Skip to content
This repository has been archived by the owner on Nov 14, 2024. It is now read-only.

Commit

Permalink
Merge pull request #120 from modular-magician/codegen-pr-1460
Browse files Browse the repository at this point in the history 
Inspec resource folder
  • Loading branch information
@slevenick
slevenick authored Mar 1, 2019
2 parents 36ca828 + 4e222de commit bee2f0a
Show file tree
Hide file tree
Showing 8 changed files with 312 additions and 1 deletion.
38 changes: 38 additions & 0 deletions docs/resources/google_resourcemanager_folder.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
---
title: About the google_resourcemanager_folder resource
platform: gcp
---

## Syntax
A `google_resourcemanager_folder` is used to test a Google Folder resource

## Examples
```
describe.one do
google_resourcemanager_folders(parent: 'organizations/12345').names.each do |name|
describe google_resourcemanager_folder(name: name) do
it { should exist }
its('display_name') { should eq 'inspec-gcp-folder' }
end
end
end
```

## Properties
Properties that can be accessed from the `google_resourcemanager_folder` resource:

* `name`: The resource name of the Folder. Its format is folders/{folder_id}, for example: "folders/1234".

* `lifecycle_state`: The lifecycle state of the folder. Updates to the lifecycleState must be performed via folders.delete and folders.undelete.

* `create_time`: Time of creation

* `parent`: The Folder’s parent's resource name. Updates to the folder's parent must be performed via folders.move.

* `display_name`: The folder’s display name. A folder’s display name must be unique amongst its siblings, e.g. no two folders with the same parent can share the same display name. The display name must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be no longer than 30 characters. This is captured by the regular expression: `[\p{L}\p{N}]([\p{L}\p{N}_- ]{0,28}[\p{L}\p{N}])?`.



## GCP Permissions

Ensure the [Cloud Resource Manager API](https://console.cloud.google.com/apis/library/cloudresourcemanager.googleapis.com/) is enabled for the current project.
36 changes: 36 additions & 0 deletions docs/resources/google_resourcemanager_folders.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
---
title: About the google_resourcemanager_folders resource
platform: gcp
---

## Syntax
A `google_resourcemanager_folders` is used to test a Google Folder resource

## Examples
```
describe.one do
google_resourcemanager_folders(parent: 'organizations/12345').display_names.each do |display_name|
describe display_name do
it { should eq 'inspec-gcp-folder' }
end
end
end
```

## Properties
Properties that can be accessed from the `google_resourcemanager_folders` resource:

See [google_resourcemanager_folder.md](google_resourcemanager_folder.md) for more detailed information
* `names`: an array of `google_resourcemanager_folder` name
* `lifecycle_states`: an array of `google_resourcemanager_folder` lifecycle_state
* `create_times`: an array of `google_resourcemanager_folder` create_time
* `parents`: an array of `google_resourcemanager_folder` parent
* `display_names`: an array of `google_resourcemanager_folder` display_name

## Filter Criteria
This resource supports all of the above properties as filter criteria, which can be used
with `where` as a block or a method.

## GCP Permissions

Ensure the [Cloud Resource Manager API](https://console.cloud.google.com/apis/library/cloudresourcemanager.googleapis.com/) is enabled for the current project.
62 changes: 62 additions & 0 deletions libraries/google_resourcemanager_folder.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
# frozen_string_literal: false

# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in README.md and
# CONTRIBUTING.md located at the root of this package.
#
# ----------------------------------------------------------------------------
require 'gcp_backend'

# A provider to manage Resource Manager resources.
class Folder < GcpResourceBase
name 'google_resourcemanager_folder'
desc 'Folder'
supports platform: 'gcp'

attr_reader :name
attr_reader :lifecycle_state
attr_reader :create_time
attr_reader :parent
attr_reader :display_name

def initialize(params)
super(params.merge({ use_http_transport: true }))
@fetched = @connection.fetch(product_url, resource_base_url, params)
parse unless @fetched.nil?
end

def parse
@name = @fetched['name']
@lifecycle_state = @fetched['lifecycleState']
@create_time = parse_time_string(@fetched['createTime'])
@parent = @fetched['parent']
@display_name = @fetched['displayName']
end

# Handles parsing RFC3339 time string
def parse_time_string(time_string)
time_string ? Time.parse(time_string) : nil
end

def exists?
!@fetched.nil?
end

private

def product_url
'https://cloudresourcemanager.googleapis.com/v2/'
end

def resource_base_url
'{{name}}'
end
end
92 changes: 92 additions & 0 deletions libraries/google_resourcemanager_folders.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
# frozen_string_literal: false

# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in README.md and
# CONTRIBUTING.md located at the root of this package.
#
# ----------------------------------------------------------------------------
require 'gcp_backend'
class Folders < GcpResourceBase
name 'google_resourcemanager_folders'
desc 'Folder plural resource'
supports platform: 'gcp'

attr_reader :table

filter_table_config = FilterTable.create

filter_table_config.add(:names, field: :name)
filter_table_config.add(:lifecycle_states, field: :lifecycle_state)
filter_table_config.add(:create_times, field: :create_time)
filter_table_config.add(:parents, field: :parent)
filter_table_config.add(:display_names, field: :display_name)

filter_table_config.connect(self, :table)

def initialize(params = {})
super(params.merge({ use_http_transport: true }))
@params = params
@table = fetch_wrapped_resource('folders')
end

def fetch_wrapped_resource(wrap_path)
# fetch_resource returns an array of responses (to handle pagination)
result = @connection.fetch_all(product_url, resource_base_url, @params)
return if result.nil?

