google-cloud-confidential_computing-v1 1.2.0 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7d6cb6f45afcee01df52b5d3647530f48326518d3c6198e42faa67d74a50fd8c
-  data.tar.gz: 0d3b72403cabcd74bacb22586e53a896c9f90a671817aab98eb504f7ea1209a9
+  metadata.gz: c950bfd2db670f1c8019b285f44faebe042ed46cc58b5493781fc0f9655cc984
+  data.tar.gz: 5b4e0121358facbd0d5c4ee4b4b10b91efd1ceb7a5b49f5a2e09f34caba2a60a
 SHA512:
-  metadata.gz: 0de4c6ebe465a4063f38a696e602176b32e46c9c1ef6f64e61865eb663bb1304a0f8fb83079932aedfbfc7269243bfc59d83565c6451f408d8859c5a1063661d
-  data.tar.gz: 56f58921cca4622341d6543f4dda0489725f393a3058e5391f6de6f1e456b6d1f8be9f1ad00cc02fb048a21d2f8c44b4a04d89352411fec1dd40f472e73457ed
+  metadata.gz: 91cfc15248f36a8b5c727825774be43e224d2c95afaa8b7d3e33425cad8c503f8c47a32f2fceb1398ca72435f18c67aca1eb845d91fb7483b2ec84be17873bbe
+  data.tar.gz: 562a6c442e3ea6360e3721c32a8638e8b611fb5297b1641b59caf8a7a58c55ad21a69c2bbb00b68869397dbab256ce4c20fc28fea258c74ae6da418afca33fcf

data/README.md

@@ -42,40 +42,50 @@ for class and method documentation.
 See also the [Product Documentation](https://cloud.google.com/confidential-computing)
 for general usage information.
 
-## Enabling Logging
-
-To enable logging for this library, set the logger for the underlying [gRPC](https://github.com/grpc/grpc/tree/master/src/ruby) library.
-The logger that you set may be a Ruby stdlib [`Logger`](https://ruby-doc.org/current/stdlibs/logger/Logger.html) as shown below,
-or a [`Google::Cloud::Logging::Logger`](https://cloud.google.com/ruby/docs/reference/google-cloud-logging/latest)
-that will write logs to [Cloud Logging](https://cloud.google.com/logging/). See [grpc/logconfig.rb](https://github.com/grpc/grpc/blob/master/src/ruby/lib/grpc/logconfig.rb)
-and the gRPC [spec_helper.rb](https://github.com/grpc/grpc/blob/master/src/ruby/spec/spec_helper.rb) for additional information.
-
-Configuring a Ruby stdlib logger:
+## Debug Logging
+
+This library comes with opt-in Debug Logging that can help you troubleshoot
+your application's integration with the API. When logging is activated, key
+events such as requests and responses, along with data payloads and metadata
+such as headers and client configuration, are logged to the standard error
+stream.
+
+**WARNING:** Client Library Debug Logging includes your data payloads in
+plaintext, which could include sensitive data such as PII for yourself or your
+customers, private keys, or other security data that could be compromising if
+leaked. Always practice good data hygiene with your application logs, and follow
+the principle of least access. Google also recommends that Client Library Debug
+Logging be enabled only temporarily during active debugging, and not used
+permanently in production.
+
+To enable logging, set the environment variable `GOOGLE_SDK_RUBY_LOGGING_GEMS`
+to the value `all`. Alternatively, you can set the value to a comma-delimited
+list of client library gem names. This will select the default logging behavior,
+which writes logs to the standard error stream. On a local workstation, this may
+result in logs appearing on the console. When running on a Google Cloud hosting
+service such as [Google Cloud Run](https://cloud.google.com/run), this generally
+results in logs appearing alongside your application logs in the
+[Google Cloud Logging](https://cloud.google.com/logging/) service.
+
+You can customize logging by modifying the `logger` configuration when
+constructing a client object. For example:
 
 ```ruby
+require "google/cloud/confidential_computing/v1"
 require "logger"
 
-module MyLogger
-  LOGGER = Logger.new $stderr, level: Logger::WARN
-  def logger
-    LOGGER
-  end
-end
-
-# Define a gRPC module-level logger method before grpc/logconfig.rb loads.
-module GRPC
-  extend MyLogger
+client = ::Google::Cloud::ConfidentialComputing::V1::ConfidentialComputing::Client.new do |config|
+  config.logger = Logger.new "my-app.log"
 end
 ```
 
-
 ## Google Cloud Samples
 
 To browse ready to use code samples check [Google Cloud Samples](https://cloud.google.com/docs/samples).
 
 ## Supported Ruby Versions
 
-This library is supported on Ruby 2.7+.
+This library is supported on Ruby 3.0+.
 
