From d7fde7609cc4f6bdf9e06419a325c35600c1723b Mon Sep 17 00:00:00 2001 From: Samir Anand Date: Wed, 13 Dec 2023 20:49:34 +0530 Subject: [PATCH 1/3] Automatically generated by magic modules for service: cloudkms and resource: Projects__locations__keyRing. This commit includes the following changes: - Singular Resource ERB File - Plural Resource ERB File - Terraform configuration - api.yaml configuration for product cloudkms and resource Projects__locations__keyRing Signed-off-by: Samir Anand --- mmv1/products/cloudkms/api.yaml | 54 +++++++++++++++++++ mmv1/products/cloudkms/inspec.yaml | 15 ++++++ ...gle_cloudkms_project_location_key_ring.erb | 12 +++++ ...s_project_location_key_ring_attributes.erb | 3 ++ ...le_cloudkms_project_location_key_rings.erb | 5 ++ .../configuration/mm-attributes.yml | 5 ++ 6 files changed, 94 insertions(+) create mode 100644 mmv1/products/cloudkms/api.yaml create mode 100644 mmv1/products/cloudkms/inspec.yaml create mode 100644 mmv1/templates/inspec/examples/google_cloudkms_project_location_key_ring/google_cloudkms_project_location_key_ring.erb create mode 100644 mmv1/templates/inspec/examples/google_cloudkms_project_location_key_ring/google_cloudkms_project_location_key_ring_attributes.erb create mode 100644 mmv1/templates/inspec/examples/google_cloudkms_project_location_key_ring/google_cloudkms_project_location_key_rings.erb diff --git a/mmv1/products/cloudkms/api.yaml b/mmv1/products/cloudkms/api.yaml new file mode 100644 index 000000000..7c27fc6ba --- /dev/null +++ b/mmv1/products/cloudkms/api.yaml @@ -0,0 +1,54 @@ + +--- !ruby/object:Api::Product +name: cloudkms +display_name: cloudkms +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://cloudkms.googleapis.com//v1/ +scopes: + - https://cloudkms.googleapis.com//auth/cloud-platform +apis_required: + - !ruby/object:Api::Product::ApiReference + name: https://cloudkms.googleapis.com/ + url: https://console.cloud.google.com/apis/library/cloudkms.googleapis.com/ +objects: + + - !ruby/object:Api::Resource + name: ProjectLocationKeyRing + base_url: '{{parent}}/keyRings' + self_link: '{{name}}' + references: !ruby/object:Api::Resource::ReferenceLinks + guides: + 'Official Documentation': + api: 'https://cloud.google.com/cloudkms/docs' + async: !ruby/object:Api::OpAsync + operation: !ruby/object:Api::OpAsync::Operation + path: 'name' + base_url: '{op_id}' + wait_ms: 1000 + result: !ruby/object:Api::OpAsync::Result + path: 'response' + resource_inside_response: true + status: !ruby/object:Api::OpAsync::Status + path: 'done' + complete: True + allowed: + - True + - False + error: !ruby/object:Api::OpAsync::Error + path: 'error' + message: 'message' + description: |- + A KeyRing is a toplevel logical grouping of CryptoKeys. + properties: + + - !ruby/object:Api::Type::String + name: 'name' + description: | + Output only. The resource name for the KeyRing in the format `projects/*/locations/*/keyRings/*`. + - !ruby/object:Api::Type::String + name: 'createTime' + description: | + Output only. The time at which this KeyRing was created. + diff --git a/mmv1/products/cloudkms/inspec.yaml b/mmv1/products/cloudkms/inspec.yaml new file mode 100644 index 000000000..28cb365e9 --- /dev/null +++ b/mmv1/products/cloudkms/inspec.yaml @@ -0,0 +1,15 @@ +# Copyright 2017 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- !ruby/object:Provider::Inspec::Config +overrides: !ruby/object:Overrides::ResourceOverrides diff --git a/mmv1/templates/inspec/examples/google_cloudkms_project_location_key_ring/google_cloudkms_project_location_key_ring.erb b/mmv1/templates/inspec/examples/google_cloudkms_project_location_key_ring/google_cloudkms_project_location_key_ring.erb new file mode 100644 index 000000000..65290bf8f --- /dev/null +++ b/mmv1/templates/inspec/examples/google_cloudkms_project_location_key_ring/google_cloudkms_project_location_key_ring.erb @@ -0,0 +1,12 @@ +<% gcp_project_id = "#{external_attribute(pwd, 'gcp_project_id', doc_generation)}" -%> +<% project_location_key_ring = grab_attributes(pwd)['project_location_key_ring'] -%> +describe google_cloudkms_project_location_key_ring(name: <%= doc_generation ? "' #{project_location_key_ring['name']}'":"project_location_key_ring['name']" -%>) do + it { should exist } + its('name') { should cmp <%= doc_generation ? "'#{project_location_key_ring['name']}'" : "project_location_key_ring['name']" -%> } + its('create_time') { should cmp <%= doc_generation ? "'#{project_location_key_ring['create_time']}'" : "project_location_key_ring['create_time']" -%> } + +end + +describe google_cloudkms_project_location_key_ring(name: "does_not_exit") do + it { should_not exist } +end \ No newline at end of file diff --git a/mmv1/templates/inspec/examples/google_cloudkms_project_location_key_ring/google_cloudkms_project_location_key_ring_attributes.erb b/mmv1/templates/inspec/examples/google_cloudkms_project_location_key_ring/google_cloudkms_project_location_key_ring_attributes.erb new file mode 100644 index 000000000..b2002da0b --- /dev/null +++ b/mmv1/templates/inspec/examples/google_cloudkms_project_location_key_ring/google_cloudkms_project_location_key_ring_attributes.erb @@ -0,0 +1,3 @@ +gcp_project_id = input(:gcp_project_id, value: '<%= external_attribute(pwd, 'gcp_project_id') -%>', description: 'The GCP project identifier.') + + project_location_key_ring = input('project_location_key_ring', value: <%= JSON.pretty_generate(grab_attributes(pwd)['project_location_key_ring']) -%>, description: 'project_location_key_ring description') \ No newline at end of file diff --git a/mmv1/templates/inspec/examples/google_cloudkms_project_location_key_ring/google_cloudkms_project_location_key_rings.erb b/mmv1/templates/inspec/examples/google_cloudkms_project_location_key_ring/google_cloudkms_project_location_key_rings.erb new file mode 100644 index 000000000..683d2f1bc --- /dev/null +++ b/mmv1/templates/inspec/examples/google_cloudkms_project_location_key_ring/google_cloudkms_project_location_key_rings.erb @@ -0,0 +1,5 @@ +<% gcp_project_id = "#{external_attribute(pwd, 'gcp_project_id', doc_generation)}" -%> + <% project_location_key_ring = grab_attributes(pwd)['project_location_key_ring'] -%> + describe google_cloudkms_project_location_key_rings() do + it { should exist } + end \ No newline at end of file diff --git a/mmv1/templates/inspec/tests/integration/configuration/mm-attributes.yml b/mmv1/templates/inspec/tests/integration/configuration/mm-attributes.yml index 89ec8943a..7f5c23e9a 100644 --- a/mmv1/templates/inspec/tests/integration/configuration/mm-attributes.yml +++ b/mmv1/templates/inspec/tests/integration/configuration/mm-attributes.yml @@ -942,3 +942,8 @@ project_location_environment: state : "value_state" create_time : "value_createtime" update_time : "value_updatetime" + +project_location_key_ring: + name : "value_name" + parent : "value_parent" + create_time : "value_createtime" \ No newline at end of file From b2f3703e3f0f4e9601c130fbbbae8cdd5afeb03d Mon Sep 17 00:00:00 2001 From: balasubramanian-s Date: Wed, 17 Jan 2024 20:11:48 +0530 Subject: [PATCH 2/3] add secret resources Signed-off-by: balasubramanian-s --- mmv1/products/secretmanager/inspec.yaml | 15 +++++++++++++++ .../google_secret_manager_secret.erb | 10 ++++++++++ .../google_secret_manager_secret_attributes.erb | 3 +++ .../google_secret_manager_secrets.erb | 5 +++++ .../google_secret_manager_secret_version.erb | 10 ++++++++++ ...e_secret_manager_secret_version_attributes.erb | 3 +++ .../google_secret_manager_secret_versions.erb | 5 +++++ .../integration/configuration/mm-attributes.yml | 4 ++++ 8 files changed, 55 insertions(+) create mode 100644 mmv1/products/secretmanager/inspec.yaml create mode 100644 mmv1/templates/inspec/examples/google_secret_manager_secret/google_secret_manager_secret.erb create mode 100644 mmv1/templates/inspec/examples/google_secret_manager_secret/google_secret_manager_secret_attributes.erb create mode 100644 mmv1/templates/inspec/examples/google_secret_manager_secret/google_secret_manager_secrets.erb create mode 100644 mmv1/templates/inspec/examples/google_secret_manager_secret_version/google_secret_manager_secret_version.erb create mode 100644 mmv1/templates/inspec/examples/google_secret_manager_secret_version/google_secret_manager_secret_version_attributes.erb create mode 100644 