google-cloud-asset 0.2.0 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0b823afc43c96272ec4d02e1d5f4396a522e5e81c5b27fb63e6e4935ee80d0ad
-  data.tar.gz: 374a449c5410e6342ed2e12c1051042d94c41ad0c13c14d1ef71536e613c5886
+  metadata.gz: 07b3fef6d20d2dab2a924ed0682857ad6780c7928f9be48c7cd25857898b77e8
+  data.tar.gz: 109eeb5821997ec40fd8047b31248bd6c260d2b726101b8966901f3b79d79ba9
 SHA512:
-  metadata.gz: 12ee04691bc7f3ae7d3199b7adbda4d78e0a0adf4e78c2c643652018b40f912a09f94eb3fc1da2504315097d2c086dc6c8e41cfdd3b668eacbe5221df659e51a
-  data.tar.gz: aecc97f0ae21e4928cba3a990879ba4ba14583964382fefff23e445f386a6acdfc55b32e15ced8c1d56afc6546c2364d826db3b04ae4575629528b5c7ac91e38
+  metadata.gz: c92fc6fdf170d5bd974a70fd16feb64d8d876dfd77c24d53c83aef84f5f99ccc672beb7b8572aa8401ae837d16989d8e5d625d8e479c42a169388016f80e5ebc
+  data.tar.gz: a1c5d65eee9f3f61c091f6e786399bc87b2026bf3d8264846fe85488c7c41fc4dcab6aee9c3d0b764575e889797d2b94b52ea3f04a4f723258f1c03feddecc51