 Google provides official support for Ruby versions that are actively supported
 by Ruby Core—that is, Ruby versions that are either in normal maintenance or

data/lib/google/cloud/confidential_computing/v1/confidential_computing/client.rb

@@ -170,14 +170,26 @@ module Google
                 universe_domain: @config.universe_domain,
                 channel_args: @config.channel_args,
                 interceptors: @config.interceptors,
-                channel_pool_config: @config.channel_pool
+                channel_pool_config: @config.channel_pool,
+                logger: @config.logger
               )
 
+              @confidential_computing_stub.stub_logger&.info do |entry|
+                entry.set_system_name
+                entry.set_service
+                entry.message = "Created client for #{entry.service}"
+                entry.set_credentials_fields credentials
+                entry.set "customEndpoint", @config.endpoint if @config.endpoint
+                entry.set "defaultTimeout", @config.timeout if @config.timeout
+                entry.set "quotaProject", @quota_project_id if @quota_project_id
+              end
+
               @location_client = Google::Cloud::Location::Locations::Client.new do |config|
                 config.credentials = credentials
                 config.quota_project = @quota_project_id
                 config.endpoint = @confidential_computing_stub.endpoint
                 config.universe_domain = @confidential_computing_stub.universe_domain
+                config.logger = @confidential_computing_stub.logger if config.respond_to? :logger=
               end
             end
 
@@ -188,6 +200,15 @@ module Google
             #
             attr_reader :location_client
 
+            ##
+            # The logger used for request/response debug logging.
+            #
+            # @return [Logger]
+            #
+            def logger
+              @confidential_computing_stub.logger
+            end
+
             # Service calls
 
             ##
@@ -274,7 +295,6 @@ module Google
 
               @confidential_computing_stub.call_rpc :create_challenge, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -300,8 +320,12 @@ module Google
             #
             #   @param td_ccel [::Google::Cloud::ConfidentialComputing::V1::TdxCcelAttestation, ::Hash]
             #     Optional. A TDX with CCEL and RTMR Attestation Quote.
+            #
+            #     Note: The following fields are mutually exclusive: `td_ccel`, `sev_snp_attestation`. If a field in that set is populated, all other fields in the set will automatically be cleared.
             #   @param sev_snp_attestation [::Google::Cloud::ConfidentialComputing::V1::SevSnpAttestation, ::Hash]
             #     Optional. An SEV-SNP Attestation Report.
+            #
+            #     Note: The following fields are mutually exclusive: `sev_snp_attestation`, `td_ccel`. If a field in that set is populated, all other fields in the set will automatically be cleared.
             #   @param challenge [::String]
             #     Required. The name of the Challenge whose nonce was used to generate the
             #     attestation, in the format `projects/*/locations/*/challenges/*`. The
@@ -377,7 +401,6 @@ module Google
 
               @confidential_computing_stub.call_rpc :verify_attestation, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -427,6 +450,13 @@ module Google
             #    *  (`GRPC::Core::Channel`) a gRPC channel with included credentials
             #    *  (`GRPC::Core::ChannelCredentials`) a gRPC credentails object
             #    *  (`nil`) indicating no credentials
+            #
+            #   Warning: If you accept a credential configuration (JSON file or Hash) from an
+            #   external source for authentication to Google Cloud, you must validate it before
+            #   providing it to a Google API client library. Providing an unvalidated credential
+            #   configuration to Google APIs can compromise the security of your systems and data.
+            #   For more information, refer to [Validate credential configurations from external
+            #   sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials).
             #   @return [::Object]
             # @!attribute [rw] scope
             #   The OAuth scopes
@@ -466,6 +496,11 @@ module Google
             #   default endpoint URL. The default value of nil uses the environment
             #   universe (usually the default "googleapis.com" universe).
             #   @return [::String,nil]
+            # @!attribute [rw] logger
+            #   A custom logger to use for request/response debug logging, or the value
+            #   `:default` (the default) to construct a default logger, or `nil` to
+            #   explicitly disable logging.
+            #   @return [::Logger,:default,nil]
             #
             class Configuration
               extend ::Gapic::Config
@@ -490,6 +525,7 @@ module Google
               config_attr :retry_policy,  nil, ::Hash, ::Proc, nil
               config_attr :quota_project, nil, ::String, nil
               config_attr :universe_domain, nil, ::String, nil
+              config_attr :logger, :default, ::Logger, nil, :default
 
               # @private
               def initialize parent_config = nil

data/lib/google/cloud/confidential_computing/v1/confidential_computing/rest/client.rb

@@ -163,15 +163,27 @@ module Google
                   endpoint: @config.endpoint,
                   endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
                   universe_domain: @config.universe_domain,
-                  credentials: credentials
+                  credentials: credentials,
+                  logger: @config.logger
                 )
 
