This repository has been archived by the owner on Nov 14, 2024. It is now read-only.
forked from inspec/inspec-gcp
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add InSpec support for cloud scheduler job
Signed-off-by: Modular Magician <magic-modules@google.com>
- Loading branch information
1 parent
ff37a57
commit d22e041
Showing
15 changed files
with
730 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
--- | ||
title: About the google_cloud_scheduler_job resource | ||
platform: gcp | ||
--- | ||
|
||
## Syntax | ||
A `google_cloud_scheduler_job` is used to test a Google Job resource | ||
|
||
## Examples | ||
``` | ||
describe google_cloud_scheduler_job(project: 'chef-gcp-inspec', region: us-central1, name: 'job-name') do | ||
it { should exist } | ||
its('description') { should cmp 'A description' } | ||
its('schedule') { should cmp '*/8 * * * *' } | ||
its('time_zone') { should cmp 'America/New_York' } | ||
its('http_target.http_method') { should cmp 'POST' } | ||
its('http_target.uri') { should cmp 'https://example.com/ping' } | ||
end | ||
``` | ||
|
||
## Properties | ||
Properties that can be accessed from the `google_cloud_scheduler_job` resource: | ||
|
||
|
||
* `name`: The name of the job. | ||
|
||
* `description`: A human-readable description for the job. This string must not contain more than 500 characters. | ||
|
||
* `schedule`: Describes the schedule on which the job will be executed. | ||
|
||
* `time_zone`: Specifies the time zone to be used in interpreting schedule. The value of this field must be a time zone name from the tz database. | ||
|
||
* `retry_config`: By default, if a job does not complete successfully, meaning that an acknowledgement is not received from the handler, then it will be retried with exponential backoff according to the settings | ||
|
||
* `retry_count`: The number of attempts that the system will make to run a job using the exponential backoff procedure described by maxDoublings. Values greater than 5 and negative values are not allowed. | ||
|
||
* `max_retry_duration`: The time limit for retrying a failed job, measured from time when an execution was first attempted. If specified with retryCount, the job will be retried until both limits are reached. A duration in seconds with up to nine fractional digits, terminated by 's'. | ||
|
||
* `min_backoff_duration`: The minimum amount of time to wait before retrying a job after it fails. A duration in seconds with up to nine fractional digits, terminated by 's'. | ||
|
||
* `max_backoff_duration`: The maximum amount of time to wait before retrying a job after it fails. A duration in seconds with up to nine fractional digits, terminated by 's'. | ||
|
||
* `max_doublings`: The time between retries will double maxDoublings times. A job's retry interval starts at minBackoffDuration, then doubles maxDoublings times, then increases linearly, and finally retries retries at intervals of maxBackoffDuration up to retryCount times. | ||
|
||
* `pubsub_target`: Pub/Sub target If the job providers a Pub/Sub target the cron will publish a message to the provided topic | ||
|
||
* `topic_name`: The name of the Cloud Pub/Sub topic to which messages will be published when a job is delivered. The topic name must be in the same format as required by PubSub's PublishRequest.name, for example projects/PROJECT_ID/topics/TOPIC_ID. | ||
|
||
* `data`: The message payload for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute. | ||
|
||
* `attributes`: Attributes for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute. | ||
|
||
* `app_engine_http_target`: App Engine HTTP target. If the job providers a App Engine HTTP target the cron will send a request to the service instance | ||
|
||
* `http_method`: Which HTTP method to use for the request. | ||
|
||
* `app_engine_routing`: App Engine Routing setting for the job. | ||
|
||
* `service`: App service. By default, the job is sent to the service which is the default service when the job is attempted. | ||
|
||
* `version`: App version. By default, the job is sent to the version which is the default version when the job is attempted. | ||
|
||
* `instance`: App instance. By default, the job is sent to an instance which is available when the job is attempted. | ||
|
||
