(opts ...googleapi.CallOption) (*ListTagKeysResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ListTagKeysResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Lists all TagKeys for a parent resource.", + // "flatPath": "v3/tagKeys", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.tagKeys.list", + // "parameterOrder": [], + // "parameters": { + // "pageSize": { + // "description": "Optional. The maximum number of TagKeys to return in the response. The server allows a maximum of 300 TagKeys to return. If unspecified, the server will use 100 as the default.", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "pageToken": { + // "description": "Optional. A pagination token returned from a previous call to `ListTagKey` that indicates where this listing should continue from.", + // "location": "query", + // "type": "string" + // }, + // "parent": { + // "description": "Required. The resource name of the TagKey's parent. Must be of the form `organizations/{org_id}` or `projects/{project_id}` or `projects/{project_number}`", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v3/tagKeys", + // "response": { + // "$ref": "ListTagKeysResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *TagKeysListCall) Pages(ctx context.Context, f func(*ListTagKeysResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +// method id "cloudresourcemanager.tagKeys.patch": + +type TagKeysPatchCall struct { + s *Service + name string + tagkey *TagKey + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Patch: Updates the attributes of the TagKey resource. +// +// - name: Immutable. The resource name for a TagKey. Must be in the +// format `tagKeys/{tag_key_id}`, where `tag_key_id` is the generated +// numeric id for the TagKey. +func (r *TagKeysService) Patch(name string, tagkey *TagKey) *TagKeysPatchCall { + c := &TagKeysPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.tagkey = tagkey + return c +} + +// UpdateMask sets the optional parameter "updateMask": Fields to be +// updated. The mask may only contain `description` or `etag`. If +// omitted entirely, both `description` and `etag` are assumed to be +// significant. +func (c *TagKeysPatchCall) UpdateMask(updateMask string) *TagKeysPatchCall { + c.urlParams_.Set("updateMask", updateMask) + return c +} + +// ValidateOnly sets the optional parameter "validateOnly": Set as true +// to perform validations necessary for updating the resource, but not +// actually perform the action. +func (c *TagKeysPatchCall) ValidateOnly(validateOnly bool) *TagKeysPatchCall { + c.urlParams_.Set("validateOnly", fmt.Sprint(validateOnly)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagKeysPatchCall) Fields(s ...googleapi.Field) *TagKeysPatchCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagKeysPatchCall) Context(ctx context.Context) *TagKeysPatchCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagKeysPatchCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagKeysPatchCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.tagkey) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("PATCH", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagKeys.patch" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *TagKeysPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Updates the attributes of the TagKey resource.", + // "flatPath": "v3/tagKeys/{tagKeysId}", + // "httpMethod": "PATCH", + // "id": "cloudresourcemanager.tagKeys.patch", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Immutable. The resource name for a TagKey. Must be in the format `tagKeys/{tag_key_id}`, where `tag_key_id` is the generated numeric id for the TagKey.", + // "location": "path", + // "pattern": "^tagKeys/[^/]+$", + // "required": true, + // "type": "string" + // }, + // "updateMask": { + // "description": "Fields to be updated. The mask may only contain `description` or `etag`. If omitted entirely, both `description` and `etag` are assumed to be significant.", + // "format": "google-fieldmask", + // "location": "query", + // "type": "string" + // }, + // "validateOnly": { + // "description": "Set as true to perform validations necessary for updating the resource, but not actually perform the action.", + // "location": "query", + // "type": "boolean" + // } + // }, + // "path": "v3/{+name}", + // "request": { + // "$ref": "TagKey" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagKeys.setIamPolicy": + +type TagKeysSetIamPolicyCall struct { + s *Service + resource string + setiampolicyrequest *SetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// SetIamPolicy: Sets the access control policy on a TagKey, replacing +// any existing policy. The `resource` field should be the TagKey's +// resource name. For example, "tagKeys/1234". The caller must have +// `resourcemanager.tagKeys.setIamPolicy` permission on the identified +// tagValue. +// +// - resource: REQUIRED: The resource for which the policy is being +// specified. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *TagKeysService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *TagKeysSetIamPolicyCall { + c := &TagKeysSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.setiampolicyrequest = setiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagKeysSetIamPolicyCall) Fields(s ...googleapi.Field) *TagKeysSetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagKeysSetIamPolicyCall) Context(ctx context.Context) *TagKeysSetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagKeysSetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagKeysSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:setIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagKeys.setIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *TagKeysSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Sets the access control policy on a TagKey, replacing any existing policy. The `resource` field should be the TagKey's resource name. For example, \"tagKeys/1234\". The caller must have `resourcemanager.tagKeys.setIamPolicy` permission on the identified tagValue.", + // "flatPath": "v3/tagKeys/{tagKeysId}:setIamPolicy", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.tagKeys.setIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^tagKeys/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:setIamPolicy", + // "request": { + // "$ref": "SetIamPolicyRequest" + // }, + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagKeys.testIamPermissions": + +type TagKeysTestIamPermissionsCall struct { + s *Service + resource string + testiampermissionsrequest *TestIamPermissionsRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// TestIamPermissions: Returns permissions that a caller has on the +// specified TagKey. The `resource` field should be the TagKey's +// resource name. For example, "tagKeys/1234". There are no permissions +// required for making this API call. +// +// - resource: REQUIRED: The resource for which the policy detail is +// being requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *TagKeysService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *TagKeysTestIamPermissionsCall { + c := &TagKeysTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.testiampermissionsrequest = testiampermissionsrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagKeysTestIamPermissionsCall) Fields(s ...googleapi.Field) *TagKeysTestIamPermissionsCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagKeysTestIamPermissionsCall) Context(ctx context.Context) *TagKeysTestIamPermissionsCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagKeysTestIamPermissionsCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagKeysTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:testIamPermissions") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagKeys.testIamPermissions" call. +// Exactly one of *TestIamPermissionsResponse or error will be non-nil. +// Any non-2xx status code is an error. Response headers are in either +// *TestIamPermissionsResponse.ServerResponse.Header or (if a response +// was returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *TagKeysTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &TestIamPermissionsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Returns permissions that a caller has on the specified TagKey. The `resource` field should be the TagKey's resource name. For example, \"tagKeys/1234\". There are no permissions required for making this API call.", + // "flatPath": "v3/tagKeys/{tagKeysId}:testIamPermissions", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.tagKeys.testIamPermissions", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^tagKeys/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:testIamPermissions", + // "request": { + // "$ref": "TestIamPermissionsRequest" + // }, + // "response": { + // "$ref": "TestIamPermissionsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagValues.create": + +type TagValuesCreateCall struct { + s *Service + tagvalue *TagValue + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Create: Creates a TagValue as a child of the specified TagKey. If a +// another request with the same parameters is sent while the original +// request is in process the second request will receive an error. A +// maximum of 1000 TagValues can exist under a TagKey at any given time. +func (r *TagValuesService) Create(tagvalue *TagValue) *TagValuesCreateCall { + c := &TagValuesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.tagvalue = tagvalue + return c +} + +// ValidateOnly sets the optional parameter "validateOnly": Set as true +// to perform the validations necessary for creating the resource, but +// not actually perform the action. +func (c *TagValuesCreateCall) ValidateOnly(validateOnly bool) *TagValuesCreateCall { + c.urlParams_.Set("validateOnly", fmt.Sprint(validateOnly)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagValuesCreateCall) Fields(s ...googleapi.Field) *TagValuesCreateCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagValuesCreateCall) Context(ctx context.Context) *TagValuesCreateCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagValuesCreateCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagValuesCreateCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.tagvalue) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/tagValues") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagValues.create" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *TagValuesCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Creates a TagValue as a child of the specified TagKey. If a another request with the same parameters is sent while the original request is in process the second request will receive an error. A maximum of 1000 TagValues can exist under a TagKey at any given time.", + // "flatPath": "v3/tagValues", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.tagValues.create", + // "parameterOrder": [], + // "parameters": { + // "validateOnly": { + // "description": "Optional. Set as true to perform the validations necessary for creating the resource, but