+                @confidential_computing_stub.logger(stub: true)&.info do |entry|
+                  entry.set_system_name
+                  entry.set_service
+                  entry.message = "Created client for #{entry.service}"
+                  entry.set_credentials_fields credentials
+                  entry.set "customEndpoint", @config.endpoint if @config.endpoint
+                  entry.set "defaultTimeout", @config.timeout if @config.timeout
+                  entry.set "quotaProject", @quota_project_id if @quota_project_id
+                end
+
                 @location_client = Google::Cloud::Location::Locations::Rest::Client.new do |config|
                   config.credentials = credentials
                   config.quota_project = @quota_project_id
                   config.endpoint = @confidential_computing_stub.endpoint
                   config.universe_domain = @confidential_computing_stub.universe_domain
                   config.bindings_override = @config.bindings_override
+                  config.logger = @confidential_computing_stub.logger if config.respond_to? :logger=
                 end
               end
 
@@ -182,6 +194,15 @@ module Google
               #
               attr_reader :location_client
 
+              ##
+              # The logger used for request/response debug logging.
+              #
+              # @return [Logger]
+              #
+              def logger
+                @confidential_computing_stub.logger
+              end
+
               # Service calls
 
               ##
@@ -261,7 +282,6 @@ module Google
 
                 @confidential_computing_stub.create_challenge request, options do |result, operation|
                   yield result, operation if block_given?
-                  return result
                 end
               rescue ::Gapic::Rest::Error => e
                 raise ::Google::Cloud::Error.from_error(e)
@@ -287,8 +307,12 @@ module Google
               #
               #   @param td_ccel [::Google::Cloud::ConfidentialComputing::V1::TdxCcelAttestation, ::Hash]
               #     Optional. A TDX with CCEL and RTMR Attestation Quote.
+              #
+              #     Note: The following fields are mutually exclusive: `td_ccel`, `sev_snp_attestation`. If a field in that set is populated, all other fields in the set will automatically be cleared.
               #   @param sev_snp_attestation [::Google::Cloud::ConfidentialComputing::V1::SevSnpAttestation, ::Hash]
               #     Optional. An SEV-SNP Attestation Report.
+              #
+              #     Note: The following fields are mutually exclusive: `sev_snp_attestation`, `td_ccel`. If a field in that set is populated, all other fields in the set will automatically be cleared.
               #   @param challenge [::String]
               #     Required. The name of the Challenge whose nonce was used to generate the
               #     attestation, in the format `projects/*/locations/*/challenges/*`. The
@@ -357,7 +381,6 @@ module Google
 
                 @confidential_computing_stub.verify_attestation request, options do |result, operation|
                   yield result, operation if block_given?
-                  return result
                 end
               rescue ::Gapic::Rest::Error => e
                 raise ::Google::Cloud::Error.from_error(e)
@@ -405,6 +428,13 @@ module Google
               #    *  (`Signet::OAuth2::Client`) A signet oauth2 client object
               #       (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client))
               #    *  (`nil`) indicating no credentials
+              #
+              #   Warning: If you accept a credential configuration (JSON file or Hash) from an
+              #   external source for authentication to Google Cloud, you must validate it before
+              #   providing it to a Google API client library. Providing an unvalidated credential
+              #   configuration to Google APIs can compromise the security of your systems and data.
+              #   For more information, refer to [Validate credential configurations from external
+              #   sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials).
               #   @return [::Object]
               # @!attribute [rw] scope
               #   The OAuth scopes
@@ -437,6 +467,11 @@ module Google
               #   default endpoint URL. The default value of nil uses the environment
               #   universe (usually the default "googleapis.com" universe).
               #   @return [::String,nil]
+              # @!attribute [rw] logger
+              #   A custom logger to use for request/response debug logging, or the value
+              #   `:default` (the default) to construct a default logger, or `nil` to
+              #   explicitly disable logging.
+              #   @return [::Logger,:default,nil]
               #
               class Configuration
                 extend ::Gapic::Config
@@ -465,6 +500,7 @@ module Google
                 # by the host service.
                 # @return [::Hash{::Symbol=>::Array<::Gapic::Rest::GrpcTranscoder::HttpBinding>}]
                 config_attr :bindings_override, {}, ::Hash, nil
+                config_attr :logger, :default, ::Logger, nil, :default
 
                 # @private
                 def initialize parent_config = nil

data/lib/google/cloud/confidential_computing/v1/confidential_computing/rest/service_stub.rb

@@ -30,7 +30,8 @@ module Google
             # including transcoding, making the REST call, and deserialing the response.
             #
             class ServiceStub
-              def initialize endpoint:, endpoint_template:, universe_domain:, credentials:
+              # @private
+              def initialize endpoint:, endpoint_template:, universe_domain:, credentials:, logger:
                 # These require statements are intentionally placed here to initialize
                 # the REST modules only when it's required.
                 require "gapic/rest"
@@ -40,7 +41,9 @@ module Google
                                                              universe_domain: universe_domain,
                                                              credentials: credentials,
                                                              numeric_enums: true,
-                                                             raise_faraday_errors: false
+                                                             service_name: self.class,
+                                                             raise_faraday_errors: false,
+                                                             logger: logger
               end
 
