diff --git a/README.md b/README.md index ad20fcc71..b530c53f9 100644 --- a/README.md +++ b/README.md @@ -249,6 +249,7 @@ The following resources are available in the InSpec GCP Profile | [google_compute_packet_mirroring](docs/resources/google_compute_packet_mirroring.md) | [google_compute_packet_mirrorings](docs/resources/google_compute_packet_mirrorings.md) | | [google_compute_project_info](docs/resources/google_compute_project_info.md) | No Plural Resource | | [google_compute_public_delegated_prefix](docs/resources/google_compute_public_delegated_prefix.md) | [google_compute_public_delegated_prefixes](docs/resources/google_compute_public_delegated_prefixes.md) | +| [google_compute_public_advertised_prefix](docs/resources/google_compute_public_advertised_prefix.md) | [google_compute_public_advertised_prefixes](docs/resources/google_compute_public_advertised_prefixes.md) | | [google_compute_region](docs/resources/google_compute_region.md) | [google_compute_regions](docs/resources/google_compute_regions.md) | | [google_compute_region_backend_service](docs/resources/google_compute_region_backend_service.md) | [google_compute_region_backend_services](docs/resources/google_compute_region_backend_services.md) | | [google_compute_region_commitment](docs/resources/google_compute_region_commitment.md) | [google_compute_region_commitments](docs/resources/google_compute_region_commitments.md) | diff --git a/docs/resources/google_compute_public_advertised_prefix.md b/docs/resources/google_compute_public_advertised_prefix.md new file mode 100644 index 000000000..7576e9917 --- /dev/null +++ b/docs/resources/google_compute_public_advertised_prefix.md @@ -0,0 +1,99 @@ +--- +title: About the google_compute_public_advertised_prefix resource +platform: gcp +--- + +## Syntax +A `google_compute_public_advertised_prefix` is used to test a Google PublicAdvertisedPrefix resource + +## Examples +``` +describe google_compute_public_advertised_prefix(project: 'chef-gcp-inspec', publicAdvertisedPrefix: ' ') do + it { should exist } + its('kind') { should cmp 'value_kind' } + its('id') { should cmp 'value_id' } + its('creation_timestamp') { should cmp 'value_creationtimestamp' } + its('name') { should cmp 'value_name' } + its('description') { should cmp 'value_description' } + its('self_link') { should cmp 'value_selflink' } + its('self_link_with_id') { should cmp 'value_selflinkwithid' } + its('ip_cidr_range') { should cmp 'value_ipcidrrange' } + its('dns_verification_ip') { should cmp 'value_dnsverificationip' } + its('shared_secret') { should cmp 'value_sharedsecret' } + its('status') { should cmp 'value_status' } + its('pdp_scope') { should cmp 'value_pdpscope' } + its('fingerprint') { should cmp 'value_fingerprint' } + its('byoip_api_version') { should cmp 'value_byoipapiversion' } + +end + +describe google_compute_public_advertised_prefix(project: 'chef-gcp-inspec', publicAdvertisedPrefix: ' ') do + it { should_not exist } +end +``` + +## Properties +Properties that can be accessed from the `google_compute_public_advertised_prefix` resource: + + + * `kind`: [Output Only] Type of the resource. Always compute#publicAdvertisedPrefix for public advertised prefixes. + + * `id`: [Output Only] The unique identifier for the resource type. The server generates this identifier. + + * `creation_timestamp`: [Output Only] Creation timestamp in RFC3339 text format. + + * `name`: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + * `description`: An optional description of this resource. Provide this property when you create the resource. + + * `self_link`: [Output Only] Server-defined URL for the resource. + + * `self_link_with_id`: [Output Only] Server-defined URL with id for the resource. + + * `ip_cidr_range`: The address range, in CIDR format, represented by this public advertised prefix. + + * `dns_verification_ip`: The address to be used for reverse DNS verification. + + * `shared_secret`: [Output Only] The shared secret to be used for reverse DNS verification. + + * `status`: The status of the public advertised prefix. Possible values include: - `INITIAL`: RPKI validation is complete. - `PTR_CONFIGURED`: User has configured the