google-cloud-binary_authorization-v1beta1 0.3.5 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/google/cloud/binary_authorization/v1beta1/binauthz_management_service/client.rb +37 -65
- data/lib/google/cloud/binary_authorization/v1beta1/binauthz_management_service/paths.rb +24 -5
- data/lib/google/cloud/binary_authorization/v1beta1/system_policy/client.rb +388 -0
- data/lib/google/cloud/binary_authorization/v1beta1/system_policy/credentials.rb +51 -0
- data/lib/google/cloud/binary_authorization/v1beta1/system_policy/paths.rb +66 -0
- data/lib/google/cloud/binary_authorization/v1beta1/system_policy.rb +49 -0
- data/lib/google/cloud/binary_authorization/v1beta1/version.rb +1 -1
- data/lib/google/cloud/binary_authorization/v1beta1.rb +1 -0
- data/lib/google/cloud/binaryauthorization/v1beta1/resources_pb.rb +7 -1
- data/lib/google/cloud/binaryauthorization/v1beta1/service_pb.rb +4 -0
- data/lib/google/cloud/binaryauthorization/v1beta1/service_services_pb.rb +34 -33
- data/proto_docs/google/cloud/binaryauthorization/v1beta1/resources.rb +73 -25
- data/proto_docs/google/cloud/binaryauthorization/v1beta1/service.rb +32 -37
- metadata +6 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b74ed6131ab9dfc91150bbb0cc27f3ad54655aff5b3fbda772e45f2cc3655fe6
|
4
|
+
data.tar.gz: c15c6b6fe55a063b3495aef59202ad86c86c2f6c356f8d7aaaafcb659a094dfd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 854bbf403916b22aeb3df35efcf76d2a38b6ce2a80aebe4b28a3553ad5249ffc7c58f510b283029cf38a792c3dedd7b4d816c2e67e6f1cf2884bfed800d54770
|
7
|
+
data.tar.gz: 626f9ca89ebc17354768dc0cdee2279dd398065bf42f1253a5410e8c69737c6fd0560f74c162cc20ac831dddbff4e801ec7d7a5d8fc485bb0b70c2c049f16f23
|
@@ -183,16 +183,13 @@ module Google
|
|
183
183
|
# Service calls
|
184
184
|
|
185
185
|
##
|
186
|
-
# A {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} specifies the
|
187
|
-
#
|
188
|
-
# attest to a container image, before the project is allowed to deploy that
|
186
|
+
# A {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} specifies the {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} that must attest to
|
187
|
+
# a container image, before the project is allowed to deploy that
|
189
188
|
# image. There is at most one policy per project. All image admission
|
190
189
|
# requests are permitted if a project has no policy.
|
191
190
|
#
|
192
|
-
# Gets the {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} for this
|
193
|
-
# project
|
194
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} if the project
|
195
|
-
# does not have one.
|
191
|
+
# Gets the {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} for this project. Returns a default
|
192
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} if the project does not have one.