data/.yardopts

@@ -7,3 +7,5 @@
 ./lib/**/*.rb
 -
 README.md
+AUTHENTICATION.md
+LICENSE

data/AUTHENTICATION.md

@@ -0,0 +1,199 @@
+# Authentication
+
+In general, the google-cloud-asset library uses [Service
+Account](https://cloud.google.com/iam/docs/creating-managing-service-accounts)
+credentials to connect to Google Cloud services. When running within [Google
+Cloud Platform environments](#google-cloud-platform-environments)
+the credentials will be discovered automatically. When running on other
+environments, the Service Account credentials can be specified by providing the
+path to the [JSON
+keyfile](https://cloud.google.com/iam/docs/managing-service-account-keys) for
+the account (or the JSON itself) in [environment
+variables](#environment-variables). Additionally, Cloud SDK credentials can also
+be discovered automatically, but this is only recommended during development.
+
+## Quickstart
+
+1. [Create a service account and credentials](#creating-a-service-account).
+2. Set the [environment variable](#environment-variables).
+
+```sh
+export ASSET_CREDENTIALS=/path/to/json`
+```
+
+3. Initialize the client.
+
+```ruby
+require "google/cloud/asset"
+
+client = Google::Cloud::Asset.new
+```
+
+## Project and Credential Lookup
+
+The google-cloud-asset library aims to make authentication
+as simple as possible, and provides several mechanisms to configure your system
+without providing **Project ID** and **Service Account Credentials** directly in
+code.
+
+**Project ID** is discovered in the following order:
+
+1. Specify project ID in method arguments
+2. Specify project ID in configuration
+3. Discover project ID in environment variables
+4. Discover GCE project ID
+5. Discover project ID in credentials JSON
+
+**Credentials** are discovered in the following order:
+
+1. Specify credentials in method arguments
+2. Specify credentials in configuration
+3. Discover credentials path in environment variables
+4. Discover credentials JSON in environment variables
+5. Discover credentials file in the Cloud SDK's path
+6. Discover GCE credentials
+
+### Google Cloud Platform environments
+
+While running on Google Cloud Platform environments such as Google Compute
+Engine, Google App Engine and Google Kubernetes Engine, no extra work is needed.
+The **Project ID** and **Credentials** and are discovered automatically. Code
+should be written as if already authenticated. Just be sure when you [set up the
+GCE instance][gce-how-to], you add the correct scopes for the APIs you want to
+access. For example:
+
+  * **All APIs**
+    * `https://www.googleapis.com/auth/cloud-platform`
+    * `https://www.googleapis.com/auth/cloud-platform.read-only`
+  * **BigQuery**
+    * `https://www.googleapis.com/auth/bigquery`
+    * `https://www.googleapis.com/auth/bigquery.insertdata`
+  * **Compute Engine**
+    * `https://www.googleapis.com/auth/compute`
+  * **Datastore**
+    * `https://www.googleapis.com/auth/datastore`
+    * `https://www.googleapis.com/auth/userinfo.email`
+  * **DNS**
+    * `https://www.googleapis.com/auth/ndev.clouddns.readwrite`
+  * **Pub/Sub**
+    * `https://www.googleapis.com/auth/pubsub`
+  * **Storage**
+    * `https://www.googleapis.com/auth/devstorage.full_control`
+    * `https://www.googleapis.com/auth/devstorage.read_only`
+    * `https://www.googleapis.com/auth/devstorage.read_write`
+
+### Environment Variables
+
+The **Project ID** and **Credentials JSON** can be placed in environment
+variables instead of declaring them directly in code. Each service has its own
+environment variable, allowing for different service accounts to be used for
+different services. (See the READMEs for the individual service gems for
+details.) The path to the **Credentials JSON** file can be stored in the
+environment variable, or the **Credentials JSON** itself can be stored for
+environments such as Docker containers where writing files is difficult or not
+encouraged.
+
+The environment variables that google-cloud-asset checks for project ID are:
+
+1. `ASSET_PROJECT`
+2. `GOOGLE_CLOUD_PROJECT`
+
+The environment variables that google-cloud-asset checks for credentials are configured on {Google::Cloud::Asset::V1::Credentials}:
+
+1. `ASSET_CREDENTIALS` - Path to JSON file, or JSON contents
+2. `ASSET_KEYFILE` - Path to JSON file, or JSON contents
+3. `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
+4. `GOOGLE_CLOUD_KEYFILE` - Path to JSON file, or JSON contents
+5. `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
+
+```ruby
+require "google/cloud/asset"
+
+ENV["ASSET_PROJECT"]     = "my-project-id"
+ENV["ASSET_CREDENTIALS"] = "path/to/keyfile.json"
+
+client = Google::Cloud::Asset.new
+```
+
+### Configuration
+
+The **Project ID** and **Credentials JSON** can be configured instead of placing them in environment variables or providing them as arguments.
+
+```ruby
+require "google/cloud/asset"
+
+Google::Cloud::Asset.configure do |config|
+  config.project_id  = "my-project-id"
+  config.credentials = "path/to/keyfile.json"
+end
+
+client = Google::Cloud::Asset.new
+```
+
+### Cloud SDK
+
+This option allows for an easy way to authenticate during development. If
+credentials are not provided in code or in environment variables, then Cloud SDK
+credentials are discovered.
+
+To configure your system for this, simply:
+
+1. [Download and install the Cloud SDK](https://cloud.google.com/sdk)
+2. Authenticate using OAuth 2.0 `$ gcloud auth login`
+3. Write code as if already authenticated.
+
+**NOTE:** This is _not_ recommended for running in production. The Cloud SDK
+*should* only be used during development.
+
+[gce-how-to]: https://cloud.google.com/compute/docs/authentication#using
+[dev-console]: https://console.cloud.google.com/project
+
+[enable-apis]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/enable-apis.png
+
+[create-new-service-account]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/create-new-service-account.png
+[create-new-service-account-existing-keys]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/create-new-service-account-existing-keys.png
+[reuse-service-account]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/reuse-service-account.png
+
+## Creating a Service Account
+
+Google Cloud requires a **Project ID** and **Service Account Credentials** to
+connect to the APIs. You will use the **Project ID** and **JSON key file** to
+connect to most services with google-cloud-asset.
+
+If you are not running this client within [Google Cloud Platform
+environments](#google-cloud-platform-environments), you need a Google
+Developers service account.
+
+1. Visit the [Google Developers Console][dev-console].
+1. Create a new project or click on an existing project.
+1. Activate the slide-out navigation tray and select **API Manager**. From
+   here, you will enable the APIs that your application requires.
+
+   ![Enable the APIs that your application requires][enable-apis]
+
+   *Note: You may need to enable billing in order to use these services.*
+
+1. Select **Credentials** from the side navigation.
+
+   You should see a screen like one of the following.
+
+   ![Create a new service account][create-new-service-account]
+
+   ![Create a new service account With Existing Keys][create-new-service-account-existing-keys]
+
+   Find the "Add credentials" drop down and select "Service account" to be
+   guided through downloading a new JSON key file.
+
+   If you want to re-use an existing service account, you can easily generate a
+   new key file. Just select the account you wish to re-use, and click "Generate
+   new JSON key":
+
+   ![Re-use an existing service account][reuse-service-account]
+
+   The key file you download will be used by this library to authenticate API
+   requests and should be stored in a secure location.
+
+## Troubleshooting
+
+If you're having trouble authenticating you can ask for help by following the
+{file:TROUBLESHOOTING.md Troubleshooting Guide}.