PTR. - `VALIDATED`: Reverse DNS lookup is successful. - `REVERSE_DNS_LOOKUP_FAILED`: Reverse DNS lookup failed. - `PREFIX_CONFIGURATION_IN_PROGRESS`: The prefix is being configured. - `PREFIX_CONFIGURATION_COMPLETE`: The prefix is fully configured. - `PREFIX_REMOVAL_IN_PROGRESS`: The prefix is being removed. + Possible values: + * ANNOUNCED_TO_INTERNET + * INITIAL + * PREFIX_CONFIGURATION_COMPLETE + * PREFIX_CONFIGURATION_IN_PROGRESS + * PREFIX_REMOVAL_IN_PROGRESS + * PTR_CONFIGURED + * READY_TO_ANNOUNCE + * REVERSE_DNS_LOOKUP_FAILED + * VALIDATED + + * `pdp_scope`: Specifies how child public delegated prefix will be scoped. It could be one of following values: - `REGIONAL`: The public delegated prefix is regional only. The provisioning will take a few minutes. - `GLOBAL`: The public delegated prefix is global only. The provisioning will take ~4 weeks. - `GLOBAL_AND_REGIONAL` [output only]: The public delegated prefixes is BYOIP V1 legacy prefix. This is output only value and no longer supported in BYOIP V2. + Possible values: + * GLOBAL + * GLOBAL_AND_REGIONAL + * REGIONAL + + * `public_delegated_prefixs`: [Output Only] The list of public delegated prefixes that exist for this public advertised prefix. + + * `name`: The name of the public delegated prefix + + * `region`: The region of the public delegated prefix if it is regional. If absent, the prefix is global. + + * `project`: The project number of the public delegated prefix + + * `status`: The status of the public delegated prefix. Possible values are: INITIALIZING: The public delegated prefix is being initialized and addresses cannot be created yet. ANNOUNCED: The public delegated prefix is active. + + * `ip_range`: The IP address range of the public delegated prefix + + * `fingerprint`: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a new PublicAdvertisedPrefix. An up-to-date fingerprint must be provided in order to update the PublicAdvertisedPrefix, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a PublicAdvertisedPrefix. + + * `byoip_api_version`: [Output Only] The version of BYOIP API. + Possible values: + * V1 + * V2 + + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/docs/resources/google_compute_public_advertised_prefixes.md b/docs/resources/google_compute_public_advertised_prefixes.md new file mode 100644 index 000000000..734cffd24 --- /dev/null +++ b/docs/resources/google_compute_public_advertised_prefixes.md @@ -0,0 +1,42 @@ +--- +title: About the google_compute_public_advertised_prefixes resource +platform: gcp +--- + +## Syntax +A `google_compute_public_advertised_prefixes` is used to test a Google PublicAdvertisedPrefix resource + +## Examples +``` + describe google_compute_public_advertised_prefixes(project: 'chef-gcp-inspec') do + it { should exist } + end +``` + +## Properties +Properties that can be accessed from the `google_compute_public_advertised_prefixes` resource: + +See [google_compute_public_advertised_prefix.md](google_compute_public_advertised_prefix.md) for more detailed information + * `kinds`: an array of `google_compute_public_advertised_prefix` kind + * `ids`: an array of `google_compute_public_advertised_prefix` id + * `creation_timestamps`: an array of `google_compute_public_advertised_prefix` creation_timestamp + * `names`: an array of `google_compute_public_advertised_prefix` name + * `descriptions`: an array of `google_compute_public_advertised_prefix` description + * `self_links`: an array of `google_compute_public_advertised_prefix` self_link + * `self_link_with_ids`: an array of `google_compute_public_advertised_prefix` self_link_with_id + * `ip_cidr_ranges`: an array of `google_compute_public_advertised_prefix` ip_cidr_range + * `dns_verification_ips`: an array of `google_compute_public_advertised_prefix` dns_verification_ip + * `shared_secrets`: an array of `google_compute_public_advertised_prefix` shared_secret + * `statuses`: an array of `google_compute_public_advertised_prefix` status + * `pdp_scopes`: an array of `google_compute_public_advertised_prefix` pdp_scope + * `public_delegated_prefixs`: an array of `google_compute_public_advertised_prefix` public_delegated_prefixs + * `fingerprints`: an array