|
196
193
|
#
|
197
194
|
# @overload get_policy(request, options = nil)
|
198
195
|
# Pass arguments to `get_policy` via a request object, either of type
|
@@ -210,9 +207,8 @@ module Google
|
|
210
207
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
211
208
|
#
|
212
209
|
# @param name [::String]
|
213
|
-
# Required. The resource name of the
|
214
|
-
#
|
215
|
-
# the format `projects/*/policy`.
|
210
|
+
# Required. The resource name of the {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} to retrieve,
|
211
|
+
# in the format `projects/*/policy`.
|
216
212
|
#
|
217
213
|
# @yield [response, operation] Access the result along with the RPC operation
|
218
214
|
# @yieldparam response [::Google::Cloud::BinaryAuthorization::V1beta1::Policy]
|
@@ -279,13 +275,11 @@ module Google
|
|
279
275
|
end
|
280
276
|
|
281
277
|
##
|
282
|
-
# Creates or updates a project's
|
283
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy},
|
284
|
-
#
|
285
|
-
#
|
286
|
-
#
|
287
|
-
# if the project does not exist, INVALID_ARGUMENT if the request is
|
288
|
-
# malformed.
|
278
|
+
# Creates or updates a project's {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy}, and returns a copy of the
|
279
|
+
# new {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy}. A policy is always updated as a whole, to avoid race
|
280
|
+
# conditions with concurrent policy enforcement (or management!)
|
281
|
+
# requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT
|
282
|
+
# if the request is malformed.
|
289
283
|
#
|
290
284
|
# @overload update_policy(request, options = nil)
|
291
285
|
# Pass arguments to `update_policy` via a request object, either of type
|
@@ -303,11 +297,9 @@ module Google
|
|
303
297
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
304
298
|
#
|
305
299
|
# @param policy [::Google::Cloud::BinaryAuthorization::V1beta1::Policy, ::Hash]
|
306
|
-
# Required. A new or updated
|
307
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy}
|
308
|
-
#
|
309
|
-
# name][google.cloud.binaryauthorization.v1beta1.Policy.name] field with the
|
310
|
-
# resource name in the request URL, in the format `projects/*/policy`.
|
300
|
+
# Required. A new or updated {::Google::Cloud::BinaryAuthorization::V1beta1::Policy policy} value. The service will
|
301
|
+
# overwrite the {::Google::Cloud::BinaryAuthorization::V1beta1::Policy#name policy name} field with the resource name in
|
302
|
+
# the request URL, in the format `projects/*/policy`.
|
311
303
|
#
|
312
304
|
# @yield [response, operation] Access the result along with the RPC operation
|
313
305
|
# @yieldparam response [::Google::Cloud::BinaryAuthorization::V1beta1::Policy]
|
@@ -374,13 +366,10 @@ module Google
|
|
374
366
|
end
|
375
367
|
|
376
368
|
##
|
377
|
-
# Creates an {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor},
|
378
|
-
#
|
379
|
-
#
|
380
|
-
#
|
381
|
-
# malformed, ALREADY_EXISTS if the
|
382
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} already
|
383
|
-
# exists.
|
369
|
+
# Creates an {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}, and returns a copy of the new
|
370
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}. Returns NOT_FOUND if the project does not exist,
|
371
|
+
# INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the
|
372
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} already exists.
|
384
373
|
#
|
385
374
|
# @overload create_attestor(request, options = nil)
|
386
375
|
# Pass arguments to `create_attestor` via a request object, either of type
|
@@ -398,17 +387,13 @@ module Google
|
|
398
387
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
399
388
|
#
|
400
389
|
# @param parent [::String]
|
401
|
-
# Required. The parent of this
|
402
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
|
390
|
+
# Required. The parent of this {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
|
403
391
|
# @param attestor_id [::String]
|
404
|
-
# Required. The
|
405
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} ID.
|
392
|
+
# Required. The {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} ID.
|
406
393
|
# @param attestor [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor, ::Hash]
|
407
|
-
# Required. The initial
|
408
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}
|
409
|
-
#
|
410
|
-
# name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with
|
411
|
-
# the resource name, in the format `projects/*/attestors/*`.
|
394
|
+
# Required. The initial {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} value. The service will
|
395
|
+
# overwrite the {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor#name attestor name} field with the resource name,