not actually perform the action.", + // "location": "query", + // "type": "boolean" + // } + // }, + // "path": "v3/tagValues", + // "request": { + // "$ref": "TagValue" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagValues.delete": + +type TagValuesDeleteCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Deletes a TagValue. The TagValue cannot have any bindings +// when it is deleted. +// +// - name: Resource name for TagValue to be deleted in the format +// tagValues/456. +func (r *TagValuesService) Delete(name string) *TagValuesDeleteCall { + c := &TagValuesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Etag sets the optional parameter "etag": The etag known to the client +// for the expected state of the TagValue. This is to be used for +// optimistic concurrency. +func (c *TagValuesDeleteCall) Etag(etag string) *TagValuesDeleteCall { + c.urlParams_.Set("etag", etag) + return c +} + +// ValidateOnly sets the optional parameter "validateOnly": Set as true +// to perform the validations necessary for deletion, but not actually +// perform the action. +func (c *TagValuesDeleteCall) ValidateOnly(validateOnly bool) *TagValuesDeleteCall { + c.urlParams_.Set("validateOnly", fmt.Sprint(validateOnly)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagValuesDeleteCall) Fields(s ...googleapi.Field) *TagValuesDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagValuesDeleteCall) Context(ctx context.Context) *TagValuesDeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagValuesDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagValuesDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagValues.delete" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *TagValuesDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Deletes a TagValue. The TagValue cannot have any bindings when it is deleted.", + // "flatPath": "v3/tagValues/{tagValuesId}", + // "httpMethod": "DELETE", + // "id": "cloudresourcemanager.tagValues.delete", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "etag": { + // "description": "Optional. The etag known to the client for the expected state of the TagValue. This is to be used for optimistic concurrency.", + // "location": "query", + // "type": "string" + // }, + // "name": { + // "description": "Required. Resource name for TagValue to be deleted in the format tagValues/456.", + // "location": "path", + // "pattern": "^tagValues/[^/]+$", + // "required": true, + // "type": "string" + // }, + // "validateOnly": { + // "description": "Optional. Set as true to perform the validations necessary for deletion, but not actually perform the action.", + // "location": "query", + // "type": "boolean" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagValues.get": + +type TagValuesGetCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// Get: Retrieves a TagValue. This method will return +// `PERMISSION_DENIED` if the value does not exist or the user does not +// have permission to view it. +// +// - name: Resource name for TagValue to be fetched in the format +// `tagValues/456`. +func (r *TagValuesService) Get(name string) *TagValuesGetCall { + c := &TagValuesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagValuesGetCall) Fields(s ...googleapi.Field) *TagValuesGetCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *TagValuesGetCall) IfNoneMatch(entityTag string) *TagValuesGetCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagValuesGetCall) Context(ctx context.Context) *TagValuesGetCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagValuesGetCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagValuesGetCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagValues.get" call. +// Exactly one of *TagValue or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *TagValue.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *TagValuesGetCall) Do(opts ...googleapi.CallOption) (*TagValue, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &TagValue{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Retrieves a TagValue. This method will return `PERMISSION_DENIED` if the value does not exist or the user does not have permission to view it.", + // "flatPath": "v3/tagValues/{tagValuesId}", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.tagValues.get", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. Resource name for TagValue to be fetched in the format `tagValues/456`.", + // "location": "path", + // "pattern": "^tagValues/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "TagValue" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.tagValues.getIamPolicy": + +type TagValuesGetIamPolicyCall struct { + s *Service + resource string + getiampolicyrequest *GetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// GetIamPolicy: Gets the access control policy for a TagValue. The +// returned policy may be empty if no such policy or resource exists. +// The `resource` field should be the TagValue's resource name. For +// example: `tagValues/1234`. The caller must have the +// `cloudresourcemanager.googleapis.com/tagValues.getIamPolicy` +// permission on the identified TagValue to get the access control +// policy. +// +// - resource: REQUIRED: The resource for which the policy is being +// requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *TagValuesService) GetIamPolicy(resource string, getiampolicyrequest *GetIamPolicyRequest) *TagValuesGetIamPolicyCall { + c := &TagValuesGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.getiampolicyrequest = getiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagValuesGetIamPolicyCall) Fields(s ...googleapi.Field) *TagValuesGetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagValuesGetIamPolicyCall) Context(ctx context.Context) *TagValuesGetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagValuesGetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagValuesGetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.getiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:getIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagValues.getIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *TagValuesGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Gets the access control policy for a TagValue. The returned policy may be empty if no such policy or resource exists. The `resource` field should be the TagValue's resource name. For example: `tagValues/1234`. The caller must have the `cloudresourcemanager.googleapis.com/tagValues.getIamPolicy` permission on the identified TagValue to get the access control policy.", + // "flatPath": "v3/tagValues/{tagValuesId}:getIamPolicy", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.tagValues.getIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^tagValues/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:getIamPolicy", + // "request": { + // "$ref": "GetIamPolicyRequest" + // }, + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.tagValues.getNamespaced": + +type TagValuesGetNamespacedCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// GetNamespaced: Retrieves a TagValue by its namespaced name. This +// method will return `PERMISSION_DENIED` if the value does not exist or +// the user does not have permission to view it. +func (r *TagValuesService) GetNamespaced() *TagValuesGetNamespacedCall { + c := &TagValuesGetNamespacedCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// Name sets the optional parameter "name": Required. A namespaced tag +// value name in the following format: +// `{parentId}/{tagKeyShort}/{tagValueShort}` Examples: - `42/foo/abc` +// for a value with short name "abc" under the key with short name "foo" +// under the organization with ID 42 - `r2-d2/bar/xyz` for a value with +// short name "xyz" under the key with short name "bar" under the +// project with ID "r2-d2" +func (c *TagValuesGetNamespacedCall) Name(name string) *TagValuesGetNamespacedCall { + c.urlParams_.Set("name", name) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagValuesGetNamespacedCall) Fields(s ...googleapi.Field) *TagValuesGetNamespacedCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *TagValuesGetNamespacedCall) IfNoneMatch(entityTag string) *TagValuesGetNamespacedCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagValuesGetNamespacedCall) Context(ctx context.Context) *TagValuesGetNamespacedCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagValuesGetNamespacedCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagValuesGetNamespacedCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/tagValues/namespaced") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagValues.getNamespaced" call. +// Exactly one of *TagValue or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *TagValue.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *TagValuesGetNamespacedCall) Do(opts ...googleapi.CallOption) (*TagValue, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &TagValue{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Retrieves a TagValue by its namespaced name. This method will return `PERMISSION_DENIED` if the value does not exist or the user does not have permission to view it.", + // "flatPath": "v3/tagValues/namespaced", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.tagValues.getNamespaced", + // "parameterOrder": [], + // "parameters": { + // "name": { + // "description": "Required. A namespaced tag value name in the following format: `{parentId}/{tagKeyShort}/{tagValueShort}` Examples: - `42/foo/abc` for a value with short name \"abc\" under the key with short name \"foo\" under the organization with ID 42 - `r2-d2/bar/xyz` for a value with short name \"xyz\" under the key with short name \"bar\" under the project with ID \"r2-d2\"", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v3/tagValues/namespaced", + // "response": { + // "$ref": "TagValue" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// method id "cloudresourcemanager.tagValues.list": + +type TagValuesListCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Lists all TagValues for a specific TagKey. +func (r *TagValuesService) List() *TagValuesListCall { + c := &TagValuesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number +// of TagValues to return in the response. The server allows a maximum +// of 300 TagValues to return. If unspecified, the server will use 100 +// as the default. +func (c *TagValuesListCall) PageSize(pageSize int64) *TagValuesListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A pagination token +// returned from a previous call to `ListTagValues` that indicates where +// this listing should continue from. +func (c *TagValuesListCall) PageToken(pageToken string) *TagValuesListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Parent sets the optional parameter "parent": Required. Resource name +// for the parent of the TagValues to be listed, in the format +// `tagKeys/123` or `tagValues/123`. +func (c *TagValuesListCall) Parent(parent string) *TagValuesListCall { + c.urlParams_.Set("parent", parent) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagValuesListCall) Fields(s ...googleapi.Field) *TagValuesListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *TagValuesListCall) IfNoneMatch(entityTag string) *TagValuesListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagValuesListCall) Context(ctx context.Context) *TagValuesListCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagValuesListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagValuesListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/tagValues") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagValues.list" call. +// Exactly one of *ListTagValuesResponse or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *ListTagValuesResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *TagValuesListCall) Do(opts ...googleapi.CallOption) (*ListTagValuesResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ListTagValuesResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Lists all TagValues for a specific TagKey.", + // "flatPath": "v3/tagValues", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.tagValues.list", + // "parameterOrder": [], + // "parameters": { + // "pageSize": { + // "description": "Optional. The maximum number of TagValues to return in the response. The server allows a maximum of 300 TagValues to return. If unspecified, the server will use 100 as the default.", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "pageToken": { + // "description": "Optional. A pagination token returned from a previous call to `ListTagValues` that indicates where this listing should continue from.", + // "location": "query", + // "type": "string" + // }, + // "parent": { + // "description": "Required. Resource name for the parent of the TagValues to be listed, in the format `tagKeys/123` or `tagValues/123`.", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v3/tagValues", + // "response": { + // "$ref": "ListTagValuesResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *TagValuesListCall) Pages(ctx context.Context, f func(*ListTagValuesResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} + +// method id "cloudresourcemanager.tagValues.patch": + +type TagValuesPatchCall struct { + s *Service + name string + tagvalue *TagValue + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Patch: Updates the attributes of the TagValue resource. +// +// - name: Immutable. Resource name for TagValue in the format +// `tagValues/456`. +func (r *TagValuesService) Patch(name string, tagvalue *TagValue) *TagValuesPatchCall { + c := &TagValuesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + c.tagvalue = tagvalue + return c +} + +// UpdateMask sets the optional parameter "updateMask": Fields to be +// updated. +func (c *TagValuesPatchCall) UpdateMask(updateMask string) *TagValuesPatchCall { + c.urlParams_.Set("updateMask", updateMask) + return c +} + +// ValidateOnly sets the optional parameter "validateOnly": True to +// perform validations necessary for updating the resource, but not +// actually perform the action. +func (c *TagValuesPatchCall) ValidateOnly(validateOnly bool) *TagValuesPatchCall { + c.urlParams_.Set("validateOnly", fmt.Sprint(validateOnly)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagValuesPatchCall) Fields(s ...googleapi.Field) *TagValuesPatchCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagValuesPatchCall) Context(ctx context.Context) *TagValuesPatchCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagValuesPatchCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagValuesPatchCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.tagvalue) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("PATCH", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagValues.patch" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *TagValuesPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Updates the attributes of the TagValue resource.", + // "flatPath": "v3/tagValues/{tagValuesId}", + // "httpMethod": "PATCH", + // "id": "cloudresourcemanager.tagValues.patch", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Immutable. Resource name for TagValue in the format `tagValues/456`.", + // "location": "path", + // "pattern": "^tagValues/[^/]+$", + // "required": true, + // "type": "string" + // }, + // "updateMask": { + // "description": "Optional. Fields to be updated.", + // "format": "google-fieldmask", + // "location": "query", + // "type": "string" + // }, + // "validateOnly": { + // "description": "Optional. True to perform validations necessary for updating the resource, but not actually perform the action.", + // "location": "query", + // "type": "boolean" + // } + // }, + // "path": "v3/{+name}", + // "request": { + // "$ref": "TagValue" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagValues.setIamPolicy": + +type TagValuesSetIamPolicyCall struct { + s *Service + resource string + setiampolicyrequest *SetIamPolicyRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// SetIamPolicy: Sets the access control policy on a TagValue, replacing +// any existing policy. The `resource` field should be the TagValue's +// resource name. For example: `tagValues/1234`. The caller must have +// `resourcemanager.tagValues.setIamPolicy` permission on the identified +// tagValue. +// +// - resource: REQUIRED: The resource for which the policy is being +// specified. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *TagValuesService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *TagValuesSetIamPolicyCall { + c := &TagValuesSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.setiampolicyrequest = setiampolicyrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagValuesSetIamPolicyCall) Fields(s ...googleapi.Field) *TagValuesSetIamPolicyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagValuesSetIamPolicyCall) Context(ctx context.Context) *TagValuesSetIamPolicyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagValuesSetIamPolicyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagValuesSetIamPolicyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:setIamPolicy") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagValues.setIamPolicy" call. +// Exactly one of *Policy or error will be non-nil. Any non-2xx status +// code is an error. Response headers are in either +// *Policy.ServerResponse.Header or (if a response was returned at all) +// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to +// check whether the returned error was because http.StatusNotModified +// was returned. +func (c *TagValuesSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Policy{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Sets the access control policy on a TagValue, replacing any existing policy. The `resource` field should be the TagValue's resource name. For example: `tagValues/1234`. The caller must have `resourcemanager.tagValues.setIamPolicy` permission on the identified tagValue.", + // "flatPath": "v3/tagValues/{tagValuesId}:setIamPolicy", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.tagValues.setIamPolicy", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy is being specified. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^tagValues/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:setIamPolicy", + // "request": { + // "$ref": "SetIamPolicyRequest" + // }, + // "response": { + // "$ref": "Policy" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagValues.testIamPermissions": + +type TagValuesTestIamPermissionsCall struct { + s *Service + resource string + testiampermissionsrequest *TestIamPermissionsRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// TestIamPermissions: Returns permissions that a caller has on the +// specified TagValue. The `resource` field should be the TagValue's +// resource name. For example: `tagValues/1234`. There are no +// permissions required for making this API call. +// +// - resource: REQUIRED: The resource for which the policy detail is +// being requested. See Resource names +// (https://cloud.google.com/apis/design/resource_names) for the +// appropriate value for this field. +func (r *TagValuesService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *TagValuesTestIamPermissionsCall { + c := &TagValuesTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.resource = resource + c.testiampermissionsrequest = testiampermissionsrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagValuesTestIamPermissionsCall) Fields(s ...googleapi.Field) *TagValuesTestIamPermissionsCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagValuesTestIamPermissionsCall) Context(ctx context.Context) *TagValuesTestIamPermissionsCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagValuesTestIamPermissionsCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagValuesTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+resource}:testIamPermissions") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "resource": c.resource, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagValues.testIamPermissions" call. +// Exactly one of *TestIamPermissionsResponse or error will be non-nil. +// Any non-2xx status code is an error. Response headers are in either +// *TestIamPermissionsResponse.ServerResponse.Header or (if a response +// was returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *TagValuesTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &TestIamPermissionsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Returns permissions that a caller has on the specified TagValue. The `resource` field should be the TagValue's resource name. For example: `tagValues/1234`. There are no permissions required for making this API call.", + // "flatPath": "v3/tagValues/{tagValuesId}:testIamPermissions", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.tagValues.testIamPermissions", + // "parameterOrder": [ + // "resource" + // ], + // "parameters": { + // "resource": { + // "description": "REQUIRED: The resource for which the policy detail is being requested. See [Resource names](https://cloud.google.com/apis/design/resource_names) for the appropriate value for this field.", + // "location": "path", + // "pattern": "^tagValues/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+resource}:testIamPermissions", + // "request": { + // "$ref": "TestIamPermissionsRequest" + // }, + // "response": { + // "$ref": "TestIamPermissionsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagValues.tagHolds.create": + +type TagValuesTagHoldsCreateCall struct { + s *Service + parent string + taghold *TagHold + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Create: Creates a TagHold. Returns ALREADY_EXISTS if a TagHold with +// the same resource and origin exists under the same TagValue. +// +// - parent: The resource name of the TagHold's parent TagValue. Must be +// of the form: `tagValues/{tag-value-id}`. +func (r *TagValuesTagHoldsService) Create(parent string, taghold *TagHold) *TagValuesTagHoldsCreateCall { + c := &TagValuesTagHoldsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent + c.taghold = taghold + return c +} + +// ValidateOnly sets the optional parameter "validateOnly": Set to true +// to perform the validations necessary for creating the resource, but +// not actually perform the action. +func (c *TagValuesTagHoldsCreateCall) ValidateOnly(validateOnly bool) *TagValuesTagHoldsCreateCall { + c.urlParams_.Set("validateOnly", fmt.Sprint(validateOnly)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagValuesTagHoldsCreateCall) Fields(s ...googleapi.Field) *TagValuesTagHoldsCreateCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagValuesTagHoldsCreateCall) Context(ctx context.Context) *TagValuesTagHoldsCreateCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagValuesTagHoldsCreateCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagValuesTagHoldsCreateCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.taghold) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+parent}/tagHolds") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "parent": c.parent, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagValues.tagHolds.create" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *TagValuesTagHoldsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Creates a TagHold. Returns ALREADY_EXISTS if a TagHold with the same resource and origin exists under the same TagValue.", + // "flatPath": "v3/tagValues/{tagValuesId}/tagHolds", + // "httpMethod": "POST", + // "id": "cloudresourcemanager.tagValues.tagHolds.create", + // "parameterOrder": [ + // "parent" + // ], + // "parameters": { + // "parent": { + // "description": "Required. The resource name of the TagHold's parent TagValue. Must be of the form: `tagValues/{tag-value-id}`.", + // "location": "path", + // "pattern": "^tagValues/[^/]+$", + // "required": true, + // "type": "string" + // }, + // "validateOnly": { + // "description": "Optional. Set to true to perform the validations necessary for creating the resource, but not actually perform the action.", + // "location": "query", + // "type": "boolean" + // } + // }, + // "path": "v3/{+parent}/tagHolds", + // "request": { + // "$ref": "TagHold" + // }, + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagValues.tagHolds.delete": + +type TagValuesTagHoldsDeleteCall struct { + s *Service + name string + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// Delete: Deletes a TagHold. +// +// - name: The resource name of the TagHold to delete. Must be of the +// form: `tagValues/{tag-value-id}/tagHolds/{tag-hold-id}`. +func (r *TagValuesTagHoldsService) Delete(name string) *TagValuesTagHoldsDeleteCall { + c := &TagValuesTagHoldsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.name = name + return c +} + +// ValidateOnly sets the optional parameter "validateOnly": Set to true +// to perform the validations necessary for deleting the resource, but +// not actually perform the action. +func (c *TagValuesTagHoldsDeleteCall) ValidateOnly(validateOnly bool) *TagValuesTagHoldsDeleteCall { + c.urlParams_.Set("validateOnly", fmt.Sprint(validateOnly)) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagValuesTagHoldsDeleteCall) Fields(s ...googleapi.Field) *TagValuesTagHoldsDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagValuesTagHoldsDeleteCall) Context(ctx context.Context) *TagValuesTagHoldsDeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagValuesTagHoldsDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagValuesTagHoldsDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+name}") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("DELETE", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "name": c.name, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagValues.tagHolds.delete" call. +// Exactly one of *Operation or error will be non-nil. Any non-2xx +// status code is an error. Response headers are in either +// *Operation.ServerResponse.Header or (if a response was returned at +// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified +// to check whether the returned error was because +// http.StatusNotModified was returned. +func (c *TagValuesTagHoldsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &Operation{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Deletes a TagHold.", + // "flatPath": "v3/tagValues/{tagValuesId}/tagHolds/{tagHoldsId}", + // "httpMethod": "DELETE", + // "id": "cloudresourcemanager.tagValues.tagHolds.delete", + // "parameterOrder": [ + // "name" + // ], + // "parameters": { + // "name": { + // "description": "Required. The resource name of the TagHold to delete. Must be of the form: `tagValues/{tag-value-id}/tagHolds/{tag-hold-id}`.", + // "location": "path", + // "pattern": "^tagValues/[^/]+/tagHolds/[^/]+$", + // "required": true, + // "type": "string" + // }, + // "validateOnly": { + // "description": "Optional. Set to true to perform the validations necessary for deleting the resource, but not actually perform the action.", + // "location": "query", + // "type": "boolean" + // } + // }, + // "path": "v3/{+name}", + // "response": { + // "$ref": "Operation" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform" + // ] + // } + +} + +// method id "cloudresourcemanager.tagValues.tagHolds.list": + +type TagValuesTagHoldsListCall struct { + s *Service + parent string + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// List: Lists TagHolds under a TagValue. +// +// - parent: The resource name of the parent TagValue. Must be of the +// form: `tagValues/{tag-value-id}`. +func (r *TagValuesTagHoldsService) List(parent string) *TagValuesTagHoldsListCall { + c := &TagValuesTagHoldsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.parent = parent + return c +} + +// Filter sets the optional parameter "filter": Criteria used to select +// a subset of TagHolds parented by the TagValue to return. This field +// follows the syntax defined by aip.dev/160; the `holder` and `origin` +// fields are supported for filtering. Currently only `AND` syntax is +// supported. Some example queries are: * `holder = +// //compute.googleapis.com/compute/projects/myproject/regions/us-east-1/ +// instanceGroupManagers/instance-group` * `origin = 35678234` * `holder +// = +// //compute.googleapis.com/compute/projects/myproject/regions/us-east-1/ +// instanceGroupManagers/instance-group AND origin = 35678234` +func (c *TagValuesTagHoldsListCall) Filter(filter string) *TagValuesTagHoldsListCall { + c.urlParams_.Set("filter", filter) + return c +} + +// PageSize sets the optional parameter "pageSize": The maximum number +// of TagHolds to return in the response. The server allows a maximum of +// 300 TagHolds to return. If unspecified, the server will use 100 as +// the default. +func (c *TagValuesTagHoldsListCall) PageSize(pageSize int64) *TagValuesTagHoldsListCall { + c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) + return c +} + +// PageToken sets the optional parameter "pageToken": A pagination token +// returned from a previous call to `ListTagHolds` that indicates where +// this listing should continue from. +func (c *TagValuesTagHoldsListCall) PageToken(pageToken string) *TagValuesTagHoldsListCall { + c.urlParams_.Set("pageToken", pageToken) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *TagValuesTagHoldsListCall) Fields(s ...googleapi.Field) *TagValuesTagHoldsListCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *TagValuesTagHoldsListCall) IfNoneMatch(entityTag string) *TagValuesTagHoldsListCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *TagValuesTagHoldsListCall) Context(ctx context.Context) *TagValuesTagHoldsListCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *TagValuesTagHoldsListCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *TagValuesTagHoldsListCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v3/{+parent}/tagHolds") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "parent": c.parent, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "cloudresourcemanager.tagValues.tagHolds.list" call. +// Exactly one of *ListTagHoldsResponse or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *ListTagHoldsResponse.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *TagValuesTagHoldsListCall) Do(opts ...googleapi.CallOption) (*ListTagHoldsResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &ListTagHoldsResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Lists TagHolds under a TagValue.", + // "flatPath": "v3/tagValues/{tagValuesId}/tagHolds", + // "httpMethod": "GET", + // "id": "cloudresourcemanager.tagValues.tagHolds.list", + // "parameterOrder": [ + // "parent" + // ], + // "parameters": { + // "filter": { + // "description": "Optional. Criteria used to select a subset of TagHolds parented by the TagValue to return. This field follows the syntax defined by aip.dev/160; the `holder` and `origin` fields are supported for filtering. Currently only `AND` syntax is supported. Some example queries are: * `holder = //compute.googleapis.com/compute/projects/myproject/regions/us-east-1/instanceGroupManagers/instance-group` * `origin = 35678234` * `holder = //compute.googleapis.com/compute/projects/myproject/regions/us-east-1/instanceGroupManagers/instance-group AND origin = 35678234`", + // "location": "query", + // "type": "string" + // }, + // "pageSize": { + // "description": "Optional. The maximum number of TagHolds to return in the response. The server allows a maximum of 300 TagHolds to return. If unspecified, the server will use 100 as the default.", + // "format": "int32", + // "location": "query", + // "type": "integer" + // }, + // "pageToken": { + // "description": "Optional. A pagination token returned from a previous call to `ListTagHolds` that indicates where this listing should continue from.", + // "location": "query", + // "type": "string" + // }, + // "parent": { + // "description": "Required. The resource name of the parent TagValue. Must be of the form: `tagValues/{tag-value-id}`.", + // "location": "path", + // "pattern": "^tagValues/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v3/{+parent}/tagHolds", + // "response": { + // "$ref": "ListTagHoldsResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/cloud-platform", + // "https://www.googleapis.com/auth/cloud-platform.read-only" + // ] + // } + +} + +// Pages invokes f for each page of results. +// A non-nil error returned from f will halt the iteration. +// The provided context supersedes any context provided to the Context method. +func (c *TagValuesTagHoldsListCall) Pages(ctx context.Context, f func(*ListTagHoldsResponse) error) error { + c.ctx_ = ctx + defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point + for { + x, err := c.Do() + if err != nil { + return err + } + if err := f(x); err != nil { + return err + } + if x.NextPageToken == "" { + return nil + } + c.PageToken(x.NextPageToken) + } +} diff --git a/vendor/modules.txt b/vendor/modules.txt index fbbe930c6c7..81add7f948b 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -9300,6 +9300,7 @@ gomodules.xyz/jsonpatch/v2 # google.golang.org/api v0.149.0 ## explicit; go 1.19 