of `google_compute_public_advertised_prefix` fingerprint + * `byoip_api_versions`: an array of `google_compute_public_advertised_prefix` byoip_api_version + +## Filter Criteria +This resource supports all of the above properties as filter criteria, which can be used +with `where` as a block or a method. + +## GCP Permissions + +Ensure the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com/) is enabled for the current project. diff --git a/libraries/google/compute/property/publicadvertisedprefix_public_delegated_prefixs.rb b/libraries/google/compute/property/publicadvertisedprefix_public_delegated_prefixs.rb new file mode 100644 index 000000000..989cc456f --- /dev/null +++ b/libraries/google/compute/property/publicadvertisedprefix_public_delegated_prefixs.rb @@ -0,0 +1,54 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: MMv1 *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Compute + module Property + class PublicAdvertisedPrefixPublicDelegatedPrefixs + attr_reader :name + + attr_reader :region + + attr_reader :project + + attr_reader :status + + attr_reader :ip_range + + def initialize(args = nil, parent_identifier = nil) + return if args.nil? + @parent_identifier = parent_identifier + @name = args['name'] + @region = args['region'] + @project = args['project'] + @status = args['status'] + @ip_range = args['ipRange'] + end + + def to_s + "#{@parent_identifier} PublicAdvertisedPrefixPublicDelegatedPrefixs" + end + end + + class PublicAdvertisedPrefixPublicDelegatedPrefixsArray + def self.parse(value, parent_identifier) + return if value.nil? + return PublicAdvertisedPrefixPublicDelegatedPrefixs.new(value, parent_identifier) unless value.is_a?(::Array) + value.map { |v| PublicAdvertisedPrefixPublicDelegatedPrefixs.new(v, parent_identifier) } + end + end + end + end +end diff --git a/libraries/google_compute_public_advertised_prefix.rb b/libraries/google_compute_public_advertised_prefix.rb new file mode 100644 index 000000000..36c52fb93 --- /dev/null +++ b/libraries/google_compute_public_advertised_prefix.rb @@ -0,0 +1,84 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: MMv1 *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +require 'google/compute/property/publicadvertisedprefix_public_delegated_prefixs' + +# A provider to manage Compute Engine resources. +class ComputePublicAdvertisedPrefix < GcpResourceBase + name 'google_compute_public_advertised_prefix' + desc 'PublicAdvertisedPrefix' + supports platform: 'gcp' + + attr_reader :params + attr_reader :kind + attr_reader :id + attr_reader :creation_timestamp + attr_reader :name + attr_reader :description + attr_reader :self_link + attr_reader :self_link_with_id + attr_reader :ip_cidr_range + attr_reader :dns_verification_ip + attr_reader :shared_secret + attr_reader :status + attr_reader :pdp_scope + attr_reader :public_delegated_prefixs + attr_reader :fingerprint + attr_reader :byoip_api_version + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @params = params + @fetched = @connection.fetch(product_url(params[:beta]), resource_base_url, params, 'Get') + parse unless @fetched.nil? + end + + def parse + @kind = @fetched['kind'] + @id = @fetched['id'] + @creation_timestamp = @fetched['creationTimestamp'] + @name = @fetched['name'] + @description = @fetched['description'] + @self_link = @fetched['selfLink'] + @self_link_with_id = @fetched['selfLinkWithId'] + @ip_cidr_range = @fetched['ipCidrRange'] + @dns_verification_ip = @fetched['dnsVerificationIp'] + @shared_secret = @fetched['sharedSecret'] + @status = @fetched['status'] + @pdp_scope = @fetched['pdpScope'] + @public_delegated_prefixs = GoogleInSpec::Compute::Property::PublicAdvertisedPrefixPublicDelegatedPrefixsArray.parse(@fetched['publicDelegatedPrefixs'], to_s) + @fingerprint = @fetched['fingerprint'] + @byoip_api_version = @fetched['byoipApiVersion'] + end + + def exists? + !@fetched.nil? + end + + def to_s + "PublicAdvertisedPrefix #{@params[:publicAdvertisedPrefix]}" + end + + private + + def product_url(_ = nil) + 'https://compute.