Skip to content

Commit 4ef7f7a

Browse files
durgesh-ninave-crestdurgesh-ninave-crest
committed
Added support for global and regional parameter manager
1 parent 79411a1 commit 4ef7f7a

15 files changed

+628
-0
lines changed

README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -340,6 +340,7 @@ The following resources are available in the InSpec GCP Profile
340340
| [google_organization_iam_binding](docs/resources/google_organization_iam_binding.md) | No Plural Resource |
341341
| [google_organization_iam_policy](docs/resources/google_organization_iam_policy.md) | No Plural Resource |
342342
| [google_organization_policy](docs/resources/google_organization_policy.md) | No Plural Resource |
343+
| [google_parameter_manager_parameter](docs/resources/google_parameter_manager_parameter.md) | [google_parameter_manager_parameters](docs/resources/google_parameter_manager_parameters.md) |
343344
| [google_project](docs/resources/google_project.md) | [google_projects](docs/resources/google_projects.md) |
344345
| [google_project_alert_policy](docs/resources/google_project_alert_policy.md) | [google_project_alert_policies](docs/resources/google_project_alert_policies.md) |
345346
| [google_project_alert_policy_condition](docs/resources/google_project_alert_policy_condition.md) | No Plural Resource |

docs/resources/google_parameter_manager_parameter.md

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
---
2+
title: About the google_parameter_manager_parameter resource
3+
platform: gcp
4+
---
5+
6+
## Syntax
7+
A `google_parameter_manager_parameter` is used to test a Google Parameter resource
8+
9+
## Examples
10+
```
11+
describe google_parameter_manager_parameter(name: 'projects/<project_id>/locations/global/parameters/<parameter_id>') do
12+
it { should exist }
13+
end
14+
describe google_parameter_manager_parameter(name: "does_not_exit") do
15+
it { should_not exist }
16+
end
17+
describe google_parameter_manager_parameter(name: 'projects/<project_id>/locations/<location_id>/parameters/<parameter_id>', region: <location_id>) do
18+
it { should exist }
19+
end
20+
describe google_parameter_manager_parameter(name: "does_not_exit", region: <location_id>) do
21+
it { should_not exist }
22+
end
23+
```
24+
25+
## Properties
26+
Properties that can be accessed from the `google_parameter_manager_parameter` resource:
27+
28+
29+
* `name`: The resource name of the Parameter. Format: `projects/{{project_id}}/locations/global/parameters/{{parameter_id}}` or `projects/{{project_id}}/locations/{{location_id}}/parameters/{{parameter_id}}`
30+
31+
* `create_time`: The time at which the Parameter was created.
32+
33+
* `update_time`: The time at which the Parameter was updated.
34+
35+
* `labels`: The labels assigned to this Parameter. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62} Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can be assigned to a given resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
36+
37+
* `format`: The format of the Parameter.
38+
39+
* `kms_key`: The resource name of the Cloud KMS CryptoKey used to encrypt parameter version payload. Format `projects/{{project_id}}/locations/global/keyRings/{{key_ring}}/cryptoKeys/{{crypto_key}}` or `projects/{{project_id}}/locations/{{location_id}}/keyRings/{{key_ring}}/cryptoKeys/{{crypto_key}}`
40+
41+
* `policy_member`: The policy member of the Parameter.
42+
43+
* `iam_policy_uid_principal`: IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier.
44+
45+
## GCP Permissions
46+
47+
Ensure the [Parameter Manager API](https://console.cloud.google.com/apis/library/parametermanager.googleapis.com/) is enabled for the current project.

