google-cloud-kms-inventory-v1 0.6.1 → 0.8.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b2c624f960e301e99eb6ddb91cba6c9913b09d9dbcebb43db4fdf2bf3a0b3ca1
4
- data.tar.gz: 44a947d8129ce7955eac2bf2faea47bcb0daa5a8ac9b7d36bd0d56b747942f3c
3
+ metadata.gz: 67d45287f38ea46c6ed4989e0e6c65a7241e073cbcf0527243f4dc1bd4d24ec7
4
+ data.tar.gz: 8b97e49e63f9bedd2a0bca43463b6142588159af08a9ff37417e152954828045
5
5
  SHA512:
6
- metadata.gz: 59e3aa3d3b92520db0479e6483a406befbc5cca49036d958456f64fe98280b46aca41a25519fc23038e94ae5034c3effc4095c6c0cfc98f5bb6617cea88203a2
7
- data.tar.gz: 751b6b76935b9ea94e5e1613ceb36003902b2f98a83127a6a7c4aaefcdc816bc244565dc7e41d2c8d0a7f31d95f85e3ce5afe359fbb92f4c528a30b2ade82b2a
6
+ metadata.gz: c4beccf52c903c93c7130008da3802266e09e450a9498bc908357c055ff2907d4ad16d8603d71e56db3ed3eca32afae67090f4b93058fe321533491a38e7d983
7
+ data.tar.gz: 6901ce27821196e81225b2c0bd170255307eba5cd65391338738815fd55a2070d82c317e2d9b08f41765fb76e1a465ac40a8919988abe6c1897d46ad0b8e9145
data/AUTHENTICATION.md CHANGED
@@ -1,149 +1,122 @@
1
1
  # Authentication
2
2
 
3
- In general, the google-cloud-kms-inventory-v1 library uses
4
- [Service Account](https://cloud.google.com/iam/docs/creating-managing-service-accounts)
5
- credentials to connect to Google Cloud services. When running within
6
- [Google Cloud Platform environments](#google-cloud-platform-environments) the
7
- credentials will be discovered automatically. When running on other
8
- environments, the Service Account credentials can be specified by providing the
9
- path to the
10
- [JSON keyfile](https://cloud.google.com/iam/docs/managing-service-account-keys)
11
- for the account (or the JSON itself) in
12
- [environment variables](#environment-variables). Additionally, Cloud SDK
13
- credentials can also be discovered automatically, but this is only recommended
14
- during development.
3
+ The recommended way to authenticate to the google-cloud-kms-inventory-v1 library is to use
4
+ [Application Default Credentials (ADC)](https://cloud.google.com/docs/authentication/application-default-credentials).
5
+ To review all of your authentication options, see [Credentials lookup](#credential-lookup).
15
6
 
16
7
  ## Quickstart
17
8
 
18
- 1. [Create a service account and credentials](#creating-a-service-account).
19
- 2. Set the [environment variable](#environment-variables).
9
+ The following example shows how to set up authentication for a local development
10
+ environment with your user credentials.
20
11
 
21
- ```sh
22
- export GOOGLE_CLOUD_CREDENTIALS=path/to/keyfile.json
23
- ```
24
-
25
- 3. Initialize the client.
12
+ **NOTE:** This method is _not_ recommended for running in production. User credentials
13
+ should be used only during development.
26
14
 