mmv1/templates/inspec/examples/google_secret_manager_secret_version/google_secret_manager_secret_versions.erb diff --git a/mmv1/products/secretmanager/inspec.yaml b/mmv1/products/secretmanager/inspec.yaml new file mode 100644 index 000000000..28cb365e9 --- /dev/null +++ b/mmv1/products/secretmanager/inspec.yaml @@ -0,0 +1,15 @@ +# Copyright 2017 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- !ruby/object:Provider::Inspec::Config +overrides: !ruby/object:Overrides::ResourceOverrides diff --git a/mmv1/templates/inspec/examples/google_secret_manager_secret/google_secret_manager_secret.erb b/mmv1/templates/inspec/examples/google_secret_manager_secret/google_secret_manager_secret.erb new file mode 100644 index 000000000..a8be7f594 --- /dev/null +++ b/mmv1/templates/inspec/examples/google_secret_manager_secret/google_secret_manager_secret.erb @@ -0,0 +1,10 @@ +<% gcp_project_id = "#{external_attribute(pwd, 'gcp_project_id', doc_generation)}" -%> +<% project_secret = grab_attributes(pwd)['project_secret'] -%> +describe google_secret_manager_secret(name: <%= doc_generation ? "' #{project_secret['name']}'":"project_secret['name']" -%>) do + it { should exist } + +end + +describe google_secret_manager_secret(name: "does_not_exit") do + it { should_not exist } +end diff --git a/mmv1/templates/inspec/examples/google_secret_manager_secret/google_secret_manager_secret_attributes.erb b/mmv1/templates/inspec/examples/google_secret_manager_secret/google_secret_manager_secret_attributes.erb new file mode 100644 index 000000000..afaf93f91 --- /dev/null +++ b/mmv1/templates/inspec/examples/google_secret_manager_secret/google_secret_manager_secret_attributes.erb @@ -0,0 +1,3 @@ +gcp_project_id = input(:gcp_project_id, value: '<%= external_attribute(pwd, 'gcp_project_id') -%>', description: 'The GCP project identifier.') + + project_secret = input('project_secret', value: <%= JSON.pretty_generate(grab_attributes(pwd)['project_secret']) -%>, description: 'project_secret description') \ No newline at end of file diff --git a/mmv1/templates/inspec/examples/google_secret_manager_secret/google_secret_manager_secrets.erb b/mmv1/templates/inspec/examples/google_secret_manager_secret/google_secret_manager_secrets.erb new file mode 100644 index 000000000..25960351d --- /dev/null +++ b/mmv1/templates/inspec/examples/google_secret_manager_secret/google_secret_manager_secrets.erb @@ -0,0 +1,5 @@ +<% gcp_project_id = "#{external_attribute(pwd, 'gcp_project_id', doc_generation)}" -%> + <% project_secret = grab_attributes(pwd)['project_secret'] -%> + describe google_secret_manager_secrets(parent: <%= doc_generation ? "' #{project_secret['parent']}'":"project_secret['parent']" -%>) do + it { should exist } + end diff --git a/mmv1/templates/inspec/examples/google_secret_manager_secret_version/google_secret_manager_secret_version.erb b/mmv1/templates/inspec/examples/google_secret_manager_secret_version/google_secret_manager_secret_version.erb new file mode 100644 index 000000000..a8be7f594 --- /dev/null +++ b/mmv1/templates/inspec/examples/google_secret_manager_secret_version/google_secret_manager_secret_version.erb @@ -0,0 +1,10 @@ +<% gcp_project_id = "#{external_attribute(pwd, 'gcp_project_id', doc_generation)}" -%> +<% project_secret = grab_attributes(pwd)['project_secret'] -%> +describe google_secret_manager_secret(name: <%= doc_generation ? "' #{project_secret['name']}'":"project_secret['name']" -%>) do + it { should exist } + +end + +describe google_secret_manager_secret(name: "does_not_exit") do + it { should_not exist } +end diff --git a/mmv1/templates/inspec/examples/google_secret_manager_secret_version/google_secret_manager_secret_version_attributes.erb b/mmv1/templates/inspec/examples/google_secret_manager_secret_version/google_secret_manager_secret_version_attributes.erb new file mode 100644 index 000000000..afaf93f91 --- /dev/null +++ b/mmv1/templates/inspec/examples/google_secret_manager_secret_version/google_secret_manager_secret_version_attributes.erb @@ -0,0 +1,3 @@ +gcp_project_id = input(:gcp_project_id, value: '<%= external_attribute(pwd, 'gcp_project_id') -%>', description: 'The GCP project identifier.') + + project_secret = input('project_secret', value: <%= JSON.pretty_generate(grab_attributes(pwd)['project_secret']) -%>, description: 'project_secret description') \ No newline at end of file diff --git a/mmv1/templates/inspec/examples/google_secret_manager_secret_version/google_secret_manager_secret_versions.erb b/mmv1/templates/inspec/examples/google_secret_manager_secret_version/google_secret_manager_secret_versions.erb new file mode 100644 index 000000000..25960351d --- /dev/null +++ b/mmv1/templates/inspec/examples/google_secret_manager_secret_version/google_secret_manager_secret_versions.erb @@ -0,0 +1,5 @@ +<% gcp_project_id = "#{external_attribute(pwd, 'gcp_project_id', doc_generation)}" -%> + <% project_secret = grab_attributes(pwd)['project_secret'] -%> + describe google_secret_manager_secrets(parent: <%= doc_generation ? "' #{project_secret['parent']}'":"project_secret['parent']" -%>) do + it { should exist } + end diff --git a/mmv1/templates/inspec/tests/integration/configuration/mm-attributes.yml b/mmv1/templates/inspec/tests/integration/configuration/mm-attributes.yml index 89ec8943a..ff8727db4 100644 --- a/mmv1/templates/inspec/tests/integration/configuration/mm-attributes.yml +++ b/mmv1/templates/inspec/tests/integration/configuration/mm-attributes.yml @@ -942,3 +942,7 @@ project_location_environment: state : "value_state" create_time : "value_createtime" update_time : "value_updatetime" + +project_secret: + name : "value_name" + parent : "value_parent" \ No newline at end of file From ebf00bda2f9682fad5b23d4601d79c57ec7652c3 Mon Sep 17 00:00:00 2001 From: balasubramanian-s Date: Wed, 17 Jan 2024 21:02:17 +0530 Subject: [PATCH 3/3] add service connections resource Signed-off-by: balasubramanian-s --- mmv1/products/servicenetworking/api.yaml | 55 +++++++++++++++++++ mmv1/products/servicenetworking/inspec.yaml | 15 +++++ ..._service_networking_service_connection.erb | 10 ++++ ...tworking_service_connection_attributes.erb | 3 + ...service_networking_service_connections.erb | 5 ++ .../configuration/mm-attributes.yml | 3 + 6 files changed, 91 insertions(+) create mode 100644 mmv1/products/servicenetworking/api.yaml create mode 100644 mmv1/products/servicenetworking/inspec.yaml create mode 100644 mmv1/templates/inspec/examples/google_service_networking_service_connection/google_service_networking_service_connection.erb create mode 100644 mmv1/templates/inspec/examples/google_service_networking_service_connection/google_service_networking_service_connection_attributes.erb create mode 100644 mmv1/templates/inspec/examples/google_service_networking_service_connection/google_service_networking_service_connections.erb diff --git a/mmv1/products/servicenetworking/api.yaml b/mmv1/products/servicenetworking/api.yaml new file mode 100644 index 000000000..2c24e79f2 --- /dev/null +++ b/mmv1/products/servicenetworking/api.yaml @@ -0,0 +1,55 @@ + +--- !ruby/object:Api::Product +name: ServiceNetworking +display_name: ServiceNetworking +versions: + - !ruby/object:Api::Product::Version + name: ga + base_url: https://servicenetworking.googleapis.com//v1/ +scopes: + - https://servicenetworking.googleapis.com//auth/cloud-platform +apis_required: + - !ruby/object:Api::Product::ApiReference + name: https://servicenetworking.googleapis.com/ + url: https://console.cloud.google.com/apis/library/servicenetworking.googleapis.com/ +objects: + + - !ruby/object:Api::Resource + name: 'service_connection' + kind: 'compute#services_connections' + base_url: '{{parent}}/connections' + collection_url_key: 'items' + input: true + has_self_link: true + description: | + An instance is a virtual machine (VM) hosted on Google's infrastructure. + properties: + - !ruby/object:Api::Type::String + name: 'network' + description: | + The name of service consumer's VPC network + that's connected with service producer network + - !ruby/object:Api::Type::Array + name: 'reservedPeeringRanges' + description: | + The name of one or more allocated IP address ranges for this + service producer of type PEERING. Note that invoking connections. + create method with a different range when connection is already + established will not modify already provisioned