google.golang.org/api/cloudresourcemanager/v1 +google.golang.org/api/cloudresourcemanager/v3 google.golang.org/api/compute/v1 google.golang.org/api/dns/v1 google.golang.org/api/googleapi From 1363d39c86fd8b2bbae6aa03927240c05f456abb Mon Sep 17 00:00:00 2001 From: Bharath B Date: Sat, 17 Feb 2024 13:42:13 +0530 Subject: [PATCH 3/3] CFE-857 : Apply user defined tags on created gcp resources --- data/data/gcp/bootstrap/main.tf | 25 +- data/data/gcp/cluster/main.tf | 2 +- data/data/gcp/cluster/master/main.tf | 13 +- data/data/gcp/cluster/master/variables.tf | 9 + data/data/gcp/variables-gcp.tf | 11 +- pkg/asset/cluster/tfvars/tfvars.go | 9 + .../installconfig/gcp/mock/usertags_mock.go | 83 ++++++ pkg/asset/installconfig/gcp/usertags.go | 246 ++++++++++++++++ pkg/asset/installconfig/gcp/usertags_test.go | 274 ++++++++++++++++++ pkg/asset/installconfig/gcp/validation.go | 10 + pkg/asset/machines/gcp/machines.go | 9 + pkg/tfvars/gcp/gcp.go | 3 + pkg/types/gcp/validation/platform.go | 67 +---- pkg/types/gcp/validation/platform_test.go | 181 ------------ 14 files changed, 689 insertions(+), 253 deletions(-) create mode 100644 pkg/asset/installconfig/gcp/mock/usertags_mock.go create mode 100644 pkg/asset/installconfig/gcp/usertags.go create mode 100644 pkg/asset/installconfig/gcp/usertags_test.go diff --git a/data/data/gcp/bootstrap/main.tf b/data/data/gcp/bootstrap/main.tf index 1647d0b1e3e..2975005e9e4 100644 --- a/data/data/gcp/bootstrap/main.tf +++ b/data/data/gcp/bootstrap/main.tf @@ -18,6 +18,18 @@ resource "google_storage_bucket" "ignition" { labels = var.gcp_extra_labels } +resource "google_tags_location_tag_binding" "user_tag_binding_bucket" { + for_each = var.gcp_extra_tags + + parent = format("//storage.googleapis.com/projects/_/buckets/%s", + google_storage_bucket.ignition.name, + ) + tag_value = each.value + location = var.gcp_region + + depends_on = [google_storage_bucket.ignition] +} + resource "google_storage_bucket_object" "ignition" { bucket = google_storage_bucket.ignition.name name = "bootstrap.ign" @@ -88,10 +100,11 @@ resource "google_compute_instance" "bootstrap" { boot_disk { initialize_params { - type = var.gcp_master_root_volume_type - size = var.gcp_master_root_volume_size - image = var.compute_image - labels = var.gcp_extra_labels + type = var.gcp_master_root_volume_type + size = var.gcp_master_root_volume_size + image = var.compute_image + labels = var.gcp_extra_labels + resource_manager_tags = var.gcp_extra_tags } kms_key_self_link = var.gcp_root_volume_kms_key_link } @@ -138,6 +151,10 @@ resource "google_compute_instance" "bootstrap" { labels = var.gcp_extra_labels + params { + resource_manager_tags = var.gcp_extra_tags + } + lifecycle { # In GCP TF apply is run a second time to remove bootstrap node from LB. # If machine_type = n2-standard series, install will error as TF tries to diff --git a/data/data/gcp/cluster/main.tf b/data/data/gcp/cluster/main.tf index 548110d1c22..6a48d65e5d0 100644 --- a/data/data/gcp/cluster/main.tf +++ b/data/data/gcp/cluster/main.tf @@ -35,6 +35,7 @@ module "master" { confidential_compute = var.gcp_master_confidential_compute on_host_maintenance = var.gcp_master_on_host_maintenance gcp_extra_labels = var.gcp_extra_labels + gcp_extra_tags = var.gcp_extra_tags tags = var.gcp_control_plane_tags } @@ -82,4 +83,3 @@ module "dns" { project_id = var.gcp_project_id gcp_extra_labels = var.gcp_extra_labels } - diff --git a/data/data/gcp/cluster/master/main.tf b/data/data/gcp/cluster/master/main.tf index febfd4991aa..7f5992e953a 100644 --- a/data/data/gcp/cluster/master/main.tf +++ b/data/data/gcp/cluster/master/main.tf @@ -47,10 +47,11 @@ resource "google_compute_instance" "master" { boot_disk { initialize_params { - type = var.root_volume_type - size = var.root_volume_size - image = var.image - labels = var.gcp_extra_labels + type = var.root_volume_type + size = var.root_volume_size + image = var.image + labels = var.gcp_extra_labels + resource_manager_tags = var.gcp_extra_tags } kms_key_self_link = var.root_volume_kms_key_link } @@ -97,6 +98,10 @@ resource "google_compute_instance" "master" { scopes = ["https://www.googleapis.com/auth/cloud-platform"] } + params { + resource_manager_tags = var.gcp_extra_tags + } + lifecycle { # In GCP TF apply is run a second time to remove bootstrap node from LB. # If machine_type = n2-standard series, install will error as TF tries to diff --git a/data/data/gcp/cluster/master/variables.tf b/data/data/gcp/cluster/master/variables.tf index fba96d9df30..f82fc68e22d 100644 --- a/data/data/gcp/cluster/master/variables.tf +++ b/data/data/gcp/cluster/master/variables.tf @@ -85,3 +85,12 @@ variable "on_host_maintenance" { description = "The behavior when a maintenance event occurs." default = "" } + +variable "gcp_extra_tags" { + type = map(string) + description = < maxUserTagLimit { + return fmt.Errorf("more than %d user tags is not allowed, configured count: %d", maxUserTagLimit, len(userTags)) + } + + projectTags, err := mgr.GetProjectTags(ctx, project) + if err != nil { + return err + } + + if dupTags := findDuplicateTags(userTags, projectTags); len(dupTags) != 0 { + return fmt.Errorf("found duplicate tags, %v tags already exist on %s project resource", dupTags, project) + } + + processedTags.make(len(userTags)) + nonexistentTags := make([]string, 0) + for _, tag := range userTags { + name := fmt.Sprintf("%s/%s/%s", tag.ParentID, tag.Key, tag.Value) + tagValue, err := mgr.GetNamespacedTagValue(ctx, name) + if err != nil { + // check and return all non-existing tags at once + // for user to fix in one go. + var gErr *apierror.APIError + // google API returns StatusForbidden or StatusNotFound when the tag + // does not exist, since it could be because of permission issues + // or genuinely tag does not exist. + if errors.As(err, &gErr) && gErr.HTTPCode() == http.StatusForbidden { + logrus.Debugf("does not have permission to access %s tag or does not exist: %d", name, gErr.HTTPCode()) + nonexistentTags = append(nonexistentTags, name) + continue + } + return fmt.Errorf("failed to fetch user-defined tag %s(%d): %w", name, gErr.HTTPCode(), err) + } + processedTags.addTag(tagValue.Parent, tagValue.Name) + } + + if len(nonexistentTags) != 0 { + return fmt.Errorf("does not have permission to access %v tag(s) or does not exist", nonexistentTags) + } + + processedTags.markProcessed() + logrus.Debugf("user defined tags processed list: %v, took %s to finish", processedTags.tags, time.Since(start)) + return nil +} + +// findDuplicateTags returns list of duplicate userTags which are already present +// in the parentTags list. +func findDuplicateTags(userTags []gcp.UserTag, parentTags sets.Set[string]) []string { + dupTags := make([]string, 0) + for _, tag := range userTags { + tagNamespacedName := fmt.Sprintf("%s/%s/%s", tag.ParentID, tag.Key, tag.Value) + if parentTags.Has(tagNamespacedName) { + dupTags = append(dupTags, tagNamespacedName) + } + } + return dupTags +} + +// getCloudResourceServiceForTags returns the client required for querying resource manager resources. +func (m *tagManager) getCloudResourceServiceForTags(ctx context.Context) (*tags.Service, error) { + svc, err := tags.NewService(ctx, option.WithCredentials(m.client.GetCredentials())) + if err != nil { + return nil, fmt.Errorf("failed to create cloud resource service: %w", err) + } + return svc, nil +} + +// GetProjectTags returns the list of effective tags attached to the provided project resource. +func (m *tagManager) GetProjectTags(ctx context.Context, projectID string) (sets.Set[string], error) { + const ( + // projectParentPathFmt is the format string for parent path of a project resource. + projectParentPathFmt = "//cloudresourcemanager.googleapis.com/projects/%s" + ) + + ctx, cancel := context.WithTimeout(ctx, defaultTimeout) + defer cancel() + + service, err := m.getCloudResourceServiceForTags(ctx) + if err != nil { + return nil, fmt.Errorf("failed to create cloud resource service: %w", err) + } + + effectiveTags := sets.New[string]() + effectiveTagsService := tags.NewEffectiveTagsService(service) + effectiveTagsRequest := effectiveTagsService.List().Context(ctx).Parent(fmt.Sprintf(projectParentPathFmt, projectID)) + if err := effectiveTagsRequest.Pages(ctx, func(page *tags.ListEffectiveTagsResponse) error { + for _, effectiveTag := range page.EffectiveTags { + effectiveTags.Insert(effectiveTag.NamespacedTagValue) + } + return nil + }); err != nil { + return nil, err + } + + return effectiveTags, nil +} + +// GetNamespacedTagValue returns the Tag Value metadata fetched using the tag's NamespacedName. +func (m *tagManager) GetNamespacedTagValue(ctx context.Context, tagNamespacedName string) (*tags.TagValue, error) { + ctx, cancel := context.WithTimeout(ctx, defaultTimeout) + defer cancel() + + service, err := m.getCloudResourceServiceForTags(ctx) + if err != nil { + return nil, fmt.Errorf("failed to create cloud resource service: %w", err) + } + + tagValuesService := tags.NewTagValuesService(service) + + return tagValuesService.GetNamespaced(). + Context(ctx). + Name(tagNamespacedName). + Do() +} diff --git a/pkg/asset/installconfig/gcp/usertags_test.go b/pkg/asset/installconfig/gcp/usertags_test.go new file mode 100644 index 00000000000..9154618417a --- /dev/null +++ b/pkg/asset/installconfig/gcp/usertags_test.go @@ -0,0 +1,274 @@ +package gcp + +import ( + "context" + "fmt" + "net/http" + "reflect" + "sync" + "testing" + + "github.com/golang/mock/gomock" + "github.com/googleapis/gax-go/v2/apierror" + googleoauth "golang.org/x/oauth2/google" + "google.golang.org/api/cloudresourcemanager/v3" + "google.golang.org/api/googleapi" + "k8s.io/apimachinery/pkg/util/sets" + + "github.com/openshift/installer/pkg/asset/installconfig/gcp/mock" + "github.com/openshift/installer/pkg/types/gcp" +) + +var ( + testTags = []gcp.UserTag{ + {ParentID: "openshift", Key: "key1", Value: "value1"}, {ParentID: "openshift", Key: "key2", Value: "value2"}, + {ParentID: "openshift", Key: "key3", Value: "value3"}, {ParentID: "openshift", Key: "key4", Value: "value4"}, + {ParentID: "openshift", Key: "key5", Value: "value5"}, {ParentID: "openshift", Key: "key6", Value: "value6"}, + {ParentID: "openshift", Key: "key7", Value: "value7"}, {ParentID: "openshift", Key: "key8", Value: "value8"}, + {ParentID: "openshift", Key: "key9", Value: "value9"}, {ParentID: "openshift", Key: "key10", Value: "value10"}, + {ParentID: "openshift", Key: "key11", Value: "value11"}, {ParentID: "openshift", Key: "key12", Value: "value12"}, + {ParentID: "openshift", Key: "key13", Value: "value13"}, {ParentID: "openshift", Key: "key14", Value: "value14"}, + {ParentID: "openshift", Key: "key15", Value: "value15"}, {ParentID: "openshift", Key: "key16", Value: "value16"}, + {ParentID: "openshift", Key: "key17", Value: "value17"}, {ParentID: "openshift", Key: "key18", Value: "value18"}, + {ParentID: "openshift", Key: "key19", Value: "value19"}, {ParentID: "openshift", Key: "key20", Value: "value20"}, + {ParentID: "openshift", Key: "key21", Value: "value21"}, {ParentID: "openshift", Key: "key22", Value: "value22"}, + {ParentID: "openshift", Key: "key23", Value: "value23"}, {ParentID: "openshift", Key: "key24", Value: "value24"}, + {ParentID: "openshift", Key: "key25", Value: "value25"}, {ParentID: "openshift", Key: "key26", Value: "value26"}, + {ParentID: "openshift", Key: "key27", Value: "value27"}, {ParentID: "openshift", Key: "key28", Value: "value28"}, + {ParentID: "openshift", Key: "key29", Value: "value29"}, {ParentID: "openshift", Key: "key30", Value: "value30"}, + {ParentID: "openshift", Key: "key31", Value: "value31"}, {ParentID: "openshift", Key: "key32", Value: "value32"}, + {ParentID: "openshift", Key: "key33", Value: "value33"}, {ParentID: "openshift", Key: "key34", Value: "value34"}, + {ParentID: "openshift", Key: "key35", Value: "value35"}, {ParentID: "openshift", Key: "key36", Value: "value36"}, + {ParentID: "openshift", Key: "key37", Value: "value37"}, {ParentID: "openshift", Key: "key38", Value: "value38"}, + {ParentID: "openshift", Key: "key39", Value: "value39"}, {ParentID: "openshift", Key: "key40", Value: "value40"}, + {ParentID: "openshift", Key: "key41", Value: "value41"}, {ParentID: "openshift", Key: "key42", Value: "value42"}, + {ParentID: "openshift", Key: "key43", Value: "value43"}, {ParentID: "openshift", Key: "key44", Value: "value44"}, + {ParentID: "openshift", Key: "key45", Value: "value45"}, {ParentID: "openshift", Key: "key46", Value: "value46"}, + {ParentID: "openshift", Key: "key47", Value: "value47"}, {ParentID: "openshift", Key: "key48", Value: "value48"}, + {ParentID: "openshift", Key: "key49", Value: "value49"}, {ParentID: "openshift", Key: "key50", Value: "value50"}, + {ParentID: "openshift", Key: "key51", Value: "value51"}, {ParentID: "openshift", Key: "key52", Value: "value52"}, + } + + testProcessedTags = map[string]struct { + key string + value string + }{ + "openshift/key1/value1": {key: "tagKeys/0005159847", value: "tagValues/0030662057"}, + "openshift/key2/value2": {key: "tagKeys/0018550390", value: "tagValues/0073384808"}, + "openshift/key3/value3": {key: "tagKeys/0051315427", value: "tagValues/0051662048"}, + "openshift/key4/value4": {key: "tagKeys/0081126737", value: "tagValues/0012526301"}, + "openshift/key5/value5": {key: "tagKeys/0009228350", value: "tagValues/0043054391"}, + "openshift/key6/value6": {key: "tagKeys/0051626174", value: "tagValues/0027708252"}, + "openshift/key7/value7": {key: "tagKeys/0030414034", value: "tagValues/0020489890"}, + "openshift/key8/value8": {key: "tagKeys/0050469265", value: "tagValues/0002904904"}, + "openshift/key9/value9": {key: "tagKeys/0076293608", value: "tagValues/0055629312"}, + "openshift/key10/value10": {key: "tagKeys/0023033386", value: "tagValues/0088842980"}, + "openshift/key11/value11": {key: "tagKeys/0069899625", value: "tagValues/0047417661"}, + "openshift/key12/value12": {key: "tagKeys/0034605069", value: "tagValues/0050384905"}, + "openshift/key13/value13": {key: "tagKeys/0028357547", value: "tagValues/0052268968"}, + "openshift/key14/value14": {key: "tagKeys/0099944474", value: "tagValues/0059052883"}, + "openshift/key15/value15": {key: "tagKeys/0050205103", value: "tagValues/0036307885"}, + "openshift/key16/value16": {key: "tagKeys/0079771629", value: "tagValues/0065673174"}, + "openshift/key17/value17": {key: "tagKeys/0060225722", value: "tagValues/0081145498"}, + "openshift/key18/value18": {key: "tagKeys/0016496476", value: "tagValues/0046494994"}, + "openshift/key19/value19": {key: "tagKeys/0093247819", value: "tagValues/0041540373"}, + "openshift/key20/value20": {key: "tagKeys/0080859513", value: "tagValues/0016693395"}, + "openshift/key21/value21": {key: "tagKeys/0018537779", value: "tagValues/0003454649"}, + "openshift/key22/value22": {key: "tagKeys/0071724280", value: "tagValues/0047292544"}, + "openshift/key23/value23": {key: "tagKeys/0045095645", value: "tagValues/0089378558"}, + "openshift/key24/value24": {key: "tagKeys/0044575217", value: "tagValues/0022754275"}, + "openshift/key25/value25": {key: "tagKeys/0056084774", value: "tagValues/0040808197"}, + "openshift/key26/value26": {key: "tagKeys/0086508506", value: "tagValues/0091979350"}, + "openshift/key27/value27": {key: "tagKeys/0085330359", value: "tagValues/0051833259"}, + "openshift/key28/value28": {key: "tagKeys/0094744916", value: "tagValues/0011642000"}, + "openshift/key29/value29": {key: "tagKeys/0014270555", value: "tagValues/0072404680"}, + "openshift/key30/value30": {key: "tagKeys/0079085850", value: "tagValues/0007793185"}, + "openshift/key31/value31": {key: "tagKeys/0031484153", value: "tagValues/0050294705"}, + "openshift/key32/value32": {key: "tagKeys/0045311563", value: "tagValues/0029329808"}, + "openshift/key33/value33": {key: "tagKeys/0080836115", value: "tagValues/0003514535"}, + "openshift/key34/value34": {key: "tagKeys/0072216154", value: "tagValues/0060486146"}, + "openshift/key35/value35": {key: "tagKeys/0025032284", value: "tagValues/0038979234"}, + "openshift/key36/value36": {key: "tagKeys/0057998529", value: "tagValues/0067716498"}, + "openshift/key37/value37": {key: "tagKeys/0086808493", value: "tagValues/0060060909"}, + "openshift/key38/value38": {key: "tagKeys/0029402635", value: "tagValues/0060648494"}, + "openshift/key39/value39": {key: "tagKeys/0034805062", value: "tagValues/0066064364"}, + "openshift/key40/value40": {key: "tagKeys/0052208445", value: "tagValues/0098376015"}, + "openshift/key41/value41": {key: "tagKeys/0078738427", value: "tagValues/0046807958"}, + "openshift/key42/value42": {key: "tagKeys/0075526710", value: "tagValues/0092960786"}, + "openshift/key43/value43": {key: "tagKeys/0071238172", value: "tagValues/0014715775"}, + "openshift/key44/value44": {key: "tagKeys/0098580341", value: "tagValues/0052744277"}, + "openshift/key45/value45": {key: "tagKeys/0046775969", value: "tagValues/0095864916"}, + "openshift/key46/value46": {key: "tagKeys/0041543652", value: "tagValues/0054302656"}, + "openshift/key47/value47": {key: "tagKeys/0043236402", value: "tagValues/0087723355"}, + "openshift/key48/value48": {key: "tagKeys/0098289690", value: "tagValues/0018491792"}, + "openshift/key49/value49": {key: "tagKeys/0022125412", value: "tagValues/0063407483"}, + "openshift/key50/value50": {key: "tagKeys/0004322107", value: "tagValues/0083960428"}, + "openshift/key51/value51": {key: "tagKeys/0070391549", value: "tagValues/0027514043"}, + "openshift/key51/value52": {key: "tagKeys/0070391542", value: "tagValues/0227514043"}, + } +) + +func generateExpectedProcessedTags(tags []gcp.UserTag) map[string]string { + retTags := make(map[string]string, len(tags)) + for _, tag := range tags { + t := testProcessedTags[fmt.Sprintf("%s/%s/%s", tag.ParentID, tag.Key, tag.Value)] + retTags[t.key] = t.value + } + return retTags +} + +func getTestGetNamespacedTagValueForbiddenError(tagValueNamespacedName string) error { + apiErr, _ := apierror.FromError(fmt.Errorf("%w", &googleapi.Error{ + Code: http.StatusForbidden, + Message: fmt.Sprintf("Permission denied on resource '%s' (or it may not exist).", tagValueNamespacedName), + })) + return apiErr +} + +func getTestGetNamespacedTagValueInternalError(tagValueNamespacedName string) error { + apiErr, _ := apierror.FromError(fmt.Errorf("%w", &googleapi.Error{ + Code: http.StatusInternalServerError, + Message: fmt.Sprintf("Internal error while fetching '%s'", tagValueNamespacedName), + })) + return apiErr +} + +func getTestNamespacedTagValueResp(tagValueNamespacedName string) *cloudresourcemanager.TagValue { + tag := testProcessedTags[tagValueNamespacedName] + return &cloudresourcemanager.TagValue{ + Name: tag.value, + Parent: tag.key, + NamespacedName: tagValueNamespacedName, + } +} + +func resetProcessedTags() { + processedTags.Lock() + defer processedTags.Unlock() + + processedTags.processed = false + processedTags.tags = map[string]string{} +} + +func TestGetUserTags(t *testing.T) { + testProject := "test-project" + // serializer is for serializing the access to processedTags, since + // each scenario expects different set of tags. + serializer := &sync.Mutex{} + + testCases := []struct { + name string + projectID string + userTags []gcp.UserTag + processedTags map[string]string + expectedError string + }{ + { + name: "user tags is empty", + userTags: []gcp.UserTag{}, + processedTags: map[string]string{}, + }, + { + name: "more than max allowed tags configured", + userTags: testTags, + processedTags: nil, + expectedError: "more than 50 user tags is not allowed, configured count: 52", + }, + { + name: "user tags processing passed", + userTags: testTags[2:50], + processedTags: generateExpectedProcessedTags(testTags[2:50]), + }, + { + name: "fetching project tags fails", + projectID: "fail-project", + userTags: testTags[:5], + processedTags: nil, + expectedError: "failed to fetch tags attached to fail-project: The caller does not have permission", + }, + { + name: "found duplicate tags", + projectID: "dup-project", + userTags: testTags[5:10], + processedTags: nil, + expectedError: `found duplicate tags, [openshift/key6/value6 openshift/key7/value7 openshift/key8/value8 openshift/key9/value9 openshift/key10/value10] tags already exist on dup-project project resource`, + }, + { + name: "non-existent tags configured", + userTags: testTags[40:51], + processedTags: nil, + expectedError: `does not have permission to access [openshift/key51/value51] tag(s) or does not exist`, + }, + { + name: "failed to fetch tag", + userTags: testTags[40:], + processedTags: nil, + expectedError: `failed to fetch user-defined tag openshift/key52/value52(500): googleapi: Error 500: Internal error while fetching 'openshift/key52/value52'`, + }, + } + + mockCtrl := gomock.NewController(t) + defer mockCtrl.Finish() + + gcpClient := mock.NewMockAPI(mockCtrl) + tagMgr := mock.NewMockTagManager(mockCtrl) + + // Return fake credentials. + gcpClient.EXPECT().GetCredentials().Return(&googleoauth.Credentials{JSON: []byte(fakeCreds)}).AnyTimes() + + // Return ["openshift/key1/value1", "openshift/key2/value2"] tags for "test-project" project. + tagMgr.EXPECT().GetProjectTags(gomock.Any(), testProject).Return(sets.Insert(sets.New[string](), "openshift/key1/value1", "openshift/key2/value2"), nil).AnyTimes() + + // Return error for "fail-project" project. + tagMgr.EXPECT().GetProjectTags(gomock.Any(), "fail-project"). + Return( + nil, + fmt.Errorf("failed to fetch tags attached to fail-project: The caller does not have permission")). + AnyTimes() + + // Return ["openshift/key6/value6", "openshift/key7/value7", "openshift/key8/value8", + // "openshift/key9/value9", "openshift/key10/value10"] tags for "dup-project" project. + tagMgr.EXPECT().GetProjectTags(gomock.Any(), "dup-project"). + Return( + sets.Insert(sets.New[string](), + "openshift/key6/value6", + "openshift/key7/value7", + "openshift/key8/value8", + "openshift/key9/value9", + "openshift/key10/value10", + ), nil).AnyTimes() + + // Return Forbidden error "openshift/key51/value51" tag. + tagMgr.EXPECT().GetNamespacedTagValue(gomock.Any(), "openshift/key51/value51").Return(nil, getTestGetNamespacedTagValueForbiddenError("openshift/key51/value51")).AnyTimes() + + // Return