docs/resources/google_parameter_manager_parameter_version.md

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
---
2+
title: About the google_parameter_manager_parameter_version resource
3+
platform: gcp
4+
---
5+
6+
## Syntax
7+
A `google_parameter_manager_parameter_version` is used to test a Google Parameter Version resource
8+
9+
## Examples
10+
```
11+
describe google_parameter_manager_parameter_version(name: 'projects/<project_id>/locations/global/parameters/<parameter_id>/versions/<parameter_version_id>') do
12+
it { should exist }
13+
end
14+
describe google_parameter_manager_parameter_version(name: "does_not_exit") do
15+
it { should_not exist }
16+
end
17+
describe google_parameter_manager_parameter_version(name: 'projects/<project_id>/locations/<location_id>/parameters/<parameter_id>/versions/<parameter_version_id>', region: <location_id>) do
18+
it { should exist }
19+
end
20+
describe google_parameter_manager_parameter_version(name: "does_not_exit", region: <location_id>) do
21+
it { should_not exist }
22+
end
23+
describe google_parameter_manager_parameter_version(name: 'projects/<project_id>/locations/global/parameters/<parameter_id>/versions/<parameter_version_id>', render_secret: true) do
24+
it { should exist }
25+
end
26+
describe google_parameter_manager_parameter_version(name: "does_not_exit", render_secret: true) do
27+
it { should_not exist }
28+
end
29+
describe google_parameter_manager_parameter_version(name: 'projects/<project_id>/locations/<location_id>/parameters/<parameter_id>/versions/<parameter_version_id>', region: <location_id>, render_secret: true) do
30+
it { should exist }
31+
end
32+
describe google_parameter_manager_parameter_version(name: "does_not_exit", region: <location_id>, render_secret: true) do
33+
it { should_not exist }
34+
end
35+
```
36+
37+
## Properties
38+
Properties that can be accessed from the `google_parameter_manager_parameter_version` resource:
39+
40+
* `name`: The resource name of the Parameter Version. Format: `projects/{{project_id}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` or `projects/{{project_id}}/locations/{{location_id}}/parameters/{{parameter_id}}/versions/{{parameter_version_id}}`
41+
42+
* `create_time`: The time at which the Parameter Version was created.
43+
44+
* `update_time`: The time at which the Parameter Version was updated.
45+
46+
* `disabled`: The state of Parameter Version.
47+
48+
* `kms_key_version`: The resource name of the Cloud KMS CryptoKeyVersion used to decrypt parameter version payload. Format `projects/{{project_id}}/locations/global/keyRings/{{key_ring}}/cryptoKeys/{{crypto_key}}/cryptoKeyVersions/{{crypto_key_version}}` or `projects/{{project_id}}/locations/{{location_id}}/keyRings/{{key_ring}}/cryptoKeys/{{crypto_key}}/cryptoKeyVersions/{{crypto_key_version}}`
49+
50+
* `rendered_payload`: The rendered payload of the Parameter Version.
51+
52+
* `payload`: The payload of the ParameterVersion.
53+
54+
* `data`: The parameter data. Must be no larger than 1MiB.
55+
56+
## GCP Permissions
57+
58+
Ensure the [Parameter Manager API](https://console.cloud.google.com/apis/library/parametermanager.googleapis.com/) is enabled for the current project.

docs/resources/google_parameter_manager_parameter_versions.md

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
---
2+
title: About the google_parameter_manager_parameter_versions resource
3+
platform: gcp
4+
---
5+
6+
## Syntax
7+
A `google_parameter_manager_parameter_versions` is used to test a Google Parameter Version resource
8+
9+
## Examples
10+
```
11+
describe google_parameter_manager_parameter_versions(parent: 'projects/<project_id>/locations/global/parameters/<parameter_id>') do
12+
it { should exist }
13+
end
14+
describe google_parameter_manager_parameter_versions(parent: "does_not_exit") do
15+
it { should_not exist }
16+
end
17+
describe google_parameter_manager_parameter_versions(parent: 'projects/<project_id>/locations/<location_id>/parameters/<parameter_id>', region: <location_id>) do
18+
it { should exist }
19+
end
20+
describe google_parameter_manager_parameter_versions(parent: "does_not_exit", region: <location_id>) do
21+
it { should_not exist }
22+
end
23+
```
24+
25+
## Properties
26+
Properties that can be accessed from the `google_parameter_manager_parameter_versions` resource:
27+
28+
See [google_parameter_manager_parameter_version.md](google_parameter_manager_parameter_version.md) for more detailed information
29+
* `names`: an array of `google_parameter_manager_parameter_version` name
30+
* `create_times`: an array of `google_parameter_manager_parameter_version` create_time
31+
* `update_times`: an array of `google_parameter_manager_parameter_version` update_time
32+
* `disabled_values`: an array of `google_parameter_manager_parameter_version` disabled
33+
* `kms_key_versions`: an array of `google_parameter_manager_parameter_version` kms_key_version
34+
35+
## Filter Criteria
36+
This resource supports all of the above properties as filter criteria, which can be used
37+
with `where` as a block or a method.
38+
39+
## GCP Permissions
40+
41+
Ensure the [Parameter Manager API](https://console.cloud.google.com/apis/library/parametermanager.googleapis.com/) is enabled for the current project.