27
- ```ruby
28
- require "google/cloud/kms/inventory/v1"
15
+ 1. [Download and install the Google Cloud CLI](https://cloud.google.com/sdk).
16
+ 2. Set up a local ADC file with your user credentials:
29
17
 
30
- client = ::Google::Cloud::Kms::Inventory::V1::KeyDashboardService::Client.new
18
+ ```sh
19
+ gcloud auth application-default login
31
20
  ```
32
21
 
33
- ## Credential Lookup
34
-
35
- The google-cloud-kms-inventory-v1 library aims to make authentication
36
- as simple as possible, and provides several mechanisms to configure your system
37
- without requiring **Service Account Credentials** directly in code.
38
-
39
- **Credentials** are discovered in the following order:
40
-
41
- 1. Specify credentials in method arguments
42
- 2. Specify credentials in configuration
43
- 3. Discover credentials path in environment variables
44
- 4. Discover credentials JSON in environment variables
45
- 5. Discover credentials file in the Cloud SDK's path
46
- 6. Discover GCP credentials
47
-
48
- ### Google Cloud Platform environments
22
+ 3. Write code as if already authenticated.
49
23
 
50
- When running on Google Cloud Platform (GCP), including Google Compute Engine
51
- (GCE), Google Kubernetes Engine (GKE), Google App Engine (GAE), Google Cloud
52
- Functions (GCF) and Cloud Run, **Credentials** are discovered automatically.
53
- Code should be written as if already authenticated.
24
+ For more information about setting up authentication for a local development environment, see
25
+ [Set up Application Default Credentials](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-dev).
54
26
 
55
- ### Environment Variables
27
+ ## Credential Lookup
56
28
 
57
- The **Credentials JSON** can be placed in environment variables instead of
58
- declaring them directly in code. Each service has its own environment variable,
59
- allowing for different service accounts to be used for different services. (See
60
- the READMEs for the individual service gems for details.) The path to the
61
- **Credentials JSON** file can be stored in the environment variable, or the
62
- **Credentials JSON** itself can be stored for environments such as Docker
63
- containers where writing files is difficult or not encouraged.
29
+ The google-cloud-kms-inventory-v1 library provides several mechanisms to configure your system.
30
+ Generally, using Application Default Credentials to facilitate automatic
31
+ credentials discovery is the easist method. But if you need to explicitly specify
32
+ credentials, there are several methods available to you.
64
33
 
65
- The environment variables that google-cloud-kms-inventory-v1
66
- checks for credentials are configured on the service Credentials class (such as
67
- {::Google::Cloud::Kms::Inventory::V1::KeyDashboardService::Credentials}):
34
+ Credentials are accepted in the following ways, in the following order or precedence:
68
35
 
69
- * `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
70
- * `GOOGLE_CLOUD_KEYFILE` - Path to JSON file, or JSON contents
71
- * `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
36
+ 1. Credentials specified in method arguments
37
+ 2. Credentials specified in configuration
38
+ 3. Credentials pointed to or included in environment variables
39
+ 4. Credentials found in local ADC file
40
+ 5. Credentials returned by the metadata server for the attached service account (GCP)
72
41
 
73
- ```ruby
74
- require "google/cloud/kms/inventory/v1"
75
-
76
- ENV["GOOGLE_CLOUD_CREDENTIALS"] = "path/to/keyfile.json"
42
+ ### Configuration
77
43
 
78
- client = ::Google::Cloud::Kms::Inventory::V1::KeyDashboardService::Client.new
79
- ```
44
+ You can configure a path to a JSON credentials file, either for an individual client object or
45
+ globally, for all client objects. The JSON file can contain credentials created for
46
+ [workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation),
47
+ [workforce identity federation](https://cloud.google.com/iam/docs/workforce-identity-federation), or a
48
+ [service account key](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-key).
80
49
 
81
- ### Configuration
50
+ Note: Service account keys are a security risk if not managed correctly. You should
51
+ [choose a more secure alternative to service account keys](https://cloud.google.com/docs/authentication#auth-decision-tree)
52
+ whenever possible.
82
53
 
83
- The path to the **Credentials JSON** file can be configured instead of storing
84
- it in an environment variable. Either on an individual client initialization:
54
+ To configure a credentials file for an individual client initialization:
85
55
 
86
56
  ```ruby
87
57
  require "google/cloud/kms/inventory/v1"
88
58
 
89
59
  client = ::Google::Cloud::Kms::Inventory::V1::KeyDashboardService::Client.new do |config|
90
- config.credentials = "path/to/keyfile.json"
60
+ config.credentials = "path/to/credentialfile.json"
91
61
  end
92
62
  ```
93
63
 
94
- Or globally for all clients:
64
+ To configure a credentials file globally for all clients:
95
65
 
96
66
  ```ruby
97
67
  require "google/cloud/kms/inventory/v1"
98
68
 
99
69
  ::Google::Cloud::Kms::Inventory::V1::KeyDashboardService::Client.configure do |config|
100
- config.credentials = "path/to/keyfile.json"
70
+ config.credentials = "path/to/credentialfile.json"
101
71
  end
102
72
 