# Conversion of string -> object hash to symbol -> object hash that InSpec needs
converted = []
result.each do |response|
next if response.nil? || !response.key?(wrap_path)
response[wrap_path].each do |hash|
hash_with_symbols = {}
hash.each_key do |key|
name, value = transform(key, hash)
hash_with_symbols[name] = value
end
converted.push(hash_with_symbols)
end
end

converted
end

def transform(key, value)
return transformers[key].call(value) if transformers.key?(key)

[key.to_sym, value]
end

def transformers
{
'name' => ->(obj) { return :name, obj['name'] },
'lifecycleState' => ->(obj) { return :lifecycle_state, obj['lifecycleState'] },
'createTime' => ->(obj) { return :create_time, parse_time_string(obj['createTime']) },
'parent' => ->(obj) { return :parent, obj['parent'] },
'displayName' => ->(obj) { return :display_name, obj['displayName'] },
}
end

# Handles parsing RFC3339 time string
def parse_time_string(time_string)
time_string ? Time.parse(time_string) : nil
end

private

def product_url
'https://cloudresourcemanager.googleapis.com/v2/'
end

def resource_base_url
'folders?parent={{parent}}'
end
end
15 changes: 15 additions & 0 deletions test/integration/build/gcp-mm.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,15 @@ variable "repository" {
type = "map"
}

variable "folder" {
type = "map"
}

variable "gcp_organization_id" {
type = "string"
default = "none"
}

resource "google_compute_ssl_policy" "custom-ssl-policy" {
name = "${var.ssl_policy["name"]}"
min_tls_version = "${var.ssl_policy["min_tls_version"]}"
Expand Down Expand Up @@ -442,4 +451,10 @@ resource "google_bigquery_table" "gcp-inspec-bigquery-table" {
resource "google_sourcerepo_repository" "gcp-inspec-sourcerepo-repository" {
project = "${var.gcp_project_id}"
name = "${var.repository["name"]}"
}

resource "google_folder" "inspec-gcp-folder" {
count = "${var.gcp_organization_id == "none" ? 0 : var.gcp_enable_privileged_resources}"
display_name = "${var.folder["display_name"]}"
parent = "${var.gcp_organization_id}"
}
5 changes: 4 additions & 1 deletion test/integration/configuration/mm-attributes.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -186,4 +186,7 @@ bigquery_table:
time_partitioning_type: DAY

repository:
name: inspec-gcp-repository
name: inspec-gcp-repository

folder:
display_name: inspec-gcp-folder
33 changes: 33 additions & 0 deletions test/integration/verify/controls/google_resourcemanager_folder.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in README.md and
# CONTRIBUTING.md located at the root of this package.
#
# ----------------------------------------------------------------------------

title 'Test GCP google_resourcemanager_folder resource.'

folder = attribute('folder', default: {"display_name"=>"inspec-gcp-folder"})
gcp_organization_id = attribute(:gcp_organization_id, default: gcp_organization_id, description: 'The identifier of the organization that is the parent of this folder')
gcp_enable_privileged_resources = attribute(:gcp_enable_privileged_resources, default:0, description:'Flag to enable privileged resources requiring elevated privileges in GCP.')
control 'google_resourcemanager_folder-1.0' do
impact 1.0
title 'google_resourcemanager_folder resource test'

only_if { gcp_enable_privileged_resources.to_i == 1 && gcp_organization_id != ''}
describe.one do
google_resourcemanager_folders(parent: "organizations/#{gcp_organization_id}").names.each do |name|
describe google_resourcemanager_folder(name: name) do
it { should exist }
its('display_name') { should eq folder['display_name'] }
end
end
end
end
32 changes: 32 additions & 0 deletions test/integration/verify/controls/google_resourcemanager_folders.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in README.md and
# CONTRIBUTING.md located at the root of this package.
#
# ----------------------------------------------------------------------------

title 'Test GCP google_resourcemanager_folders resource.'

folder = attribute('folder', default: {"display_name"=>"inspec-gcp-folder"})
gcp_organization_id = attribute(:gcp_organization_id, default: gcp_organization_id, description: 'The identifier of the organization that is the parent of this folder')
gcp_enable_privileged_resources = attribute(:gcp_enable_privileged_resources, default:0, description:'Flag to enable privileged resources requiring elevated privileges in GCP.')
control 'google_resourcemanager_folders-1.0' do
impact 1.0
title 'google_resourcemanager_folders resource test'

only_if { gcp_enable_privileged_resources.to_i == 1 && gcp_organization_id != ''}
describe.one do
google_resourcemanager_folders(parent: "organizations/#{gcp_organization_id}").display_names.each do |display_name|
describe display_name do
it { should eq folder['display_name'] }
end
end
end
end

0 comments on commit bee2f0a

Please sign in to comment.