data/lib/google/cloud/asset/v1/asset_service_client.rb

@@ -194,12 +194,18 @@ module Google
             @export_assets = Google::Gax.create_api_call(
               @asset_service_stub.method(:export_assets),
               defaults["export_assets"],
-              exception_transformer: exception_transformer
+              exception_transformer: exception_transformer,
+              params_extractor: proc do |request|
+                {'parent' => request.parent}
+              end
             )
             @batch_get_assets_history = Google::Gax.create_api_call(
               @asset_service_stub.method(:batch_get_assets_history),
               defaults["batch_get_assets_history"],
-              exception_transformer: exception_transformer
+              exception_transformer: exception_transformer,
+              params_extractor: proc do |request|
+                {'parent' => request.parent}
+              end
             )
           end
 

data/lib/google/cloud/asset/v1/doc/google/protobuf/any.rb

@@ -97,7 +97,8 @@ module Google
     # @!attribute [rw] type_url
     #   @return [String]
     #     A URL/resource name that uniquely identifies the type of the serialized
-    #     protocol buffer message. The last segment of the URL's path must represent
+    #     protocol buffer message. This string must contain at least
+    #     one "/" character. The last segment of the URL's path must represent
     #     the fully qualified name of the type (as in
     #     `path/google.protobuf.Duration`). The name should be in a canonical form
     #     (e.g., leading "." is not accepted).

data/lib/google/cloud/asset/v1/doc/google/protobuf/timestamp.rb

@@ -15,17 +15,19 @@
 
 module Google
   module Protobuf
-    # A Timestamp represents a point in time independent of any time zone
-    # or calendar, represented as seconds and fractions of seconds at
-    # nanosecond resolution in UTC Epoch time. It is encoded using the
-    # Proleptic Gregorian Calendar which extends the Gregorian calendar
-    # backwards to year one. It is encoded assuming all minutes are 60
-    # seconds long, i.e. leap seconds are "smeared" so that no leap second
-    # table is needed for interpretation. Range is from
-    # 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z.
-    # By restricting to that range, we ensure that we can convert to
-    # and from  RFC 3339 date strings.
-    # See [https://www.ietf.org/rfc/rfc3339.txt](https://www.ietf.org/rfc/rfc3339.txt).
+    # A Timestamp represents a point in time independent of any time zone or local
+    # calendar, encoded as a count of seconds and fractions of seconds at
+    # nanosecond resolution. The count is relative to an epoch at UTC midnight on
+    # January 1, 1970, in the proleptic Gregorian calendar which extends the
+    # Gregorian calendar backwards to year one.
+    #
+    # All minutes are 60 seconds long. Leap seconds are "smeared" so that no leap
+    # second table is needed for interpretation, using a [24-hour linear
+    # smear](https://developers.google.com/time/smear).
+    #
+    # The range is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z. By
+    # restricting to that range, we ensure that we can convert to and from [RFC
+    # 3339](https://www.ietf.org/rfc/rfc3339.txt) date strings.
     #
     # = Examples
     #
@@ -86,12 +88,12 @@ module Google
     # 01:30 UTC on January 15, 2017.
     #
     # In JavaScript, one can convert a Date object to this format using the
-    # standard [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString]
+    # standard [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString)
     # method. In Python, a standard `datetime.datetime` object can be converted
     # to this format using [`strftime`](https://docs.python.org/2/library/time.html#time.strftime)
     # with the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one
     # can use the Joda Time's [`ISODateTimeFormat.dateTime()`](
-    # http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime--
+    # http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D
     # ) to obtain a formatter capable of generating timestamps in this format.
     # @!attribute [rw] seconds
     #   @return [Integer]