103
73
  client = ::Google::Cloud::Kms::Inventory::V1::KeyDashboardService::Client.new
104
74
  ```
105
75
 
106
- ### Cloud SDK
76
+ ### Environment Variables
107
77
 
108
- This option allows for an easy way to authenticate during development. If
109
- credentials are not provided in code or in environment variables, then Cloud SDK
110
- credentials are discovered.
78
+ You can also use an environment variable to provide a JSON credentials file.
79
+ The environment variable can contain a path to the credentials file or, for
80
+ environments such as Docker containers where writing files is not encouraged,
81
+ you can include the credentials file itself.
111
82
 
112
- To configure your system for this, simply:
83
+ The JSON file can contain credentials created for
84
+ [workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation),
85
+ [workforce identity federation](https://cloud.google.com/iam/docs/workforce-identity-federation), or a
86
+ [service account key](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-key).
113
87
 
114
- 1. [Download and install the Cloud SDK](https://cloud.google.com/sdk)
115
- 2. Authenticate using OAuth 2.0 `$ gcloud auth application-default login`
116
- 3. Write code as if already authenticated.
88
+ Note: Service account keys are a security risk if not managed correctly. You should
89
+ [choose a more secure alternative to service account keys](https://cloud.google.com/docs/authentication#auth-decision-tree)
90
+ whenever possible.
91
+
92
+ The environment variables that google-cloud-kms-inventory-v1
93
+ checks for credentials are:
117
94
 
118
- **NOTE:** This is _not_ recommended for running in production. The Cloud SDK
119
- *should* only be used during development.
95
+ * `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
96
+ * `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
120
97
 
121
- ## Creating a Service Account
98
+ ```ruby
99
+ require "google/cloud/kms/inventory/v1"
122
100
 
123
- Google Cloud requires **Service Account Credentials** to
124
- connect to the APIs. You will use the **JSON key file** to
125
- connect to most services with google-cloud-kms-inventory-v1.
101
+ ENV["GOOGLE_APPLICATION_CREDENTIALS"] = "path/to/credentialfile.json"
126
102
 