|
396
|
+
# in the format `projects/*/attestors/*`.
|
412
397
|
#
|
413
398
|
# @yield [response, operation] Access the result along with the RPC operation
|
414
399
|
# @yieldparam response [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor]
|
@@ -476,9 +461,7 @@ module Google
|
|
476
461
|
|
477
462
|
##
|
478
463
|
# Gets an {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
|
479
|
-
# Returns NOT_FOUND if the
|
480
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} does not
|
481
|
-
# exist.
|
464
|
+
# Returns NOT_FOUND if the {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} does not exist.
|
482
465
|
#
|
483
466
|
# @overload get_attestor(request, options = nil)
|
484
467
|
# Pass arguments to `get_attestor` via a request object, either of type
|
@@ -496,9 +479,8 @@ module Google
|
|
496
479
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
497
480
|
#
|
498
481
|
# @param name [::String]
|
499
|
-
# Required. The name of the
|
500
|
-
#
|
501
|
-
# in the format `projects/*/attestors/*`.
|
482
|
+
# Required. The name of the {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} to retrieve, in the format
|
483
|
+
# `projects/*/attestors/*`.
|
502
484
|
#
|
503
485
|
# @yield [response, operation] Access the result along with the RPC operation
|
504
486
|
# @yieldparam response [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor]
|
@@ -566,9 +548,7 @@ module Google
|
|
566
548
|
|
567
549
|
##
|
568
550
|
# Updates an {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
|
569
|
-
# Returns NOT_FOUND if the
|
570
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} does not
|
571
|
-
# exist.
|
551
|
+
# Returns NOT_FOUND if the {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} does not exist.
|
572
552
|
#
|
573
553
|
# @overload update_attestor(request, options = nil)
|
574
554
|
# Pass arguments to `update_attestor` via a request object, either of type
|
@@ -586,12 +566,9 @@ module Google
|
|
586
566
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
587
567
|
#
|
588
568
|
# @param attestor [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor, ::Hash]
|
589
|
-
# Required. The updated
|
590
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}
|
591
|
-
#
|
592
|
-
# name][google.cloud.binaryauthorization.v1beta1.Attestor.name] field with
|
593
|
-
# the resource name in the request URL, in the format
|
594
|
-
# `projects/*/attestors/*`.
|
569
|
+
# Required. The updated {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} value. The service will
|
570
|
+
# overwrite the {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor#name attestor name} field with the resource name
|
571
|
+
# in the request URL, in the format `projects/*/attestors/*`.
|
595
572
|
#
|
596
573
|
# @yield [response, operation] Access the result along with the RPC operation
|
597
574
|
# @yieldparam response [::Google::Cloud::BinaryAuthorization::V1beta1::Attestor]
|
@@ -678,16 +655,14 @@ module Google
|
|
678
655
|
#
|
679
656
|
# @param parent [::String]
|
680
657
|
# Required. The resource name of the project associated with the
|
681
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, in the
|
682
|
-
# format `projects/*`.
|
658
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors}, in the format `projects/*`.
|
683
659
|
# @param page_size [::Integer]
|
684
660
|
# Requested page size. The server may return fewer results than requested. If
|
685
661
|
# unspecified, the server will pick an appropriate default.
|
686
662
|
# @param page_token [::String]
|
687
663
|
# A token identifying a page of results the server should return. Typically,
|
688
|
-
# this is the value of
|
689
|
-
#
|
690
|
-
# returned from the previous call to the `ListAttestors` method.
|
664
|
+
# this is the value of {::Google::Cloud::BinaryAuthorization::V1beta1::ListAttestorsResponse#next_page_token ListAttestorsResponse.next_page_token} returned
|
665
|
+
# from the previous call to the `ListAttestors` method.
|
691
666
|
#
|
692
667
|
# @yield [response, operation] Access the result along with the RPC operation
|
693
668
|
# @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::BinaryAuthorization::V1beta1::Attestor>]
|
@@ -761,10 +736,8 @@ module Google
|
|
761
736
|
end
|
762
737
|
|
763
738
|
##
|
764
|
-
# Deletes an {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}.
|
765
|
-
#
|
766
|
-
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} does not
|
767
|
-
# exist.
|
739
|
+
# Deletes an {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor}. Returns NOT_FOUND if the
|
740
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestor} does not exist.
