CHEF - parametermanager-Parameter and Parameter Version - Resource Implementation

README.md

@@ -340,6 +340,7 @@ The following resources are available in the InSpec GCP Profile
 | [google_organization_iam_binding](docs/resources/google_organization_iam_binding.md)                                 | No Plural Resource                                                                                                             |
 | [google_organization_iam_policy](docs/resources/google_organization_iam_policy.md)                                   | No Plural Resource                                                                                                             |
 | [google_organization_policy](docs/resources/google_organization_policy.md)                                           | No Plural Resource                                                                                                             |
+| [google_parameter_manager_parameter](docs/resources/google_parameter_manager_parameter.md)                           | [google_parameter_manager_parameters](docs/resources/google_parameter_manager_parameters.md)             |
 | [google_project](docs/resources/google_project.md)                                                                   | [google_projects](docs/resources/google_projects.md)                                                                           |
 | [google_project_alert_policy](docs/resources/google_project_alert_policy.md)                                         | [google_project_alert_policies](docs/resources/google_project_alert_policies.md)                                               |
 | [google_project_alert_policy_condition](docs/resources/google_project_alert_policy_condition.md)                     | No Plural Resource                                                                                                             |

docs/resources/google_parameter_manager_parameter.md

@@ -0,0 +1,47 @@
+---
+title: About the google_parameter_manager_parameter resource
+platform: gcp
+---
+
+## Syntax
+A `google_parameter_manager_parameter` is used to test a Google Parameter resource
+
+## Examples
+```
+describe google_parameter_manager_parameter(name: 'projects/<project_id>/locations/global/parameters/<parameter_id>') do
+	it { should exist }
+end
+describe google_parameter_manager_parameter(name: "does_not_exit") do
+	it { should_not exist }
+end
+describe google_parameter_manager_parameter(name: 'projects/<project_id>/locations/<location_id>/parameters/<parameter_id>', region: <location_id>) do
+	it { should exist }
+end
+describe google_parameter_manager_parameter(name: "does_not_exit", region: <location_id>) do
+	it { should_not exist }
+end
+```
+
+## Properties
+Properties that can be accessed from the `google_parameter_manager_parameter` resource:
+
+
+  * `name`: The resource name of the Parameter. Format: `projects/{{project_id}}/locations/global/parameters/{{parameter_id}}` or `projects/{{project_id}}/locations/{{location_id}}/parameters/{{parameter_id}}`
+
+  * `create_time`: The time at which the Parameter was created.
+
+  * `update_time`: The time at which the Parameter was updated.
+
+  * `labels`: The labels assigned to this Parameter. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62} Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63}  No more than 64 labels can be assigned to a given resource.  An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
+
+  * `format`: The format of the Parameter.
+
+  * `kms_key`: The resource name of the Cloud KMS CryptoKey used to encrypt parameter version payload. Format `projects/{{project_id}}/locations/global/keyRings/{{key_ring}}/cryptoKeys/{{crypto_key}}` or `projects/{{project_id}}/locations/{{location_id}}/keyRings/{{key_ring}}/cryptoKeys/{{crypto_key}}`
+
+  * `policy_member`: The policy member of the Parameter.
+
+    * `iam_policy_uid_principal`: IAM policy binding member referring to a Google Cloud resource by system-assigned unique identifier.
+
+## GCP Permissions
+
+Ensure the [Parameter Manager API](https://console.cloud.google.com/apis/library/parametermanager.googleapis.com/) is enabled for the current project.