* `relative_uri`: The relative URI. The relative URL must begin with "/" and must be a valid HTTP relative URL. It can contain a path, query string arguments, and \# fragments. If the relative URL is empty, then the root path "/" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters | ||
|
||
* `body`: HTTP request body. A request body is allowed only if the HTTP method is POST or PUT. It will result in invalid argument error to set a body on a job with an incompatible HttpMethod. | ||
|
||
* `headers`: HTTP request headers. This map contains the header field names and values. Headers can be set when the job is created. | ||
|
||
* `http_target`: HTTP target. If the job providers a http_target the cron will send a request to the targeted url | ||
|
||
* `uri`: The full URI path that the request will be sent to. | ||
|
||
* `http_method`: Which HTTP method to use for the request. | ||
|
||
* `body`: HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. It is an error to set body on a job with an incompatible HttpMethod. | ||
|
||
* `headers`: This map contains the header field names and values. Repeated headers are not supported, but a header value can contain commas. | ||
|
||
* `oauth_token`: Contains information needed for generating an OAuth token. This type of authorization should be used when sending requests to a GCP endpoint. | ||
|
||
* `service_account_email`: Service account email to be used for generating OAuth token. The service account must be within the same project as the job. | ||
|
||
* `scope`: OAuth scope to be used for generating OAuth access token. If not specified, "https://www.googleapis.com/auth/cloud-platform" will be used. | ||
|
||
* `oidc_token`: Contains information needed for generating an OpenID Connect token. This type of authorization should be used when sending requests to third party endpoints or Cloud Run. | ||
|
||
* `service_account_email`: Service account email to be used for generating OAuth token. The service account must be within the same project as the job. | ||
|
||
* `audience`: Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used. | ||
|
||
* `region`: Region where the scheduler job resides | ||
|
||
|
||
## GCP Permissions |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
--- | ||
title: About the google_cloud_scheduler_jobs resource | ||
platform: gcp | ||
--- | ||
|
||
## Syntax | ||
A `google_cloud_scheduler_jobs` is used to test a Google Job resource | ||
|
||
## Examples | ||
``` | ||
google_cloud_scheduler_jobs(project: 'chef-gcp-inspec', region: ).names.each do |name| | ||
describe google_cloud_scheduler_job(project: 'chef-gcp-inspec', region: us-central1, name: name) do | ||
it { should exist } | ||
its('description') { should cmp 'A description' } | ||
its('schedule') { should cmp '*/8 * * * *' } | ||
its('time_zone') { should cmp 'America/New_York' } | ||
its('http_target.http_method') { should cmp 'POST' } | ||
its('http_target.uri') { should cmp 'https://example.com/ping' } | ||
end | ||
end | ||
``` | ||
|
||
## Properties | ||
Properties that can be accessed from the `google_cloud_scheduler_jobs` resource: | ||
|
||
See [google_cloud_scheduler_job.md](google_cloud_scheduler_job.md) for more detailed information | ||
* `names`: an array of `google_cloud_scheduler_job` name | ||
* `descriptions`: an array of `google_cloud_scheduler_job` description | ||
* `schedules`: an array of `google_cloud_scheduler_job` schedule | ||
* `time_zones`: an array of `google_cloud_scheduler_job` time_zone | ||
* `retry_configs`: an array of `google_cloud_scheduler_job` retry_config | ||
* `pubsub_targets`: an array of `google_cloud_scheduler_job` pubsub_target | ||
* `app_engine_http_targets`: an array of `google_cloud_scheduler_job` app_engine_http_target | ||
* `http_targets`: an array of `google_cloud_scheduler_job` http_target | ||
* `regions`: an array of `google_cloud_scheduler_job` region | ||
|
||
## Filter Criteria | ||
This resource supports all of the above properties as filter criteria, which can be used | ||
with `where` as a block or a method. | ||
|
||
## GCP Permissions |
47 changes: 47 additions & 0 deletions
47
libraries/google/cloudscheduler/property/job_app_engine_http_target.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
# frozen_string_literal: false | ||
|
||
# ---------------------------------------------------------------------------- | ||
# | ||
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** | ||