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/publicAdvertisedPrefixes/{{public_advertised_prefix}}' + end +end diff --git a/libraries/google_compute_public_advertised_prefixes.rb b/libraries/google_compute_public_advertised_prefixes.rb new file mode 100644 index 000000000..889ba17ed --- /dev/null +++ b/libraries/google_compute_public_advertised_prefixes.rb @@ -0,0 +1,107 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: MMv1 *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +class ComputePublicAdvertisedPrefixs < GcpResourceBase + name 'google_compute_public_advertised_prefixes' + desc 'PublicAdvertisedPrefix plural resource' + supports platform: 'gcp' + + attr_reader :table + + filter_table_config = FilterTable.create + + filter_table_config.add(:kinds, field: :kind) + filter_table_config.add(:ids, field: :id) + filter_table_config.add(:creation_timestamps, field: :creation_timestamp) + filter_table_config.add(:names, field: :name) + filter_table_config.add(:descriptions, field: :description) + filter_table_config.add(:self_links, field: :self_link) + filter_table_config.add(:self_link_with_ids, field: :self_link_with_id) + filter_table_config.add(:ip_cidr_ranges, field: :ip_cidr_range) + filter_table_config.add(:dns_verification_ips, field: :dns_verification_ip) + filter_table_config.add(:shared_secrets, field: :shared_secret) + filter_table_config.add(:statuses, field: :status) + filter_table_config.add(:pdp_scopes, field: :pdp_scope) + filter_table_config.add(:public_delegated_prefixs, field: :public_delegated_prefixs) + filter_table_config.add(:fingerprints, field: :fingerprint) + filter_table_config.add(:byoip_api_versions, field: :byoip_api_version) + + filter_table_config.connect(self, :table) + + def initialize(params = {}) + super(params.merge({ use_http_transport: true })) + @params = params + @table = fetch_wrapped_resource('publicAdvertisedPrefixes') + end + + def fetch_wrapped_resource(wrap_path) + # fetch_resource returns an array of responses (to handle pagination) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') + return if result.nil? + + # Conversion of string -> object hash to symbol -> object hash that InSpec needs + converted = [] + result.each do |response| + next if response.nil? || !response.key?(wrap_path) + response[wrap_path].each do |hash| + hash_with_symbols = {} + hash.each_key do |key| + name, value = transform(key, hash) + hash_with_symbols[name] = value + end + converted.push(hash_with_symbols) + end + end + + converted + end + + def transform(key, value) + return transformers[key].call(value) if transformers.key?(key) + + [key.to_sym, value] + end + + def transformers + { + 'kind' => ->(obj) { [:kind, obj['kind']] }, + 'id' => ->(obj) { [:id, obj['id']] }, + 'creationTimestamp' => ->(obj) { [:creation_timestamp, obj['creationTimestamp']] }, + 'name' => ->(obj) { [:name, obj['name']] }, + 'description' => ->(obj) { [:description, obj['description']] }, + 'selfLink' => ->(obj) { [:self_link, obj['selfLink']] }, + 'selfLinkWithId' => ->(obj) { [:self_link_with_id, obj['selfLinkWithId']] }, + 'ipCidrRange' => ->(obj) { [:ip_cidr_range, obj['ipCidrRange']] }, + 'dnsVerificationIp' => ->(obj) { [:dns_verification_ip, obj['dnsVerificationIp']] }, + 'sharedSecret' => ->(obj) { [:shared_secret, obj['sharedSecret']] }, + 'status' => ->(obj) { [:status, obj['status']] }, + 'pdpScope' => ->(obj) { [:pdp_scope, obj['pdpScope']] }, + 'publicDelegatedPrefixs' => ->(obj) { [:public_delegated_prefixs, GoogleInSpec::Compute::Property::PublicAdvertisedPrefixPublicDelegatedPrefixsArray.parse(obj['publicDelegatedPrefixs'], to_s)] }, + 'fingerprint' => ->(obj) { [:fingerprint, obj['fingerprint']] }, + 'byoipApiVersion' => ->(obj) { [:byoip_api_version, obj['byoipApiVersion']] }, + } + end + + private + + def product_url(_ = nil) + 'https://compute.googleapis.com/compute/v1/' + end + + def resource_base_url + 'projects/{{project}}/global/publicAdvertisedPrefixes' + end +end diff --git a/test/integration/verify/controls/google_compute_public_advertised_prefix.rb b/test/integration/verify/controls/google_compute_public_advertised_prefix.rb new file mode 100644 index 000000000..069019973 --- /dev/null +++ b/test/integration/verify/controls/google_compute_public_advertised_prefix.rb @@ -0,0 +1,63 