               ##
@@ -61,6 +64,15 @@ module Google
                 @client_stub.endpoint
               end
 
+              ##
+              # The logger used for request/response debug logging.
+              #
+              # @return [Logger]
+              #
+              def logger stub: false
+                stub ? @client_stub.stub_logger : @client_stub.logger
+              end
+
               ##
               # Baseline implementation for the create_challenge REST call
               #
@@ -87,16 +99,18 @@ module Google
 
                 response = @client_stub.make_http_request(
                   verb,
-                  uri:     uri,
-                  body:    body || "",
-                  params:  query_string_params,
+                  uri: uri,
+                  body: body || "",
+                  params: query_string_params,
+                  method_name: "create_challenge",
                   options: options
                 )
                 operation = ::Gapic::Rest::TransportOperation.new response
                 result = ::Google::Cloud::ConfidentialComputing::V1::Challenge.decode_json response.body, ignore_unknown_fields: true
-
-                yield result, operation if block_given?
-                result
+                catch :response do
+                  yield result, operation if block_given?
+                  result
+                end
               end
 
               ##
@@ -125,16 +139,18 @@ module Google
 
                 response = @client_stub.make_http_request(
                   verb,
-                  uri:     uri,
-                  body:    body || "",
-                  params:  query_string_params,
+                  uri: uri,
+                  body: body || "",
+                  params: query_string_params,
+                  method_name: "verify_attestation",
                   options: options
                 )
                 operation = ::Gapic::Rest::TransportOperation.new response
                 result = ::Google::Cloud::ConfidentialComputing::V1::VerifyAttestationResponse.decode_json response.body, ignore_unknown_fields: true
-
-                yield result, operation if block_given?
-                result
+                catch :response do
+                  yield result, operation if block_given?
+                  result
+                end
               end
 
               ##

data/lib/google/cloud/confidential_computing/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module ConfidentialComputing
       module V1
-        VERSION = "1.2.0"
+        VERSION = "1.4.0"
       end
     end
   end

data/proto_docs/google/api/client.rb

@@ -306,9 +306,28 @@ module Google
     # @!attribute [rw] common
     #   @return [::Google::Api::CommonLanguageSettings]
     #     Some settings.
+    # @!attribute [rw] renamed_services
+    #   @return [::Google::Protobuf::Map{::String => ::String}]
+    #     Map of service names to renamed services. Keys are the package relative
+    #     service names and values are the name to be used for the service client
+    #     and call options.
+    #
+    #     publishing:
+    #       go_settings:
+    #         renamed_services:
+    #           Publisher: TopicAdmin
     class GoSettings
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # @!attribute [rw] key
+      #   @return [::String]
+      # @!attribute [rw] value
+      #   @return [::String]
+      class RenamedServicesEntry
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
     end
 
     # Describes the generator configuration for a method.

data/proto_docs/google/cloud/confidentialcomputing/v1/service.rb

@@ -63,9 +63,13 @@ module Google
         # @!attribute [rw] td_ccel
         #   @return [::Google::Cloud::ConfidentialComputing::V1::TdxCcelAttestation]
         #     Optional. A TDX with CCEL and RTMR Attestation Quote.
+        #
+        #     Note: The following fields are mutually exclusive: `td_ccel`, `sev_snp_attestation`. If a field in that set is populated, all other fields in the set will automatically be cleared.
         # @!attribute [rw] sev_snp_attestation
         #   @return [::Google::Cloud::ConfidentialComputing::V1::SevSnpAttestation]
         #     Optional. An SEV-SNP Attestation Report.
+        #
+        #     Note: The following fields are mutually exclusive: `sev_snp_attestation`, `td_ccel`. If a field in that set is populated, all other fields in the set will automatically be cleared.
         # @!attribute [rw] challenge
         #   @return [::String]
         #     Required. The name of the Challenge whose nonce was used to generate the

metadata

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-confidential_computing-v1
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.4.0
 platform: ruby
 authors:
 - Google LLC
-autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-12-04 00:00:00.000000000 Z
+date: 2025-01-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -16,7 +15,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.21.1
+        version: 0.25.0
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -26,7 +25,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.21.1
+        version: 0.25.0
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -105,7 +104,6 @@ homepage: https://github.com/googleapis/google-cloud-ruby
 licenses:
 - Apache-2.0
 metadata: {}
-post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -113,15 +111,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.7'
+      version: '3.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.22
-signing_key: 
+rubygems_version: 3.6.2
 specification_version: 4
 summary: Attestation verifier for Confidential Space.
 test_files: []