|
768
741
|
#
|
769
742
|
# @overload delete_attestor(request, options = nil)
|
770
743
|
# Pass arguments to `delete_attestor` via a request object, either of type
|
@@ -782,9 +755,8 @@ module Google
|
|
782
755
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
783
756
|
#
|
784
757
|
# @param name [::String]
|
785
|
-
# Required. The name of the
|
786
|
-
#
|
787
|
-
# in the format `projects/*/attestors/*`.
|
758
|
+
# Required. The name of the {::Google::Cloud::BinaryAuthorization::V1beta1::Attestor attestors} to delete, in the format
|
759
|
+
# `projects/*/attestors/*`.
|
788
760
|
#
|
789
761
|
# @yield [response, operation] Access the result along with the RPC operation
|
790
762
|
# @yieldparam response [::Google::Protobuf::Empty]
|
@@ -44,15 +44,34 @@ module Google
|
|
44
44
|
##
|
45
45
|
# Create a fully-qualified Policy resource string.
|
46
46
|
#
|
47
|
-
#
|
47
|
+
# @overload policy_path(project:)
|
48
|
+
# The resource will be in the following format:
|
48
49
|
#
|
49
|
-
#
|
50
|
+
# `projects/{project}/policy`
|
50
51
|
#
|
51
|
-
#
|
52
|
+
# @param project [String]
|
53
|
+
#
|
54
|
+
# @overload policy_path(location:)
|
55
|
+
# The resource will be in the following format:
|
56
|
+
#
|
57
|
+
# `locations/{location}/policy`
|
58
|
+
#
|
59
|
+
# @param location [String]
|
52
60
|
#
|
53
61
|
# @return [::String]
|
54
|
-
def policy_path
|
55
|
-
|
62
|
+
def policy_path **args
|
63
|
+
resources = {
|
64
|
+
"project" => (proc do |project:|
|
65
|
+
"projects/#{project}/policy"
|
66
|
+
end),
|
67
|
+
"location" => (proc do |location:|
|
68
|
+
"locations/#{location}/policy"
|
69
|
+
end)
|
70
|
+
}
|
71
|
+
|
72
|
+
resource = resources[args.keys.sort.join(":")]
|
73
|
+
raise ::ArgumentError, "no resource found for values #{args.keys}" if resource.nil?
|
74
|
+
resource.call(**args)
|
56
75
|
end
|
57
76
|
|
58
77
|
##
|
@@ -0,0 +1,388 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
require "google/cloud/errors"
|
20
|
+
require "google/cloud/binaryauthorization/v1beta1/service_pb"
|
21
|
+
|
22
|
+
module Google
|
23
|
+
module Cloud
|
24
|
+
module BinaryAuthorization
|
25
|
+
module V1beta1
|
26
|
+
module SystemPolicy
|
27
|
+
##
|
28
|
+
# Client for the SystemPolicy service.
|
29
|
+
#
|
30
|
+
# API for working with the system policy.
|
31
|
+
#
|
32
|
+
class Client
|
33
|
+
include Paths
|
34
|
+
|
35
|
+
# @private
|
36
|
+
attr_reader :system_policy_stub
|
37
|
+
|
38
|
+
##
|
39
|
+
# Configure the SystemPolicy Client class.
|
40
|
+
#
|
41
|
+
# See {::Google::Cloud::BinaryAuthorization::V1beta1::SystemPolicy::Client::Configuration}
|
42
|
+
# for a description of the configuration fields.
|
43
|
+
#
|
44
|
+
# @example
|
45
|
+
#
|
46
|
+
# # Modify the configuration for all SystemPolicy clients
|
47
|
+
# ::Google::Cloud::BinaryAuthorization::V1beta1::SystemPolicy::Client.configure do |config|
|
48
|
+
# config.timeout = 10.0
|
49
|
+
# end
|
50
|
+
#
|
51
|
+
# @yield [config] Configure the Client client.
|
52
|
+
# @yieldparam config [Client::Configuration]
|
53
|
+
#
|
54
|
+
# @return [Client::Configuration]
|
55
|
+
#
|
56
|
+
def self.configure
|
57
|
+
@configure ||= begin
|
58
|
+
namespace = ["Google", "Cloud", "BinaryAuthorization", "V1beta1"]
|
59
|
+
parent_config = while namespace.any?