data/lib/google/cloud/asset/v1beta1/asset_service_client.rb

@@ -194,12 +194,18 @@ module Google
             @export_assets = Google::Gax.create_api_call(
               @asset_service_stub.method(:export_assets),
               defaults["export_assets"],
-              exception_transformer: exception_transformer
+              exception_transformer: exception_transformer,
+              params_extractor: proc do |request|
+                {'parent' => request.parent}
+              end
             )
             @batch_get_assets_history = Google::Gax.create_api_call(
               @asset_service_stub.method(:batch_get_assets_history),
               defaults["batch_get_assets_history"],
-              exception_transformer: exception_transformer
+              exception_transformer: exception_transformer,
+              params_extractor: proc do |request|
+                {'parent' => request.parent}
+              end
             )
           end
 

data/lib/google/cloud/asset/v1beta1/doc/google/protobuf/any.rb

@@ -97,7 +97,8 @@ module Google
     # @!attribute [rw] type_url
     #   @return [String]
     #     A URL/resource name that uniquely identifies the type of the serialized
-    #     protocol buffer message. The last segment of the URL's path must represent
+    #     protocol buffer message. This string must contain at least
+    #     one "/" character. The last segment of the URL's path must represent
     #     the fully qualified name of the type (as in
     #     `path/google.protobuf.Duration`). The name should be in a canonical form
     #     (e.g., leading "." is not accepted).

data/lib/google/cloud/asset/v1beta1/doc/google/protobuf/timestamp.rb

@@ -15,17 +15,19 @@
 
 module Google
   module Protobuf
-    # A Timestamp represents a point in time independent of any time zone
-    # or calendar, represented as seconds and fractions of seconds at
-    # nanosecond resolution in UTC Epoch time. It is encoded using the
-    # Proleptic Gregorian Calendar which extends the Gregorian calendar
-    # backwards to year one. It is encoded assuming all minutes are 60
-    # seconds long, i.e. leap seconds are "smeared" so that no leap second
-    # table is needed for interpretation. Range is from
-    # 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z.
-    # By restricting to that range, we ensure that we can convert to
-    # and from  RFC 3339 date strings.
-    # See [https://www.ietf.org/rfc/rfc3339.txt](https://www.ietf.org/rfc/rfc3339.txt).
+    # A Timestamp represents a point in time independent of any time zone or local
+    # calendar, encoded as a count of seconds and fractions of seconds at
+    # nanosecond resolution. The count is relative to an epoch at UTC midnight on
+    # January 1, 1970, in the proleptic Gregorian calendar which extends the
+    # Gregorian calendar backwards to year one.
+    #
+    # All minutes are 60 seconds long. Leap seconds are "smeared" so that no leap
+    # second table is needed for interpretation, using a [24-hour linear
+    # smear](https://developers.google.com/time/smear).
+    #
+    # The range is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z. By
+    # restricting to that range, we ensure that we can convert to and from [RFC
+    # 3339](https://www.ietf.org/rfc/rfc3339.txt) date strings.
     #
     # = Examples
     #
@@ -86,12 +88,12 @@ module Google
     # 01:30 UTC on January 15, 2017.
     #
     # In JavaScript, one can convert a Date object to this format using the
-    # standard [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString]
+    # standard [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString)
     # method. In Python, a standard `datetime.datetime` object can be converted
     # to this format using [`strftime`](https://docs.python.org/2/library/time.html#time.strftime)
     # with the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one
     # can use the Joda Time's [`ISODateTimeFormat.dateTime()`](
-    # http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime--
+    # http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D
     # ) to obtain a formatter capable of generating timestamps in this format.
     # @!attribute [rw] seconds
     #   @return [Integer]

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-asset
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-03-21 00:00:00.000000000 Z
+date: 2019-04-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-gax
@@ -115,6 +115,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".yardopts"
+- AUTHENTICATION.md
 - LICENSE
 - README.md
 - lib/google/cloud/asset.rb