127
- If you are not running this client within
128
- [Google Cloud Platform environments](#google-cloud-platform-environments), you
129
- need a Google Developers service account.
103
+ client = ::Google::Cloud::Kms::Inventory::V1::KeyDashboardService::Client.new
104
+ ```
130
105
 
131
- 1. Visit the [Google Cloud Console](https://console.cloud.google.com/project).
132
- 2. Create a new project or click on an existing project.
133
- 3. Activate the menu in the upper left and select **APIs & Services**. From
134
- here, you will enable the APIs that your application requires.
106
+ ### Local ADC file
135
107
 
136
- *Note: You may need to enable billing in order to use these services.*
108
+ You can set up a local ADC file with your user credentials for authentication during
109
+ development. If credentials are not provided in code or in environment variables,
110
+ then the local ADC credentials are discovered.
137
111
 
138
- 4. Select **Credentials** from the side navigation.
112
+ Follow the steps in [Quickstart](#quickstart) to set up a local ADC file.
139
113
 
140
- Find the "Create credentials" drop down near the top of the page, and select
141
- "Service account" to be guided through downloading a new JSON key file.
114
+ ### Google Cloud Platform environments
142
115
 
143
- If you want to re-use an existing service account, you can easily generate a
144
- new key file. Just select the account you wish to re-use, click the pencil
145
- tool on the right side to edit the service account, select the **Keys** tab,
146
- and then select **Add Key**.
116
+ When running on Google Cloud Platform (GCP), including Google Compute Engine
117
+ (GCE), Google Kubernetes Engine (GKE), Google App Engine (GAE), Google Cloud
118
+ Functions (GCF) and Cloud Run, credentials are retrieved from the attached
119
+ service account automatically. Code should be written as if already authenticated.
147
120
 
148
- The key file you download will be used by this library to authenticate API
149
- requests and should be stored in a secure location.
121
+ For more information, see
122
+ [Set up ADC for Google Cloud services](https://cloud.google.com/docs/authentication/provide-credentials-adc#attached-sa).
@@ -31,6 +31,9 @@ module Google
31
31
  # Provides a cross-region view of all Cloud KMS keys in a given Cloud project.
32
32
  #
33
33
  class Client
34
+ # @private
35
+ DEFAULT_ENDPOINT_TEMPLATE = "kmsinventory.$UNIVERSE_DOMAIN$"
36
+
34
37
  include Paths
35
38
 
36
39
  # @private
@@ -93,6 +96,15 @@ module Google
93
96
  @config
94
97
  end
95
98
 
99
+ ##
100
+ # The effective universe domain
101
+ #
102
+ # @return [String]
103
+ #
104
+ def universe_domain
105
+ @key_dashboard_service_stub.universe_domain
106
+ end
107
+
96
108
  ##
97
109
  # Create a new KeyDashboardService client object.
98
110
  #
@@ -126,8 +138,9 @@ module Google
126
138
  credentials = @config.credentials
127
139
  # Use self-signed JWT if the endpoint is unchanged from default,
128
140
  # but only if the default endpoint does not have a region prefix.
129
- enable_self_signed_jwt = @config.endpoint == Configuration::DEFAULT_ENDPOINT &&
130
- !@config.endpoint.split(".").first.include?("-")
141
+ enable_self_signed_jwt = @config.endpoint.nil? ||
142
+ (@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
143
+ !@config.endpoint.split(".").first.include?("-"))
131
144
  credentials ||= Credentials.default scope: @config.scope,
132
145
  enable_self_signed_jwt: enable_self_signed_jwt
133
146
  if credentials.is_a?(::String) || credentials.is_a?(::Hash)
@@ -138,10 +151,13 @@ module Google
138
151
 
139
152
  @key_dashboard_service_stub = ::Gapic::ServiceStub.new(
140
153
  ::Google::Cloud::Kms::Inventory::V1::KeyDashboardService::Stub,
141
- credentials: credentials,
142
- endpoint: @config.endpoint,
154
+ credentials: credentials,
155
+ endpoint: @config.endpoint,
156
+ endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
157
+ universe_domain: @config.universe_domain,
143
158
  channel_args: @config.channel_args,
144
- interceptors: @config.interceptors
159
+ interceptors: @config.interceptors,
160
+ channel_pool_config: @config.channel_pool
145
161
  )
146
162
  end
147
163
 
@@ -277,9 +293,9 @@ module Google
277
293
  # end
278
294
  #
279
295
  # @!attribute [rw] endpoint
280
- # The hostname or hostname:port of the service endpoint.
281
- # Defaults to `"kmsinventory.googleapis.com"`.
282
- # @return [::String]
296
+ # A custom service endpoint, as a hostname or hostname:port. The default is
297
+ # nil, indicating to use the default endpoint in the current universe domain.
298
+ # @return [::String,nil]
283
299
  # @!attribute [rw] credentials
284
300
  # Credentials to send with calls. You may provide any of the following types:
285