docs/resources/google_parameter_manager_parameter_version.md

@@ -0,0 +1,58 @@
+---
+title: About the google_parameter_manager_parameter_version resource
+platform: gcp
+---
+
+## Syntax
+A `google_parameter_manager_parameter_version` is used to test a Google Parameter Version resource
+
+## Examples
+```
+describe google_parameter_manager_parameter_version(name: 'projects/<project_id>/locations/global/parameters/<parameter_id>/versions/<parameter_version_id>') do
+	it { should exist }
+end
+describe google_parameter_manager_parameter_version(name: "does_not_exit") do
+	it { should_not exist }
+end
+describe google_parameter_manager_parameter_version(name: 'projects/<project_id>/locations/<location_id>/parameters/<parameter_id>/versions/<parameter_version_id>', region: <location_id>) do
+	it { should exist }
+end
+describe google_parameter_manager_parameter_version(name: "does_not_exit", region: <location_id>) do
+	it { should_not exist }
+end
+describe google_parameter_manager_parameter_version(name: 'projects/<project_id>/locations/global/parameters/<parameter_id>/versions/<parameter_version_id>', render_secret: true) do
+	it { should exist }
+end
+describe google_parameter_manager_parameter_version(name: "does_not_exit", render_secret: true) do
+	it { should_not exist }
+end
+describe google_parameter_manager_parameter_version(name: 'projects/<project_id>/locations/<location_id>/parameters/<parameter_id>/versions/<parameter_version_id>', region: <location_id>, render_secret: true) do
+	it { should exist }
+end
+describe google_parameter_manager_parameter_version(name: "does_not_exit", region: <location_id>, render_secret: true) do
+	it { should_not exist }
+end
+```
+
+## Properties
+Properties that can be accessed from the `google_parameter_manager_parameter_version` resource:
+
+  * `name`: The resource name of the Parameter Version. Format: `projects/{{project_id}}/locations/global/parameters/{{parameter_id}}/versions/{{parameter_version_id}}` or `projects/{{project_id}}/locations/{{location_id}}/parameters/{{parameter_id}}/versions/{{parameter_version_id}}`
+
+  * `create_time`: The time at which the Parameter Version was created.
+
+  * `update_time`: The time at which the Parameter Version was updated.
+
+  * `disabled`: The state of Parameter Version.
+
+  * `kms_key_version`: The resource name of the Cloud KMS CryptoKeyVersion used to decrypt parameter version payload. Format `projects/{{project_id}}/locations/global/keyRings/{{key_ring}}/cryptoKeys/{{crypto_key}}/cryptoKeyVersions/{{crypto_key_version}}` or  `projects/{{project_id}}/locations/{{location_id}}/keyRings/{{key_ring}}/cryptoKeys/{{crypto_key}}/cryptoKeyVersions/{{crypto_key_version}}`
+
+  * `rendered_payload`: The rendered payload of the Parameter Version.
+
+  * `payload`: The payload of the ParameterVersion.
+
+    * `data`: The parameter data. Must be no larger than 1MiB.
+
+## GCP Permissions
+
+Ensure the [Parameter Manager API](https://console.cloud.google.com/apis/library/parametermanager.googleapis.com/) is enabled for the current project.

docs/resources/google_parameter_manager_parameter_versions.md

@@ -0,0 +1,41 @@
+---
+title: About the google_parameter_manager_parameter_versions resource
+platform: gcp
+---
+
+## Syntax
+A `google_parameter_manager_parameter_versions` is used to test a Google Parameter Version resource
+
+## Examples
+```
+describe google_parameter_manager_parameter_versions(parent: 'projects/<project_id>/locations/global/parameters/<parameter_id>') do
+	it { should exist }
+end
+describe google_parameter_manager_parameter_versions(parent: "does_not_exit") do
+	it { should_not exist }
+end
+describe google_parameter_manager_parameter_versions(parent: 'projects/<project_id>/locations/<location_id>/parameters/<parameter_id>', region: <location_id>) do
+	it { should exist }
+end
+describe google_parameter_manager_parameter_versions(parent: "does_not_exit", region: <location_id>) do
+	it { should_not exist }
+end
+```
+
+## Properties
+Properties that can be accessed from the `google_parameter_manager_parameter_versions` resource:
+
+See [google_parameter_manager_parameter_version.md](google_parameter_manager_parameter_version.md) for more detailed information
+  * `names`: an array of `google_parameter_manager_parameter_version` name
+  * `create_times`: an array of `google_parameter_manager_parameter_version` create_time
+  * `update_times`: an array of `google_parameter_manager_parameter_version` update_time
+  * `disabled_values`: an array of `google_parameter_manager_parameter_version` disabled
+  * `kms_key_versions`: an array of `google_parameter_manager_parameter_version` kms_key_version
+
+## Filter Criteria
+This resource supports all of the above properties as filter criteria, which can be used
+with `where` as a block or a method.
+
+## GCP Permissions
+
+Ensure the [Parameter Manager API](https://console.cloud.google.com/apis/library/parametermanager.googleapis.com/) is enabled for the current project.

docs/resources/google_parameter_manager_parameters.md

@@ -0,0 +1,37 @@
+---
+title: About the google_parameter_manager_parameters resource
+platform: gcp
+---
+
+## Syntax
+A `google_parameter_manager_parameters` is used to test a Google Parameter resource
+
+## Examples
+```
+describe google_parameter_manager_parameters(parent: 'projects/<project_id>/locations/global') do
+	it { should exist }
+end
+describe google_parameter_manager_parameters(parent: 'projects/<project_id>/locations/<location_id>', region: <location_id>) do
+	it { should exist }
+end
+```
+
+## Properties
+Properties that can be accessed from the `google_parameter_manager_parameters` resource:
+
+See [google_parameter_manager_parameter.md](google_parameter_manager_parameter.md) for more detailed information
+  * `names`: an array of `google_parameter_manager_parameter` name
+  * `create_times`: an array of `google_parameter_manager_parameter` create_time
+  * `update_times`: an array of `google_parameter_manager_parameter` update_time
+  * `formats`: an array of `google_parameter_manager_parameter` format
+  * `labels`: an array of `google_parameter_manager_parameter` label
+  * `policy_members`: an array of `google_parameter_manager_parameter` policy_member
+  * `kms_keys`: an array of `google_parameter_manager_parameter` kms_key
+
+## Filter Criteria
+This resource supports all of the above properties as filter criteria, which can be used
+with `where` as a block or a method.
+
+## GCP Permissions
+
+Ensure the [Parameter Manager API](https://console.cloud.google.com/apis/library/parametermanager.googleapis.com/) is enabled for the current project.