|
60
|
+
parent_name = namespace.join "::"
|
61
|
+
parent_const = const_get parent_name
|
62
|
+
break parent_const.configure if parent_const.respond_to? :configure
|
63
|
+
namespace.pop
|
64
|
+
end
|
65
|
+
default_config = Client::Configuration.new parent_config
|
66
|
+
|
67
|
+
default_config
|
68
|
+
end
|
69
|
+
yield @configure if block_given?
|
70
|
+
@configure
|
71
|
+
end
|
72
|
+
|
73
|
+
##
|
74
|
+
# Configure the SystemPolicy Client instance.
|
75
|
+
#
|
76
|
+
# The configuration is set to the derived mode, meaning that values can be changed,
|
77
|
+
# but structural changes (adding new fields, etc.) are not allowed. Structural changes
|
78
|
+
# should be made on {Client.configure}.
|
79
|
+
#
|
80
|
+
# See {::Google::Cloud::BinaryAuthorization::V1beta1::SystemPolicy::Client::Configuration}
|
81
|
+
# for a description of the configuration fields.
|
82
|
+
#
|
83
|
+
# @yield [config] Configure the Client client.
|
84
|
+
# @yieldparam config [Client::Configuration]
|
85
|
+
#
|
86
|
+
# @return [Client::Configuration]
|
87
|
+
#
|
88
|
+
def configure
|
89
|
+
yield @config if block_given?
|
90
|
+
@config
|
91
|
+
end
|
92
|
+
|
93
|
+
##
|
94
|
+
# Create a new SystemPolicy client object.
|
95
|
+
#
|
96
|
+
# @example
|
97
|
+
#
|
98
|
+
# # Create a client using the default configuration
|
99
|
+
# client = ::Google::Cloud::BinaryAuthorization::V1beta1::SystemPolicy::Client.new
|
100
|
+
#
|
101
|
+
# # Create a client using a custom configuration
|
102
|
+
# client = ::Google::Cloud::BinaryAuthorization::V1beta1::SystemPolicy::Client.new do |config|
|
103
|
+
# config.timeout = 10.0
|
104
|
+
# end
|
105
|
+
#
|
106
|
+
# @yield [config] Configure the SystemPolicy client.
|
107
|
+
# @yieldparam config [Client::Configuration]
|
108
|
+
#
|
109
|
+
def initialize
|
110
|
+
# These require statements are intentionally placed here to initialize
|
111
|
+
# the gRPC module only when it's required.
|
112
|
+
# See https://github.com/googleapis/toolkit/issues/446
|
113
|
+
require "gapic/grpc"
|
114
|
+
require "google/cloud/binaryauthorization/v1beta1/service_services_pb"
|
115
|
+
|
116
|
+
# Create the configuration object
|
117
|
+
@config = Configuration.new Client.configure
|
118
|
+
|
119
|
+
# Yield the configuration if needed
|
120
|
+
yield @config if block_given?
|
121
|
+
|
122
|
+
# Create credentials
|
123
|
+
credentials = @config.credentials
|
124
|
+
# Use self-signed JWT if the endpoint is unchanged from default,
|
125
|
+
# but only if the default endpoint does not have a region prefix.
|
126
|
+
enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
|
127
|
+
!@config.endpoint.split(".").first.include?("-")
|
128
|
+
credentials ||= Credentials.default scope: @config.scope,
|
129
|
+
enable_self_signed_jwt: enable_self_signed_jwt
|
130
|
+
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
131
|
+
credentials = Credentials.new credentials, scope: @config.scope
|
132
|
+
end
|
133
|
+
@quota_project_id = @config.quota_project
|
134
|
+
@quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id
|
135
|
+
|
136
|
+
@system_policy_stub = ::Gapic::ServiceStub.new(
|
137
|
+
::Google::Cloud::BinaryAuthorization::V1beta1::SystemPolicyV1Beta1::Stub,
|
138
|
+
credentials: credentials,
|
139
|
+
endpoint: @config.endpoint,
|
140
|
+
channel_args: @config.channel_args,
|
141
|
+
interceptors: @config.interceptors
|
142
|
+
)
|
143
|
+
end
|
144
|
+
|
145
|
+
# Service calls
|
146
|
+
|
147
|
+
##
|
148
|
+
# Gets the current system policy in the specified location.
|
149
|
+
#
|
150
|
+
# @overload get_system_policy(request, options = nil)
|
151
|
+
# Pass arguments to `get_system_policy` via a request object, either of type
|
152
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::GetSystemPolicyRequest} or an equivalent Hash.