Internal error "openshift/key52/value52" tag. + tagMgr.EXPECT().GetNamespacedTagValue(gomock.Any(), "openshift/key52/value52").Return(nil, getTestGetNamespacedTagValueInternalError("openshift/key52/value52")).AnyTimes() + + // Return details for the requested tag. + tagMgr.EXPECT().GetNamespacedTagValue(gomock.Any(), gomock.Any()). + DoAndReturn(func(ctx context.Context, tagNamespacedName string) (*cloudresourcemanager.TagValue, error) { + return getTestNamespacedTagValueResp(tagNamespacedName), nil + }).AnyTimes() + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + serializer.Lock() + defer serializer.Unlock() + resetProcessedTags() + + projectID := testProject + if tc.projectID != "" { + projectID = tc.projectID + } + tags, err := GetUserTags(context.Background(), tagMgr, projectID, tc.userTags) + + if (err != nil || tc.expectedError != "") && err.Error() != tc.expectedError { + t.Errorf("GetUserTags(): error: got: %v, want: %v", err, tc.expectedError) + } + + if !reflect.DeepEqual(tags, tc.processedTags) { + t.Errorf("GetUserTags(): tags: got: %v, want: %v", tags, tc.processedTags) + } + }) + } +} diff --git a/pkg/asset/installconfig/gcp/validation.go b/pkg/asset/installconfig/gcp/validation.go index f0cba7c6088..41b12eb30af 100644 --- a/pkg/asset/installconfig/gcp/validation.go +++ b/pkg/asset/installconfig/gcp/validation.go @@ -66,6 +66,10 @@ func Validate(client API, ic *types.InstallConfig) error { allErrs = append(allErrs, validateServiceAccountPresent(client, ic)...) allErrs = append(allErrs, validateMarketplaceImages(client, ic)...) + if err := validateUserTags(client, ic.Platform.GCP.ProjectID, ic.Platform.GCP.UserTags); err != nil { + allErrs = append(allErrs, field.Invalid(field.NewPath("platform").Child("gcp").Child("userTags"), ic.Platform.GCP.UserTags, err.Error())) + } + return allErrs.ToAggregate() } @@ -633,3 +637,9 @@ func checkArchitecture(imageArch string, icArch types.Architecture, role string) } return "" } + +// validateUserTags check for existence and accessibility of user-defined tags and persists +// validated tags in-memory. +func validateUserTags(client API, projectID string, userTags []gcp.UserTag) error { + return validateAndPersistUserTags(context.Background(), NewTagManager(client), projectID, userTags) +} diff --git a/pkg/asset/machines/gcp/machines.go b/pkg/asset/machines/gcp/machines.go index a9dfb760fc9..5dbef450dc2 100644 --- a/pkg/asset/machines/gcp/machines.go +++ b/pkg/asset/machines/gcp/machines.go @@ -195,6 +195,14 @@ func provider(clusterID string, platform *gcp.Platform, mpool *gcp.MachinePool, for _, label := range platform.UserLabels { labels[label.Key] = label.Value } + tags := make([]machineapi.ResourceManagerTag, len(platform.UserTags)) + for i, tag := range platform.UserTags { + tags[i] = machineapi.ResourceManagerTag{ + ParentID: tag.ParentID, + Key: tag.Key, + Value: tag.Value, + } + } return &machineapi.GCPMachineProviderSpec{ TypeMeta: metav1.TypeMeta{ APIVersion: "machine.openshift.io/v1beta1", @@ -229,6 +237,7 @@ func provider(clusterID string, platform *gcp.Platform, mpool *gcp.MachinePool, ConfidentialCompute: machineapi.ConfidentialComputePolicy(mpool.ConfidentialCompute), OnHostMaintenance: machineapi.GCPHostMaintenanceType(mpool.OnHostMaintenance), Labels: labels, + ResourceManagerTags: tags, }, nil } diff --git a/pkg/tfvars/gcp/gcp.go b/pkg/tfvars/gcp/gcp.go index 5050ad0a036..6978455b7fb 100644 --- a/pkg/tfvars/gcp/gcp.go +++ b/pkg/tfvars/gcp/gcp.go @@ -51,6 +51,7 @@ type config struct { EnableConfidentialCompute string `json:"gcp_master_confidential_compute,omitempty"` ExtraLabels map[string]string `json:"gcp_extra_labels,omitempty"` UserProvisionedDNS bool `json:"gcp_user_provisioned_dns,omitempty"` + ExtraTags map[string]string `json:"gcp_extra_tags,omitempty"` } // TFVarsSources contains the parameters to be converted into Terraform variables @@ -65,6 +66,7 @@ type TFVarsSources struct { PreexistingNetwork bool InfrastructureName string UserProvisionedDNS bool + UserTags map[string]string } // TFVars generates gcp-specific Terraform variables launching the cluster. @@ -106,6 +108,7 @@ func TFVars(sources TFVarsSources) ([]byte, error) { OnHostMaintenance: string(masterConfig.OnHostMaintenance), ExtraLabels: labels, UserProvisionedDNS: sources.UserProvisionedDNS, + ExtraTags: sources.UserTags, } if masterConfig.Disks[0].EncryptionKey != nil { diff --git a/pkg/types/gcp/validation/platform.go b/pkg/types/gcp/validation/platform.go index 12f02f75b50..8d96d0e267f 100644 --- a/pkg/types/gcp/validation/platform.go +++ b/pkg/types/gcp/validation/platform.go @@ -74,24 +74,13 @@ var ( // userLabelKeyPrefixRegex is for verifying that the label key does not contain restricted prefixes. userLabelKeyPrefixRegex = regexp.MustCompile(`^(?i)(kubernetes\-io|openshift\-io)`) - - // userTagKeyRegex is for verifying that the tag key contains only allowed characters. - userTagKeyRegex = regexp.MustCompile(`^[a-zA-Z0-9]([0-9A-Za-z_.-]{0,61}[a-zA-Z0-9])?$`) - - // userTagValueRegex is for verifying that the tag value contains only allowed characters. - userTagValueRegex = regexp.MustCompile(`^[a-zA-Z0-9]([0-9A-Za-z_.@%=+:,*#&()\[\]{}\-\s]{0,61}[a-zA-Z0-9])?$`) - - // userTagParentIDRegex is for verifying that the tag parentID contains only allowed characters. - userTagParentIDRegex = regexp.MustCompile(`(^[1-9][0-9]{0,31}$)|(^[a-z][a-z0-9-]{4,28}[a-z0-9]$)`) ) -// maxUserLabelLimit is the maximum userLabels that can be configured as defined in openshift/api. -// https://github.com/openshift/api/commit/ae73a19d05c35068af16c9aeff375d0b7c936a8a#diff-07b264a49084976b670fb699badaca1795027d6ea732a99226a5388104f6174fR592-R602 -const maxUserLabelLimit = 32 - -// maxUserTagLimit is the maximum userTags that can be configured as defined in openshift/api. -// https://github.com/openshift/api/commit/ae73a19d05c35068af16c9aeff375d0b7c936a8a#diff-07b264a49084976b670fb699badaca1795027d6ea732a99226a5388104f6174fR604-R613 -const maxUserTagLimit = 50 +const ( + // maxUserLabelLimit is the maximum userLabels that can be configured as defined in openshift/api. + // https://github.com/openshift/api/commit/ae73a19d05c35068af16c9aeff375d0b7c936a8a#diff-07b264a49084976b670fb699badaca1795027d6ea732a99226a5388104f6174fR592-R602 + maxUserLabelLimit = 32 +) // ValidatePlatform checks that the specified platform is valid. func ValidatePlatform(p *gcp.Platform, fldPath *field.Path, ic *types.InstallConfig) field.ErrorList { @@ -128,9 +117,6 @@ func ValidatePlatform(p *gcp.Platform, fldPath *field.Path, ic *types.InstallCon // check if configured userLabels are valid. allErrs = append(allErrs, validateUserLabels(p.UserLabels, fldPath.Child("userLabels"))...) - // check if configured userTags are valid. - allErrs = append(allErrs, validateUserTags(p.UserTags, fldPath.Child("userTags"))...) - return allErrs } @@ -173,46 +159,3 @@ func validateLabel(key, value string) error { } return nil } - -// validateUserTags verifies if configured number of UserTags is not more than -// allowed limit and the tag keys and values are valid. -func validateUserTags(tags []gcp.UserTag, fldPath *field.Path) field.ErrorList { - allErrs := field.ErrorList{} - if len(tags) == 0 { - return allErrs - } - - if len(tags) > maxUserTagLimit { - allErrs = append(allErrs, field.TooMany(fldPath, len(tags), maxUserTagLimit)) - } - - for _, tag := range tags { - if err := validateTag(tag.ParentID, tag.Key, tag.Value); err != nil { - allErrs = append(allErrs, field.Invalid(fldPath.Key(tag.Key), tag.Value, err.Error())) - } - } - - return allErrs -} - -// validateTag checks the following to ensure that the tag configured is acceptable. Though -// the criteria is for tag resources to pre-exist, tags will be validated to catch the -// error much earlier. -// - The key and value contain only allowed characters. -// - The key and value is not empty and can have at most 63 characters. -// - The ParentID can be either OrganizationID or ProjectID. -// - OrganizationID must consist of decimal numbers, and cannot have leading zeroes. -// - ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, numbers, -// and hyphens, and must start with a letter, and cannot end with a hyphen. -func validateTag(parentID, key, value string) error { - if !userTagParentIDRegex.MatchString(parentID) { - return fmt.Errorf("tag parentID is invalid or contains invalid characters. ParentID can have a maximum of 32 characters and cannot be empty. ParentID can be either OrganizationID or ProjectID. OrganizationID must consist of decimal numbers, and cannot have leading zeroes and ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, numbers, and hyphens, and must start with a letter, and cannot end with a hyphen") - } - if !userTagKeyRegex.MatchString(key) { - return fmt.Errorf("tag key is invalid or contains invalid characters. Tag key can have a maximum of 63 characters and cannot be empty. Tag key must begin and end with an alphanumeric character, and must contain only uppercase, lowercase alphanumeric characters, and the following special characters `._-`") - } - if !userTagValueRegex.MatchString(value) { - return fmt.Errorf("tag value is invalid or contains invalid characters. Tag value can have a maximum of 63 characters and cannot be empty. Tag value must begin and end with an alphanumeric character, and must contain only uppercase, lowercase alphanumeric characters, and the following special characters `_-.@%%=+:,*#&(){}[]` and spaces") - } - return nil -} diff --git a/pkg/types/gcp/validation/platform_test.go b/pkg/types/gcp/validation/platform_test.go index a9ac80ec263..88fde768b05 100644 --- a/pkg/types/gcp/validation/platform_test.go +++ b/pkg/types/gcp/validation/platform_test.go @@ -293,184 +293,3 @@ func TestValidateUserLabels(t *testing.T) { }) } } - -func TestValidateUserTags(t *testing.T) { - fieldPath := "spec.platform.gcp.userTags" - cases := []struct { - name string - userTags []gcp.UserTag - expectedErr string - }{ - { - name: "userTags not configured", - userTags: []gcp.UserTag{}, - expectedErr: "[]", - }, - { - name: "userTags configured", - userTags: []gcp.UserTag{ - {ParentID: "1234567890", Key: "key_2", Value: "value_2"}, - {ParentID: "test-project-123", Key: "key.gcp", Value: "value.3"}, - {ParentID: "1234567890", Key: "keY", Value: "value"}, - {ParentID: "test-project-123", Key: "thisisalongkeywithinlimitof63_characters-whichisallowedfortags", Value: "value"}, - {ParentID: "1234567890", Key: "KEY4", Value: "hisisavaluewithin-63characters_{[(.