libraries/google/parametermanager/property/payload.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module GoogleInSpec
+  module ParameterManager
+    module Property
+      class Payload
+        attr_reader :data
+
+        def initialize(args = nil, parent_identifier = nil)
+          return if args.nil?
+          @parent_identifier = parent_identifier
+          @data = args['data']
+        end
+
+        def to_s
+          "#{@parent_identifier} PolicyMember"
+        end
+      end
+    end
+  end
+end

libraries/google/parametermanager/property/policy_member.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module GoogleInSpec
+  module ParameterManager
+    module Property
+      class PolicyMember
+        attr_reader :iam_policy_uid_principal
+
+        def initialize(args = nil, parent_identifier = nil)
+          return if args.nil?
+          @parent_identifier = parent_identifier
+          @iam_policy_uid_principal = args['iamPolicyUidPrincipal']
+        end
+
+        def to_s
+          "#{@parent_identifier} PolicyMember"
+        end
+      end
+    end
+  end
+end

libraries/google_parameter_manager_parameter.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: false
+
+require 'gcp_backend'
+require 'google/parametermanager/property/policy_member'
+
+# A provider to manage Parameter Manager resources.
+class ParameterManagerParameter < GcpResourceBase
+  name 'google_parameter_manager_parameter'
+  desc 'Parameter'
+  supports platform: 'gcp'
+
+  attr_reader :params
+  attr_reader :name
+  attr_reader :create_time
+  attr_reader :update_time
+  attr_reader :format
+  attr_reader :labels
+  attr_reader :policy_member
+  attr_reader :kms_key
+
+  def initialize(params)
+    super(params.merge({ use_http_transport: true }))
+    @params = params
+    @fetched = @connection.fetch(product_url(params[:beta]), resource_base_url, params, 'Get')
+    parse unless @fetched.nil?
+  end
+
+  def parse
+    @name = @fetched['name']
+    @create_time = @fetched['createTime']
+    @labels = @fetched['labels']
+    @update_time = @fetched['updateTime']
+    @format = @fetched['format']
+    @policy_member = GoogleInSpec::ParameterManager::Property::PolicyMember.new(@fetched['policyMember'], to_s)
+    @kms_key = @fetched['kmsKey']
+  end
+
+  def exists?
+    [email protected]?
+  end
+
+  def to_s
+    "Parameter #{@params[:name]}"
+  end
+
+  private
+
+  def product_url(_ = nil)
+    if @params[:region] && @params[:region] != 'global'
+      "https://parametermanager.#{@params[:region]}.rep.googleapis.com/v1/"
+    else
+      'https://parametermanager.googleapis.com/v1/'
+    end
+  end
+
+  def resource_base_url
+    '{{name}}'
+  end
+end

libraries/google_parameter_manager_parameter_version.rb

@@ -0,0 +1,68 @@
+# frozen_string_literal: false
+
+require 'gcp_backend'
+require 'google/parametermanager/property/payload'
+
+class ParameterManagerParameterVersion < GcpResourceBase
+  name 'google_parameter_manager_parameter_version'
+  desc 'ParameterVersion'
+  supports platform: 'gcp'
+
+  attr_reader :params
+  attr_reader :name
+  attr_reader :payload
+  attr_reader :rendered_payload
+  attr_reader :create_time
+  attr_reader :update_time
+  attr_reader :disabled
+  attr_reader :kms_key_version
+
+  def initialize(params)
+    super(params.merge({ use_http_transport: true }))
+    @params = params
+    @fetched = @connection.fetch(product_url(params[:beta]), resource_base_url, params, 'Get')
+    parse unless @fetched.nil?
+  end
+
+  def parse
+    @payload = GoogleInSpec::ParameterManager::Property::Payload.new(@fetched['payload'], to_s)
+
+    # Conditionally set if they exist
+    if @params[:render_secret] == true
+      @rendered_payload = @fetched['renderedPayload']
+      @name = @fetched['parameterVersion']
+    else
+      @name = @fetched['name']
+      @create_time = @fetched['createTime'] if @fetched.key?('createTime')
+      @update_time = @fetched['updateTime'] if @fetched.key?('updateTime')
+    end
+    @disabled = @fetched['disabled'] if @fetched.key?('disabled')
+    @kms_key_version = @fetched['kmsKeyVersion'] if @fetched.key?('kmsKeyVersion')
+  end
+
+  def exists?
+    [email protected]?
+  end
+
+  def to_s
+    "ParameterVersion #{@params[:name]}"
+  end
+
+  private
+
+  def product_url(_ = nil)
+    if @params[:region] && @params[:region] != 'global'
+      "https://parametermanager.#{@params[:region]}.rep.googleapis.com/v1/"
+    else
+      'https://parametermanager.googleapis.com/v1/'
+    end
+  end
+
+  def resource_base_url
+    if @params[:render_secret] == true
+      '{{name}}:render'
+    else
+      '{{name}}'
+    end
+  end
+end