|
153
|
+
#
|
154
|
+
# @param request [::Google::Cloud::BinaryAuthorization::V1beta1::GetSystemPolicyRequest, ::Hash]
|
155
|
+
# A request object representing the call parameters. Required. To specify no
|
156
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
157
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
158
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
159
|
+
#
|
160
|
+
# @overload get_system_policy(name: nil)
|
161
|
+
# Pass arguments to `get_system_policy` via keyword arguments. Note that at
|
162
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
163
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
164
|
+
#
|
165
|
+
# @param name [::String]
|
166
|
+
# Required. The resource name, in the format `locations/*/policy`.
|
167
|
+
# Note that the system policy is not associated with a project.
|
168
|
+
#
|
169
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
170
|
+
# @yieldparam response [::Google::Cloud::BinaryAuthorization::V1beta1::Policy]
|
171
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
172
|
+
#
|
173
|
+
# @return [::Google::Cloud::BinaryAuthorization::V1beta1::Policy]
|
174
|
+
#
|
175
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
176
|
+
#
|
177
|
+
# @example Basic example
|
178
|
+
# require "google/cloud/binary_authorization/v1beta1"
|
179
|
+
#
|
180
|
+
# # Create a client object. The client can be reused for multiple calls.
|
181
|
+
# client = Google::Cloud::BinaryAuthorization::V1beta1::SystemPolicy::Client.new
|
182
|
+
#
|
183
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
184
|
+
# request = Google::Cloud::BinaryAuthorization::V1beta1::GetSystemPolicyRequest.new
|
185
|
+
#
|
186
|
+
# # Call the get_system_policy method.
|
187
|
+
# result = client.get_system_policy request
|
188
|
+
#
|
189
|
+
# # The returned object is of type Google::Cloud::BinaryAuthorization::V1beta1::Policy.
|
190
|
+
# p result
|
191
|
+
#
|
192
|
+
def get_system_policy request, options = nil
|
193
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
194
|
+
|
195
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::BinaryAuthorization::V1beta1::GetSystemPolicyRequest
|
196
|
+
|
197
|
+
# Converts hash and nil to an options object
|
198
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
199
|
+
|
200
|
+
# Customize the options with defaults
|
201
|
+
metadata = @config.rpcs.get_system_policy.metadata.to_h
|
202
|
+
|
203
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
204
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
205
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
206
|
+
gapic_version: ::Google::Cloud::BinaryAuthorization::V1beta1::VERSION
|
207
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
208
|
+
|
209
|
+
header_params = {}
|
210
|
+
if request.name
|
211
|
+
header_params["name"] = request.name
|
212
|
+
end
|
213
|
+
|
214
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
215
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
216
|
+
|
217
|
+
options.apply_defaults timeout: @config.rpcs.get_system_policy.timeout,
|
218
|
+
metadata: metadata,
|
219
|
+
retry_policy: @config.rpcs.get_system_policy.retry_policy
|
220
|
+
|
221
|
+
options.apply_defaults timeout: @config.timeout,
|
222
|
+
metadata: @config.metadata,
|
223
|
+
retry_policy: @config.retry_policy
|
224
|
+
|
225
|
+
@system_policy_stub.call_rpc :get_system_policy, request, options: options do |response, operation|
|
226
|
+
yield response, operation if block_given?