# | ||
# ---------------------------------------------------------------------------- | ||
# | ||
# This file is automatically generated by Magic Modules and manual | ||
# changes will be clobbered when the file is regenerated. | ||
# | ||
# Please read more about how to change this file in README.md and | ||
# CONTRIBUTING.md located at the root of this package. | ||
# | ||
# ---------------------------------------------------------------------------- | ||
require 'google/cloudscheduler/property/job_app_engine_http_target_app_engine_routing' | ||
module GoogleInSpec | ||
module CloudScheduler | ||
module Property | ||
class JobAppEngineHttpTarget | ||
attr_reader :http_method | ||
|
||
attr_reader :app_engine_routing | ||
|
||
attr_reader :relative_uri | ||
|
||
attr_reader :body | ||
|
||
attr_reader :headers | ||
|
||
def initialize(args = nil, parent_identifier = nil) | ||
return if args.nil? | ||
@parent_identifier = parent_identifier | ||
@http_method = args['httpMethod'] | ||
@app_engine_routing = GoogleInSpec::CloudScheduler::Property::JobAppEngineHttpTargetAppEngineRouting.new(args['appEngineRouting'], to_s) | ||
@relative_uri = args['relativeUri'] | ||
@body = args['body'] | ||
@headers = args['headers'] | ||
end | ||
|
||
def to_s | ||
"#{@parent_identifier} JobAppEngineHttpTarget" | ||
end | ||
end | ||
end | ||
end | ||
end |
40 changes: 40 additions & 0 deletions
40
libraries/google/cloudscheduler/property/job_app_engine_http_target_app_engine_routing.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
# frozen_string_literal: false | ||
|
||
# ---------------------------------------------------------------------------- | ||
# | ||
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** | ||
# | ||
# ---------------------------------------------------------------------------- | ||
# | ||
# This file is automatically generated by Magic Modules and manual | ||
# changes will be clobbered when the file is regenerated. | ||
# | ||
# Please read more about how to change this file in README.md and | ||
# CONTRIBUTING.md located at the root of this package. | ||
# | ||
# ---------------------------------------------------------------------------- | ||
module GoogleInSpec | ||
module CloudScheduler | ||
module Property | ||
class JobAppEngineHttpTargetAppEngineRouting | ||
attr_reader :service | ||
|
||
attr_reader :version | ||
|
||
attr_reader :instance | ||
|
||
def initialize(args = nil, parent_identifier = nil) | ||
return if args.nil? | ||
@parent_identifier = parent_identifier | ||
@service = args['service'] | ||
@version = args['version'] | ||
@instance = args['instance'] | ||
end | ||
|
||
def to_s | ||
"#{@parent_identifier} JobAppEngineHttpTargetAppEngineRouting" | ||
end | ||
end | ||
end | ||
end | ||
end |
51 changes: 51 additions & 0 deletions
51
libraries/google/cloudscheduler/property/job_http_target.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
# frozen_string_literal: false | ||
|
||
# ---------------------------------------------------------------------------- | ||
# | ||
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** | ||
# | ||
# ---------------------------------------------------------------------------- | ||
# | ||
# This file is automatically generated by Magic Modules and manual | ||
# changes will be clobbered when the file is regenerated. | ||
# | ||
# Please read more about how to change this file in README.md and | ||
# CONTRIBUTING.md located at the root of this package. | ||
# | ||
# ---------------------------------------------------------------------------- | ||
require 'google/cloudscheduler/property/job_http_target_oauth_token' | ||
require 'google/cloudscheduler/property/job_http_target_oidc_token' | ||
module GoogleInSpec | ||
module CloudScheduler | ||
module Property | ||
class JobHttpTarget | ||
attr_reader :uri | ||
|
||
attr_reader :http_method | ||
|
||
attr_reader :body | ||
|
||
attr_reader :headers | ||
|
||
attr_reader :oauth_token | ||
|
||
attr_reader :oidc_token | ||
|
||
def initialize(args = nil, parent_identifier = nil) | ||
return if args.nil? | ||
@parent_identifier = parent_identifier | ||
@uri = args['uri'] | ||
@http_method = args['httpMethod'] | ||
@body = args['body'] | ||
@headers = args['headers'] | ||