docs/resources/google_parameter_manager_parameters.md

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
---
2+
title: About the google_parameter_manager_parameters resource
3+
platform: gcp
4+
---
5+
6+
## Syntax
7+
A `google_parameter_manager_parameters` is used to test a Google Parameter resource
8+
9+
## Examples
10+
```
11+
describe google_parameter_manager_parameters(parent: 'projects/<project_id>/locations/global') do
12+
it { should exist }
13+
end
14+
describe google_parameter_manager_parameters(parent: 'projects/<project_id>/locations/<location_id>', region: <location_id>) do
15+
it { should exist }
16+
end
17+
```
18+
19+
## Properties
20+
Properties that can be accessed from the `google_parameter_manager_parameters` resource:
21+
22+
See [google_parameter_manager_parameter.md](google_parameter_manager_parameter.md) for more detailed information
23+
* `names`: an array of `google_parameter_manager_parameter` name
24+
* `create_times`: an array of `google_parameter_manager_parameter` create_time
25+
* `update_times`: an array of `google_parameter_manager_parameter` update_time
26+
* `formats`: an array of `google_parameter_manager_parameter` format
27+
* `labels`: an array of `google_parameter_manager_parameter` label
28+
* `policy_members`: an array of `google_parameter_manager_parameter` policy_member
29+
* `kms_keys`: an array of `google_parameter_manager_parameter` kms_key
30+
31+
## Filter Criteria
32+
This resource supports all of the above properties as filter criteria, which can be used
33+
with `where` as a block or a method.
34+
35+
## GCP Permissions
36+
37+
Ensure the [Parameter Manager API](https://console.cloud.google.com/apis/library/parametermanager.googleapis.com/) is enabled for the current project.

libraries/google/parametermanager/property/payload.rb

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
module GoogleInSpec
2+
module ParameterManager
3+
module Property
4+
class Payload
5+
attr_reader :data
6+
7+
def initialize(args = nil, parent_identifier = nil)
8+
return if args.nil?
9+
@parent_identifier = parent_identifier
10+
@data = args['data']
11+
end
12+
13+
def to_s
14+
"#{@parent_identifier} PolicyMember"
15+
end
16+
end
17+
end
18+
end
19+
end

libraries/google/parametermanager/property/policy_member.rb

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
module GoogleInSpec
2+
module ParameterManager
3+
module Property
4+
class PolicyMember
5+
attr_reader :iam_policy_uid_principal
6+
7+
def initialize(args = nil, parent_identifier = nil)
8+
return if args.nil?
9+
@parent_identifier = parent_identifier
10+
@iam_policy_uid_principal = args['iamPolicyUidPrincipal']
11+
end
12+
13+
def to_s
14+
"#{@parent_identifier} PolicyMember"
15+
end
16+
end
17+
end
18+
end
19+
end