@%=+: ,*#&)]}forgcptagvalue"}, - {ParentID: "test-project-123", Key: "key1", Value: "value1"}, - }, - expectedErr: "[]", - }, - { - name: "userTags configured is more than max limit", - userTags: []gcp.UserTag{ - {ParentID: "1234567890", Key: "key29", Value: "value29"}, - {ParentID: "test-project-123", Key: "key33", Value: "value33"}, - {ParentID: "1234567890", Key: "key39", Value: "value39"}, - {ParentID: "test-project-123", Key: "key43", Value: "value43"}, - {ParentID: "1234567890", Key: "key5", Value: "value5"}, - {ParentID: "test-project-123", Key: "key6", Value: "value6"}, - {ParentID: "1234567890", Key: "key14", Value: "value14"}, - {ParentID: "test-project-123", Key: "key25", Value: "value25"}, - {ParentID: "1234567890", Key: "key20", Value: "value20"}, - {ParentID: "test-project-123", Key: "key24", Value: "value24"}, - {ParentID: "1234567890", Key: "key40", Value: "value40"}, - {ParentID: "test-project-123", Key: "key46", Value: "value46"}, - {ParentID: "1234567890", Key: "key1", Value: "value1"}, - {ParentID: "test-project-123", Key: "key2", Value: "value2"}, - {ParentID: "1234567890", Key: "key4", Value: "value4"}, - {ParentID: "test-project-123", Key: "key10", Value: "value10"}, - {ParentID: "1234567890", Key: "key51", Value: "value51"}, - {ParentID: "test-project-123", Key: "key8", Value: "value8"}, - {ParentID: "1234567890", Key: "key13", Value: "value13"}, - {ParentID: "test-project-123", Key: "key44", Value: "value44"}, - {ParentID: "1234567890", Key: "key48", Value: "value48"}, - {ParentID: "test-project-123", Key: "key9", Value: "value9"}, - {ParentID: "1234567890", Key: "key17", Value: "value17"}, - {ParentID: "test-project-123", Key: "key18", Value: "value18"}, - {ParentID: "1234567890", Key: "key30", Value: "value30"}, - {ParentID: "test-project-123", Key: "key36", Value: "value36"}, - {ParentID: "1234567890", Key: "key49", Value: "value49"}, - {ParentID: "test-project-123", Key: "key7", Value: "value7"}, - {ParentID: "1234567890", Key: "key15", Value: "value15"}, - {ParentID: "test-project-123", Key: "key22", Value: "value22"}, - {ParentID: "1234567890", Key: "key34", Value: "value34"}, - {ParentID: "test-project-123", Key: "key37", Value: "value37"}, - {ParentID: "1234567890", Key: "key38", Value: "value38"}, - {ParentID: "test-project-123", Key: "key47", Value: "value47"}, - {ParentID: "1234567890", Key: "key12", Value: "value12"}, - {ParentID: "test-project-123", Key: "key16", Value: "value16"}, - {ParentID: "1234567890", Key: "key23", Value: "value23"}, - {ParentID: "test-project-123", Key: "key28", Value: "value28"}, - {ParentID: "1234567890", Key: "key50", Value: "value50"}, - {ParentID: "test-project-123", Key: "key21", Value: "value21"}, - {ParentID: "1234567890", Key: "key26", Value: "value26"}, - {ParentID: "test-project-123", Key: "key35", Value: "value35"}, - {ParentID: "1234567890", Key: "key42", Value: "value42"}, - {ParentID: "test-project-123", Key: "key31", Value: "value31"}, - {ParentID: "1234567890", Key: "key32", Value: "value32"}, - {ParentID: "test-project-123", Key: "key41", Value: "value41"}, - {ParentID: "1234567890", Key: "key45", Value: "value45"}, - {ParentID: "test-project-123", Key: "key3", Value: "value3"}, - {ParentID: "1234567890", Key: "key11", Value: "value11"}, - {ParentID: "test-project-123", Key: "key19", Value: "value19"}, - {ParentID: "1234567890", Key: "key27", Value: "value27"}, - }, - expectedErr: "[spec.platform.gcp.userTags: Too many: 51: must have at most 50 items]", - }, - { - name: "userTags contains key starting with a special character", - userTags: []gcp.UserTag{{ParentID: "1234567890", Key: "_key", Value: "1value"}}, - expectedErr: "[spec.platform.gcp.userTags[_key]: Invalid value: \"1value\": tag key is invalid or contains invalid characters. Tag key can have a maximum of 63 characters and cannot be empty. Tag key must begin and end with an alphanumeric character, and must contain only uppercase, lowercase alphanumeric characters, and the following special characters `._-`]", - }, - { - name: "userTags contains key ending with a special character", - userTags: []gcp.UserTag{{ParentID: "1234567890", Key: "key@", Value: "1value"}}, - expectedErr: "[spec.platform.gcp.userTags[key@]: Invalid value: \"1value\": tag key is invalid or contains invalid characters. Tag key can have a maximum of 63 characters and cannot be empty. Tag key must begin and end with an alphanumeric character, and must contain only uppercase, lowercase alphanumeric characters, and the following special characters `._-`]", - }, - { - name: "userTags contains empty key", - userTags: []gcp.UserTag{{ParentID: "1234567890", Key: "", Value: "value"}}, - expectedErr: "[spec.platform.gcp.userTags[]: Invalid value: \"value\": tag key is invalid or contains invalid characters. Tag key can have a maximum of 63 characters and cannot be empty. Tag key must begin and end with an alphanumeric character, and must contain only uppercase, lowercase alphanumeric characters, and the following special characters `._-`]", - }, - { - name: "userTags contains key length greater than 63", - userTags: []gcp.UserTag{ - { - ParentID: "1234567890", - Key: "thisisalongkeyforlimitof63_characters-whichisnotallowedfortagkey", - Value: "value", - }, - }, - expectedErr: "[spec.platform.gcp.userTags[thisisalongkeyforlimitof63_characters-whichisnotallowedfortagkey]: Invalid value: \"value\": tag key is invalid or contains invalid characters. Tag key can have a maximum of 63 characters and cannot be empty. Tag key must begin and end with an alphanumeric character, and must contain only uppercase, lowercase alphanumeric characters, and the following special characters `._-`]", - }, - { - name: "userTags contains key with invalid character", - userTags: []gcp.UserTag{{ParentID: "1234567890", Key: "key/test", Value: "value"}}, - expectedErr: "[spec.platform.gcp.userTags[key/test]: Invalid value: \"value\": tag key is invalid or contains invalid characters. Tag key can have a maximum of 63 characters and cannot be empty. Tag key must begin and end with an alphanumeric character, and must contain only uppercase, lowercase alphanumeric characters, and the following special characters `._-`]", - }, - { - name: "userTags contains value length greater than 63", - userTags: []gcp.UserTag{ - { - ParentID: "1234567890", - Key: "key", - Value: "hisisavaluewith-63characters_{[(.@%=+: ,*#&)]}allowedforgcptagvalue", - }, - }, - expectedErr: "[spec.platform.gcp.userTags[key]: Invalid value: \"hisisavaluewith-63characters_{[(.@%=+: ,*#&)]}allowedforgcptagvalue\": tag value is invalid or contains invalid characters. Tag value can have a maximum of 63 characters and cannot be empty. Tag value must begin and end with an alphanumeric character, and must contain only uppercase, lowercase alphanumeric characters, and the following special characters `_-.@%=+:,*#&(){}[]` and spaces]", - }, - { - name: "userTags contains empty value", - userTags: []gcp.UserTag{{ParentID: "1234567890", Key: "key", Value: ""}}, - expectedErr: "[spec.platform.gcp.userTags[key]: Invalid value: \"\": tag value is invalid or contains invalid characters. Tag value can have a maximum of 63 characters and cannot be empty. Tag value must begin and end with an alphanumeric character, and must contain only uppercase, lowercase alphanumeric characters, and the following special characters `_-.@%=+:,*#&(){}[]` and spaces]", - }, - { - name: "userTags contains value with invalid character", - userTags: []gcp.UserTag{{ParentID: "1234567890", Key: "key", Value: "value*^%"}}, - expectedErr: "[spec.platform.gcp.userTags[key]: Invalid value: \"value*^%\": tag value is invalid or contains invalid characters. Tag value can have a maximum of 63 characters and cannot be empty. Tag value must begin and end with an alphanumeric character, and must contain only uppercase, lowercase alphanumeric characters, and the following special characters `_-.@%=+:,*#&(){}[]` and spaces]", - }, - { - name: "userTags contains empty ParentID", - userTags: []gcp.UserTag{{Key: "key", Value: "value*^%"}}, - expectedErr: "[spec.platform.gcp.userTags[key]: Invalid value: \"value*^%\": tag parentID is invalid or contains invalid characters. ParentID can have a maximum of 32 characters and cannot be empty. ParentID can be either OrganizationID or ProjectID. OrganizationID must consist of decimal numbers, and cannot have leading zeroes and ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, numbers, and hyphens, and must start with a letter, and cannot end with a hyphen]", - }, - { - name: "userTags contains ParentID configured with invalid OrganizationID", - userTags: []gcp.UserTag{{ParentID: "00001234567890", Key: "key", Value: "value"}}, - expectedErr: "[spec.platform.gcp.userTags[key]: Invalid value: \"value\": tag parentID is invalid or contains invalid characters. ParentID can have a maximum of 32 characters and cannot be empty. ParentID can be either OrganizationID or ProjectID. OrganizationID must consist of decimal numbers, and cannot have leading zeroes and ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, numbers, and hyphens, and must start with a letter, and cannot end with a hyphen]", - }, - { - name: "userTags contains ParentID configured with invalid ProjectID", - userTags: []gcp.UserTag{{ParentID: "test-project-123-", Key: "key", Value: "value"}}, - expectedErr: "[spec.platform.gcp.userTags[key]: Invalid value: \"value\": tag parentID is invalid or contains invalid characters. ParentID can have a maximum of 32 characters and cannot be empty. ParentID can be either OrganizationID or ProjectID. OrganizationID must consist of decimal numbers, and cannot have leading zeroes and ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, numbers, and hyphens, and must start with a letter, and cannot end with a hyphen]", - }, - { - name: "userTags contains ParentID configured with invalid OrganizationID length", - userTags: []gcp.UserTag{ - { - ParentID: "123456789012345678901234567890123", - Key: "key", - Value: "value", - }, - }, - expectedErr: "[spec.platform.gcp.userTags[key]: Invalid value: \"value\": tag parentID is invalid or contains invalid characters. ParentID can have a maximum of 32 characters and cannot be empty. ParentID can be either OrganizationID or ProjectID. OrganizationID must consist of decimal numbers, and cannot have leading zeroes and ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, numbers, and hyphens, and must start with a letter, and cannot end with a hyphen]", - }, - { - name: "userTags contains ParentID configured with invalid ProjectID length", - userTags: []gcp.UserTag{ - { - ParentID: "test-project-123-test-project-123-test-project-123-test-project-123", - Key: "key", - Value: "value", - }, - }, - expectedErr: "[spec.platform.gcp.userTags[key]: Invalid value: \"value\": tag parentID is invalid or contains invalid characters. ParentID can have a maximum of 32 characters and cannot be empty. ParentID can be either OrganizationID or ProjectID. OrganizationID must consist of decimal numbers, and cannot have leading zeroes and ProjectID must be 6 to 30 characters in length, can only contain lowercase letters, numbers, and hyphens, and must start with a letter, and cannot end with a hyphen]", - }, - } - for _, tt := range cases { - t.Run(tt.name, func(t *testing.T) { - err := validateUserTags(tt.userTags, field.NewPath(fieldPath)) - if fmt.Sprintf("%v", err) != tt.expectedErr { - t.Errorf("Got: %+v Want: %+v", err, tt.expectedErr) - } - }) - } -}