service producer subnetworks. + If connections.create method is invoked repeatedly to reconnect when peering + connection had been disconnected on the consumer side, leaving this field + empty will restore previously allocated IP ranges. + item_type: Api::Type::String + - !ruby/object:Api::Type::String + name: 'peering' + description: | + The name of the VPC Network Peering connection + that was created by the service producer. + output: true + + - !ruby/object:Api::Type::String + name: 'service' + description: | + The name of the peering service that's associated + with this connection, in the following format: services/{service name}. + output: true diff --git a/mmv1/products/servicenetworking/inspec.yaml b/mmv1/products/servicenetworking/inspec.yaml new file mode 100644 index 000000000..28cb365e9 --- /dev/null +++ b/mmv1/products/servicenetworking/inspec.yaml @@ -0,0 +1,15 @@ +# Copyright 2017 Google Inc. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- !ruby/object:Provider::Inspec::Config +overrides: !ruby/object:Overrides::ResourceOverrides diff --git a/mmv1/templates/inspec/examples/google_service_networking_service_connection/google_service_networking_service_connection.erb b/mmv1/templates/inspec/examples/google_service_networking_service_connection/google_service_networking_service_connection.erb new file mode 100644 index 000000000..c3cbff890 --- /dev/null +++ b/mmv1/templates/inspec/examples/google_service_networking_service_connection/google_service_networking_service_connection.erb @@ -0,0 +1,10 @@ +<% gcp_project_id = "#{external_attribute(pwd, 'gcp_project_id', doc_generation)}" -%> +<% service_connection = grab_attributes(pwd)['service_connection'] -%> +describe google_service_networking_service_connection() do + it { should exist } + +end + +describe google_service_networking_service_connection() do + it { should_not exist } +end diff --git a/mmv1/templates/inspec/examples/google_service_networking_service_connection/google_service_networking_service_connection_attributes.erb b/mmv1/templates/inspec/examples/google_service_networking_service_connection/google_service_networking_service_connection_attributes.erb new file mode 100644 index 000000000..097b6e347 --- /dev/null +++ b/mmv1/templates/inspec/examples/google_service_networking_service_connection/google_service_networking_service_connection_attributes.erb @@ -0,0 +1,3 @@ +gcp_project_id = input(:gcp_project_id, value: '<%= external_attribute(pwd, 'gcp_project_id') -%>', description: 'The GCP project identifier.') + + service_connection = input('service_connection', value: <%= JSON.pretty_generate(grab_attributes(pwd)['service_connection']) -%>, description: 'service_connection description') \ No newline at end of file diff --git a/mmv1/templates/inspec/examples/google_service_networking_service_connection/google_service_networking_service_connections.erb b/mmv1/templates/inspec/examples/google_service_networking_service_connection/google_service_networking_service_connections.erb new file mode 100644 index 000000000..4d55c47ed --- /dev/null +++ b/mmv1/templates/inspec/examples/google_service_networking_service_connection/google_service_networking_service_connections.erb @@ -0,0 +1,5 @@ +<% gcp_project_id = "#{external_attribute(pwd, 'gcp_project_id', doc_generation)}" -%> + <% service_connection = grab_attributes(pwd)['service_connection'] -%> + describe google_servicenetworking_service_connections(parent: <%= doc_generation ? "' #{service_connection['parent']}'":"service_connection['parent']" -%>) do + it { should exist } + end \ No newline at end of file diff --git a/mmv1/templates/inspec/tests/integration/configuration/mm-attributes.yml b/mmv1/templates/inspec/tests/integration/configuration/mm-attributes.yml index 89ec8943a..5c4d5d03e 100644 --- a/mmv1/templates/inspec/tests/integration/configuration/mm-attributes.yml +++ b/mmv1/templates/inspec/tests/integration/configuration/mm-attributes.yml @@ -942,3 +942,6 @@ project_location_environment: state : "value_state" create_time : "value_createtime" update_time : "value_updatetime" + +service_connection: + parent : "value_parent" \ No newline at end of file