libraries/google_parameter_manager_parameter.rb

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,57 @@
1+
require 'gcp_backend'
2+
require 'google/parametermanager/property/policy_member'
3+
4+
# A provider to manage Parameter Manager resources.
5+
class ParameterManagerParameter < GcpResourceBase
6+
name 'google_parameter_manager_parameter'
7+
desc 'Parameter'
8+
supports platform: 'gcp'
9+
10+
attr_reader :params
11+
attr_reader :name
12+
attr_reader :create_time
13+
attr_reader :update_time
14+
attr_reader :format
15+
attr_reader :labels
16+
attr_reader :policy_member
17+
attr_reader :kms_key
18+
19+
def initialize(params)
20+
super(params.merge({ use_http_transport: true }))
21+
@params = params
22+
@fetched = @connection.fetch(product_url(params[:beta]), resource_base_url, params, 'Get')
23+
parse unless @fetched.nil?
24+
end
25+
26+
def parse
27+
@name = @fetched['name']
28+
@create_time = @fetched['createTime']
29+
@labels = @fetched['labels']
30+
@update_time = @fetched['updateTime']
31+
@format = @fetched['format']
32+
@policy_member = GoogleInSpec::ParameterManager::Property::PolicyMember.new(@fetched['policyMember'], to_s)
33+
@kms_key = @fetched['kmsKey']
34+
end
35+
36+
def exists?
37+
!@fetched.nil?
38+
end
39+
40+
def to_s
41+
"Parameter #{@params[:name]}"
42+
end
43+
44+
private
45+
46+
def product_url(_ = nil)
47+
if @params[:region] && @params[:region] != 'global'
48+
"https://parametermanager.#{@params[:region]}.rep.googleapis.com/v1/"
49+
else
50+
'https://parametermanager.googleapis.com/v1/'
51+
end
52+
end
53+
54+
def resource_base_url
55+
'{{name}}'
56+
end
57+
end

libraries/google_parameter_manager_parameter_version.rb

Lines changed: 66 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,66 @@
1+
require 'gcp_backend'
2+
require 'google/parametermanager/property/payload'
3+
4+
class ParameterManagerParameterVersion < GcpResourceBase
5+
name 'google_parameter_manager_parameter_version'
6+
desc 'ParameterVersion'
7+
supports platform: 'gcp'
8+
9+
attr_reader :params
10+
attr_reader :name
11+
attr_reader :payload
12+
attr_reader :rendered_payload
13+
attr_reader :create_time
14+
attr_reader :update_time
15+
attr_reader :disabled
16+
attr_reader :kms_key_version
17+
18+
def initialize(params)
19+
super(params.merge({ use_http_transport: true }))
20+
@params = params
21+
@fetched = @connection.fetch(product_url(params[:beta]), resource_base_url, params, 'Get')
22+
parse unless @fetched.nil?
23+
end
24+
25+
def parse
26+
@payload = GoogleInSpec::ParameterManager::Property::Payload.new(@fetched['payload'], to_s)
27+
28+
# Conditionally set if they exist
29+
if @params[:render_secret] == true
30+
@rendered_payload = @fetched['renderedPayload']
31+
@name = @fetched['parameterVersion']
32+
else
33+
@name = @fetched['name']
34+
@create_time = @fetched['createTime'] if @fetched.key?('createTime')
35+
@update_time = @fetched['updateTime'] if @fetched.key?('updateTime')
36+
end
37+
@disabled = @fetched['disabled'] if @fetched.key?('disabled')
38+
@kms_key_version = @fetched['kmsKeyVersion'] if @fetched.key?('kmsKeyVersion')
39+
end
40+
41+
def exists?
42+
!@fetched.nil?
43+
end
44+
45+
def to_s
46+
"ParameterVersion #{@params[:name]}"
47+
end
48+
49+
private
50+
51+
def product_url(_ = nil)
52+
if @params[:region] && @params[:region] != 'global'
53+
"https://parametermanager.#{@params[:region]}.rep.googleapis.com/v1/"
54+
else
55+
'https://parametermanager.googleapis.com/v1/'
56+
end
57+
end
58+
59+
def resource_base_url
60+
if @params[:render_secret] == true
61+
'{{name}}:render'
62+
else
63+
'{{name}}'
64+
end
65+
end
66+
end

0 commit comments

Comments
 (0)