@oauth_token = GoogleInSpec::CloudScheduler::Property::JobHttpTargetOauthToken.new(args['oauthToken'], to_s) | ||
@oidc_token = GoogleInSpec::CloudScheduler::Property::JobHttpTargetOidcToken.new(args['oidcToken'], to_s) | ||
end | ||
|
||
def to_s | ||
"#{@parent_identifier} JobHttpTarget" | ||
end | ||
end | ||
end | ||
end | ||
end |
37 changes: 37 additions & 0 deletions
37
libraries/google/cloudscheduler/property/job_http_target_oauth_token.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
# frozen_string_literal: false | ||
|
||
# ---------------------------------------------------------------------------- | ||
# | ||
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** | ||
# | ||
# ---------------------------------------------------------------------------- | ||
# | ||
# This file is automatically generated by Magic Modules and manual | ||
# changes will be clobbered when the file is regenerated. | ||
# | ||
# Please read more about how to change this file in README.md and | ||
# CONTRIBUTING.md located at the root of this package. | ||
# | ||
# ---------------------------------------------------------------------------- | ||
module GoogleInSpec | ||
module CloudScheduler | ||
module Property | ||
class JobHttpTargetOauthToken | ||
attr_reader :service_account_email | ||
|
||
attr_reader :scope | ||
|
||
def initialize(args = nil, parent_identifier = nil) | ||
return if args.nil? | ||
@parent_identifier = parent_identifier | ||
@service_account_email = args['serviceAccountEmail'] | ||
@scope = args['scope'] | ||
end | ||
|
||
def to_s | ||
"#{@parent_identifier} JobHttpTargetOauthToken" | ||
end | ||
end | ||
end | ||
end | ||
end |
37 changes: 37 additions & 0 deletions
37
libraries/google/cloudscheduler/property/job_http_target_oidc_token.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
# frozen_string_literal: false | ||
|
||
# ---------------------------------------------------------------------------- | ||
# | ||
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** | ||
# | ||
# ---------------------------------------------------------------------------- | ||
# | ||
# This file is automatically generated by Magic Modules and manual | ||
# changes will be clobbered when the file is regenerated. | ||
# | ||
# Please read more about how to change this file in README.md and | ||
# CONTRIBUTING.md located at the root of this package. | ||
# | ||
# ---------------------------------------------------------------------------- | ||
module GoogleInSpec | ||
module CloudScheduler | ||
module Property | ||
class JobHttpTargetOidcToken | ||
attr_reader :service_account_email | ||
|
||
attr_reader :audience | ||
|
||
def initialize(args = nil, parent_identifier = nil) | ||
return if args.nil? | ||
@parent_identifier = parent_identifier | ||
@service_account_email = args['serviceAccountEmail'] | ||
@audience = args['audience'] | ||
end | ||
|
||
def to_s | ||
"#{@parent_identifier} JobHttpTargetOidcToken" | ||
end | ||
end | ||
end | ||
end | ||
end |
40 changes: 40 additions & 0 deletions
40
libraries/google/cloudscheduler/property/job_pubsub_target.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
# frozen_string_literal: false | ||
|
||
# ---------------------------------------------------------------------------- | ||
# | ||
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** | ||
# | ||
# ---------------------------------------------------------------------------- | ||
# | ||
# This file is automatically generated by Magic Modules and manual | ||
# changes will be clobbered when the file is regenerated. | ||
# | ||
# Please read more about how to change this file in README.md and | ||
# CONTRIBUTING.md located at the root of this package. | ||
# | ||
# ---------------------------------------------------------------------------- | ||
module GoogleInSpec | ||
module CloudScheduler | ||
module Property | ||
class JobPubsubTarget | ||
attr_reader :topic_name | ||
|
||
attr_reader :data | ||
|
||
attr_reader :attributes | ||
|
||
def initialize(args = nil, parent_identifier = nil) | ||
return if args.nil? | ||
@parent_identifier = parent_identifier | ||
@topic_name = args['topicName'] | ||
@data = args['data'] | ||
@attributes = args['attributes'] | ||
end | ||
|
||
def to_s | ||
"#{@parent_identifier} JobPubsubTarget" | ||
end | ||
end | ||
end | ||
end | ||
end |
Oops, something went wrong.