|
227
|
+
return response
|
228
|
+
end
|
229
|
+
rescue ::GRPC::BadStatus => e
|
230
|
+
raise ::Google::Cloud::Error.from_error(e)
|
231
|
+
end
|
232
|
+
|
233
|
+
##
|
234
|
+
# Configuration class for the SystemPolicy API.
|
235
|
+
#
|
236
|
+
# This class represents the configuration for SystemPolicy,
|
237
|
+
# providing control over timeouts, retry behavior, logging, transport
|
238
|
+
# parameters, and other low-level controls. Certain parameters can also be
|
239
|
+
# applied individually to specific RPCs. See
|
240
|
+
# {::Google::Cloud::BinaryAuthorization::V1beta1::SystemPolicy::Client::Configuration::Rpcs}
|
241
|
+
# for a list of RPCs that can be configured independently.
|
242
|
+
#
|
243
|
+
# Configuration can be applied globally to all clients, or to a single client
|
244
|
+
# on construction.
|
245
|
+
#
|
246
|
+
# @example
|
247
|
+
#
|
248
|
+
# # Modify the global config, setting the timeout for
|
249
|
+
# # get_system_policy to 20 seconds,
|
250
|
+
# # and all remaining timeouts to 10 seconds.
|
251
|
+
# ::Google::Cloud::BinaryAuthorization::V1beta1::SystemPolicy::Client.configure do |config|
|
252
|
+
# config.timeout = 10.0
|
253
|
+
# config.rpcs.get_system_policy.timeout = 20.0
|
254
|
+
# end
|
255
|
+
#
|
256
|
+
# # Apply the above configuration only to a new client.
|
257
|
+
# client = ::Google::Cloud::BinaryAuthorization::V1beta1::SystemPolicy::Client.new do |config|
|
258
|
+
# config.timeout = 10.0
|
259
|
+
# config.rpcs.get_system_policy.timeout = 20.0
|
260
|
+
# end
|
261
|
+
#
|
262
|
+
# @!attribute [rw] endpoint
|
263
|
+
# The hostname or hostname:port of the service endpoint.
|
264
|
+
# Defaults to `"binaryauthorization.googleapis.com"`.
|
265
|
+
# @return [::String]
|
266
|
+
# @!attribute [rw] credentials
|
267
|
+
# Credentials to send with calls. You may provide any of the following types:
|
268
|
+
# * (`String`) The path to a service account key file in JSON format
|
269
|
+
# * (`Hash`) A service account key as a Hash
|
270
|
+
# * (`Google::Auth::Credentials`) A googleauth credentials object
|
271
|
+
# (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
|
272
|
+
# * (`Signet::OAuth2::Client`) A signet oauth2 client object
|
273
|
+
# (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
|
274
|
+
# * (`GRPC::Core::Channel`) a gRPC channel with included credentials
|
275
|
+
# * (`GRPC::Core::ChannelCredentials`) a gRPC credentails object
|
276
|
+
# * (`nil`) indicating no credentials
|
277
|
+
# @return [::Object]
|
278
|
+
# @!attribute [rw] scope
|
279
|
+
# The OAuth scopes
|
280
|
+
# @return [::Array<::String>]
|
281
|
+
# @!attribute [rw] lib_name
|
282
|
+
# The library name as recorded in instrumentation and logging
|
283
|
+
# @return [::String]
|
284
|
+
# @!attribute [rw] lib_version
|
285
|
+
# The library version as recorded in instrumentation and logging
|
286
|
+
# @return [::String]
|
287
|
+
# @!attribute [rw] channel_args
|
288
|
+
# Extra parameters passed to the gRPC channel. Note: this is ignored if a
|
289
|
+
# `GRPC::Core::Channel` object is provided as the credential.
|
290
|
+
# @return [::Hash]
|
291
|
+
# @!attribute [rw] interceptors
|
292
|
+
# An array of interceptors that are run before calls are executed.
|
293
|
+
# @return [::Array<::GRPC::ClientInterceptor>]
|
294
|
+
# @!attribute [rw] timeout
|
295
|
+
# The call timeout in seconds.
|
296
|
+
# @return [::Numeric]
|
297
|
+
# @!attribute [rw] metadata
|
298
|
+
# Additional gRPC headers to be sent with the call.
|
299
|
+
# @return [::Hash{::Symbol=>::String}]
|