301
  # * (`String`) The path to a service account key file in JSON format
@@ -325,13 +341,20 @@ module Google
325
341
  # @!attribute [rw] quota_project
326
342
  # A separate project against which to charge quota.
327
343
  # @return [::String]
344
+ # @!attribute [rw] universe_domain
345
+ # The universe domain within which to make requests. This determines the
346
+ # default endpoint URL. The default value of nil uses the environment
347
+ # universe (usually the default "googleapis.com" universe).
348
+ # @return [::String,nil]
328
349
  #
329
350
  class Configuration
330
351
  extend ::Gapic::Config
331
352
 
353
+ # @private
354
+ # The endpoint specific to the default "googleapis.com" universe. Deprecated.
332
355
  DEFAULT_ENDPOINT = "kmsinventory.googleapis.com"
333
356
 
334
- config_attr :endpoint, DEFAULT_ENDPOINT, ::String
357
+ config_attr :endpoint, nil, ::String, nil
335
358
  config_attr :credentials, nil do |value|
336
359
  allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
337
360
  allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
@@ -346,6 +369,7 @@ module Google
346
369
  config_attr :metadata, nil, ::Hash, nil
347
370
  config_attr :retry_policy, nil, ::Hash, ::Proc, nil
348
371
  config_attr :quota_project, nil, ::String, nil
372
+ config_attr :universe_domain, nil, ::String, nil
349
373
 
350
374
  # @private
351
375
  def initialize parent_config = nil
@@ -366,6 +390,14 @@ module Google
366
390
  end
367
391
  end
368
392
 
393
+ ##
394
+ # Configuration for the channel pool
395
+ # @return [::Gapic::ServiceStub::ChannelPool::Configuration]
396
+ #
397
+ def channel_pool
398
+ @channel_pool ||= ::Gapic::ServiceStub::ChannelPool::Configuration.new
399
+ end
400
+
369
401
  ##
370
402
  # Configuration RPC class for the KeyDashboardService API.
371
403
  #
@@ -33,6 +33,9 @@ module Google
33
33
  # Provides a cross-region view of all Cloud KMS keys in a given Cloud project.
34
34
  #
35
35
  class Client
36
+ # @private
37
+ DEFAULT_ENDPOINT_TEMPLATE = "kmsinventory.$UNIVERSE_DOMAIN$"
38
+
36
39
  include Paths
37
40
 
38
41
  # @private
@@ -95,6 +98,15 @@ module Google
95
98
  @config
96
99
  end
97
100
 
101
+ ##
102
+ # The effective universe domain
103
+ #
104
+ # @return [String]
105
+ #
106
+ def universe_domain
107
+ @key_dashboard_service_stub.universe_domain
108
+ end
109
+
98
110
  ##
99
111
  # Create a new KeyDashboardService REST client object.
100
112
  #
@@ -122,8 +134,9 @@ module Google
122
134
  credentials = @config.credentials
123
135
  # Use self-signed JWT if the endpoint is unchanged from default,
124
136
  # but only if the default endpoint does not have a region prefix.
125
- enable_self_signed_jwt = @config.endpoint == Configuration::DEFAULT_ENDPOINT &&
126
- !@config.endpoint.split(".").first.include?("-")
137
+ enable_self_signed_jwt = @config.endpoint.nil? ||
138
+ (@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
139
+ !@config.endpoint.split(".").first.include?("-"))
127
140
  credentials ||= Credentials.default scope: @config.scope,
128
141
  enable_self_signed_jwt: enable_self_signed_jwt
129
142
  if credentials.is_a?(::String) || credentials.is_a?(::Hash)
@@ -133,7 +146,12 @@ module Google
133
146
  @quota_project_id = @config.quota_project
134
147
  @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id
135
148
 
136
- @key_dashboard_service_stub = ::Google::Cloud::Kms::Inventory::V1::KeyDashboardService::Rest::ServiceStub.new endpoint: @config.endpoint, credentials: credentials
149
+ @key_dashboard_service_stub = ::Google::Cloud::Kms::Inventory::V1::KeyDashboardService::Rest::ServiceStub.new(
150
+ endpoint: @config.endpoint,
151
+ endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
152
+ universe_domain: @config.universe_domain,
153
+ credentials: credentials
154
+ )
137
155
  end
138
156
 
139
157
  # Service calls
@@ -175,6 +193,26 @@ module Google
175
193
  # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKey>]
176
194
  #
177
195
  # @raise [::Google::Cloud::Error] if the REST call is aborted.
196
+ #
197
+ # @example Basic example
198
+ # require "google/cloud/kms/inventory/v1"
199
+ #
200
+ # # Create a client object. The client can be reused for multiple calls.
201
+ # client = Google::Cloud::Kms::Inventory::V1::KeyDashboardService::Rest::Client.new
202
+ #
203
+ # # Create a request. To set request fields, pass in keyword arguments.
204
+ # request = Google::Cloud::Kms::Inventory::V1::ListCryptoKeysRequest.new
205
+ #
206
+ # # Call the list_crypto_keys method.
207
+ # result = client.list_crypto_keys request
208
+ #
209
+ # # The returned object is of type Gapic::PagedEnumerable. You can iterate
210