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: MMv1 *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_public_advertised_prefix resource.' + +gcp_project_id = input(:gcp_project_id, value: 'gcp_project_id', description: 'The GCP project identifier.') + + public_advertised_prefix = input('public_advertised_prefix', value: { + "project": "value_project", + "public_advertised_prefix": "value_publicadvertisedprefix", + "kind": "value_kind", + "id": "value_id", + "creation_timestamp": "value_creationtimestamp", + "name": "value_name", + "description": "value_description", + "self_link": "value_selflink", + "self_link_with_id": "value_selflinkwithid", + "ip_cidr_range": "value_ipcidrrange", + "dns_verification_ip": "value_dnsverificationip", + "shared_secret": "value_sharedsecret", + "status": "value_status", + "pdp_scope": "value_pdpscope", + "fingerprint": "value_fingerprint", + "byoip_api_version": "value_byoipapiversion" +}, description: 'public_advertised_prefix description') +control 'google_compute_public_advertised_prefix-1.0' do + impact 1.0 + title 'google_compute_public_advertised_prefix resource test' + + describe google_compute_public_advertised_prefix(project: gcp_project_id, publicAdvertisedPrefix: public_advertised_prefix['publicAdvertisedPrefix']) do + it { should exist } + its('kind') { should cmp public_advertised_prefix['kind'] } + its('id') { should cmp public_advertised_prefix['id'] } + its('creation_timestamp') { should cmp public_advertised_prefix['creation_timestamp'] } + its('name') { should cmp public_advertised_prefix['name'] } + its('description') { should cmp public_advertised_prefix['description'] } + its('self_link') { should cmp public_advertised_prefix['self_link'] } + its('self_link_with_id') { should cmp public_advertised_prefix['self_link_with_id'] } + its('ip_cidr_range') { should cmp public_advertised_prefix['ip_cidr_range'] } + its('dns_verification_ip') { should cmp public_advertised_prefix['dns_verification_ip'] } + its('shared_secret') { should cmp public_advertised_prefix['shared_secret'] } + its('status') { should cmp public_advertised_prefix['status'] } + its('pdp_scope') { should cmp public_advertised_prefix['pdp_scope'] } + its('fingerprint') { should cmp public_advertised_prefix['fingerprint'] } + its('byoip_api_version') { should cmp public_advertised_prefix['byoip_api_version'] } + + end + + describe google_compute_public_advertised_prefix(project: gcp_project_id, publicAdvertisedPrefix: public_advertised_prefix['publicAdvertisedPrefix']) do + it { should_not exist } + end +end diff --git a/test/integration/verify/controls/google_compute_public_advertised_prefixes.rb b/test/integration/verify/controls/google_compute_public_advertised_prefixes.rb new file mode 100644 index 000000000..73324ae9c --- /dev/null +++ b/test/integration/verify/controls/google_compute_public_advertised_prefixes.rb @@ -0,0 +1,44 @@ +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: MMv1 *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- + +title 'Test GCP google_compute_public_advertised_prefixes resource.' + +gcp_project_id = input(:gcp_project_id, value: 'gcp_project_id', description: 'The GCP project identifier.') + + public_advertised_prefix = input('public_advertised_prefix', value: { + "project": "value_project", + "public_advertised_prefix": "value_publicadvertisedprefix", + "kind": "value_kind", + "id": "value_id", + "creation_timestamp": "value_creationtimestamp", + "name": "value_name", + "description": "value_description", + "self_link": "value_selflink", + "self_link_with_id": "value_selflinkwithid", + "ip_cidr_range": "value_ipcidrrange", + "dns_verification_ip": "value_dnsverificationip", + "shared_secret": "value_sharedsecret", + "status": "value_status", + "pdp_scope": "value_pdpscope", + "fingerprint": "value_fingerprint", + "byoip_api_version": "value_byoipapiversion" +}, description: 'public_advertised_prefix description') +control 'google_compute_public_advertised_prefixes-1.0' do + impact 1.0 + title 'google_compute_public_advertised_prefixes resource test' + + describe google_compute_public_advertised_prefixes(project: gcp_project_id) do + it { should exist } + end +end