300
|
+
# @!attribute [rw] retry_policy
|
301
|
+
# The retry policy. The value is a hash with the following keys:
|
302
|
+
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
303
|
+
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
304
|
+
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
305
|
+
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
306
|
+
# trigger a retry.
|
307
|
+
# @return [::Hash]
|
308
|
+
# @!attribute [rw] quota_project
|
309
|
+
# A separate project against which to charge quota.
|
310
|
+
# @return [::String]
|
311
|
+
#
|
312
|
+
class Configuration
|
313
|
+
extend ::Gapic::Config
|
314
|
+
|
315
|
+
config_attr :endpoint, "binaryauthorization.googleapis.com", ::String
|
316
|
+
config_attr :credentials, nil do |value|
|
317
|
+
allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
318
|
+
allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
|
319
|
+
allowed.any? { |klass| klass === value }
|
320
|
+
end
|
321
|
+
config_attr :scope, nil, ::String, ::Array, nil
|
322
|
+
config_attr :lib_name, nil, ::String, nil
|
323
|
+
config_attr :lib_version, nil, ::String, nil
|
324
|
+
config_attr(:channel_args, { "grpc.service_config_disable_resolution" => 1 }, ::Hash, nil)
|
325
|
+
config_attr :interceptors, nil, ::Array, nil
|
326
|
+
config_attr :timeout, nil, ::Numeric, nil
|
327
|
+
config_attr :metadata, nil, ::Hash, nil
|
328
|
+
config_attr :retry_policy, nil, ::Hash, ::Proc, nil
|
329
|
+
config_attr :quota_project, nil, ::String, nil
|
330
|
+
|
331
|
+
# @private
|
332
|
+
def initialize parent_config = nil
|
333
|
+
@parent_config = parent_config unless parent_config.nil?
|
334
|
+
|
335
|
+
yield self if block_given?
|
336
|
+
end
|
337
|
+
|
338
|
+
##
|
339
|
+
# Configurations for individual RPCs
|
340
|
+
# @return [Rpcs]
|
341
|
+
#
|
342
|
+
def rpcs
|
343
|
+
@rpcs ||= begin
|
344
|
+
parent_rpcs = nil
|
345
|
+
parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs)
|
346
|
+
Rpcs.new parent_rpcs
|
347
|
+
end
|
348
|
+
end
|
349
|
+
|
350
|
+
##
|
351
|
+
# Configuration RPC class for the SystemPolicy API.
|
352
|
+
#
|
353
|
+
# Includes fields providing the configuration for each RPC in this service.
|
354
|
+
# Each configuration object is of type `Gapic::Config::Method` and includes
|
355
|
+
# the following configuration fields:
|
356
|
+
#
|
357
|
+
# * `timeout` (*type:* `Numeric`) - The call timeout in seconds
|
358
|
+
# * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional gRPC headers
|
359
|
+
# * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields
|
360
|
+
# include the following keys:
|
361
|
+
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
362
|
+
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
363
|
+
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
364
|
+
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
365
|
+
# trigger a retry.
|
366
|
+
#
|
367
|
+
class Rpcs
|
368
|
+
##
|
369
|
+
# RPC-specific configuration for `get_system_policy`
|
370
|
+
# @return [::Gapic::Config::Method]
|
371
|
+
#
|
372
|
+
attr_reader :get_system_policy
|
373
|
+
|
374
|
+
# @private
|
375
|
+
def initialize parent_rpcs = nil
|
376
|
+
get_system_policy_config = parent_rpcs.get_system_policy if parent_rpcs.respond_to? :get_system_policy
|
377
|
+
@get_system_policy = ::Gapic::Config::Method.new get_system_policy_config
|
378
|
+
|
379
|
+
yield self if block_given?
|
380
|
+
end
|
381
|
+
end
|
382
|
+
end
|
383
|
+
end
|
384
|
+
end
|
385
|
+
end
|
386
|
+
end
|
387
|
+
end
|
388
|
+
end
|