+ # # over elements, and API calls will be issued to fetch pages as needed.
211
+ # result.each do |item|
212
+ # # Each element is of type ::Google::Cloud::Kms::V1::CryptoKey.
213
+ # p item
214
+ # end
215
+ #
178
216
  def list_crypto_keys request, options = nil
179
217
  raise ::ArgumentError, "request must be provided" if request.nil?
180
218
 
@@ -241,9 +279,9 @@ module Google
241
279
  # end
242
280
  #
243
281
  # @!attribute [rw] endpoint
244
- # The hostname or hostname:port of the service endpoint.
245
- # Defaults to `"kmsinventory.googleapis.com"`.
246
- # @return [::String]
282
+ # A custom service endpoint, as a hostname or hostname:port. The default is
283
+ # nil, indicating to use the default endpoint in the current universe domain.
284
+ # @return [::String,nil]
247
285
  # @!attribute [rw] credentials
248
286
  # Credentials to send with calls. You may provide any of the following types:
249
287
  # * (`String`) The path to a service account key file in JSON format
@@ -280,13 +318,20 @@ module Google
280
318
  # @!attribute [rw] quota_project
281
319
  # A separate project against which to charge quota.
282
320
  # @return [::String]
321
+ # @!attribute [rw] universe_domain
322
+ # The universe domain within which to make requests. This determines the
323
+ # default endpoint URL. The default value of nil uses the environment
324
+ # universe (usually the default "googleapis.com" universe).
325
+ # @return [::String,nil]
283
326
  #
284
327
  class Configuration
285
328
  extend ::Gapic::Config
286
329
 
330
+ # @private
331
+ # The endpoint specific to the default "googleapis.com" universe. Deprecated.
287
332
  DEFAULT_ENDPOINT = "kmsinventory.googleapis.com"
288
333
 
289
- config_attr :endpoint, DEFAULT_ENDPOINT, ::String
334
+ config_attr :endpoint, nil, ::String, nil
290
335
  config_attr :credentials, nil do |value|
291
336
  allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
292
337
  allowed.any? { |klass| klass === value }
@@ -298,6 +343,7 @@ module Google
298
343
  config_attr :metadata, nil, ::Hash, nil
299
344
  config_attr :retry_policy, nil, ::Hash, ::Proc, nil
300
345
  config_attr :quota_project, nil, ::String, nil
346
+ config_attr :universe_domain, nil, ::String, nil
301
347
 
302
348
  # @private
303
349
  def initialize parent_config = nil
@@ -31,16 +31,28 @@ module Google
31
31
  # including transcoding, making the REST call, and deserialing the response.
32
32
  #
33
33
  class ServiceStub
34
- def initialize endpoint:, credentials:
34
+ def initialize endpoint:, endpoint_template:, universe_domain:, credentials:
35
35
  # These require statements are intentionally placed here to initialize
36
36
  # the REST modules only when it's required.
37
37
  require "gapic/rest"
38
38
 
39
- @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint, credentials: credentials,
39
+ @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint,
40
+ endpoint_template: endpoint_template,
41
+ universe_domain: universe_domain,
42
+ credentials: credentials,
40
43
  numeric_enums: true,
41
44
  raise_faraday_errors: false
42
45
  end
43
46
 
47
+ ##
48
+ # The effective universe domain
49
+ #
50
+ # @return [String]
51
+ #
52
+ def universe_domain
53
+ @client_stub.universe_domain
54
+ end
55
+
44
56
  ##
45
57
  # Baseline implementation for the list_crypto_keys REST call
46
58
  #
@@ -32,6 +32,9 @@ module Google
32
32
  # given Cloud KMS key via CMEK.
33
33
  #
34
34
  class Client
35
+ # @private
36
+ DEFAULT_ENDPOINT_TEMPLATE = "kmsinventory.$UNIVERSE_DOMAIN$"
37
+
35
38
  include Paths
36
39
 
37
40
  # @private
@@ -96,6 +99,15 @@ module Google
96
99
  @config
97
100
  end
98
101
 
102
+ ##
103
+ # The effective universe domain
104
+ #
105
+ # @return [String]
106
+ #
107
+ def universe_domain
108
+ @key_tracking_service_stub.universe_domain
109
+ end
110
+
99
111
  ##
100
112
  # Create a new KeyTrackingService client object.
101
113
  #
@@ -129,8 +141,9 @@ module Google
129
141
  credentials = @config.credentials
130
142
  # Use self-signed JWT if the endpoint is unchanged from default,
131
143
  # but only if the default endpoint does not have a region prefix.
132
- enable_self_signed_jwt = @config.endpoint == Configuration::DEFAULT_ENDPOINT &&
133
- !@config.endpoint.split(".").first.include?("-")
144
+ enable_self_signed_jwt = @config.endpoint.nil? ||
145
+ (@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
146
+ !@config.endpoint.split(".").first.include?("-"))
134
147
  credentials ||= Credentials.default scope: @config.scope,
135
148
  enable_self_signed_jwt: enable_self_signed_jwt
136
149
  if credentials.is_a?(::String) || credentials.is_a?(::Hash)
@@ -141,10 +154,13 @@ module Google
141
154
 
142
155
  @key_tracking_service_stub = ::Gapic::ServiceStub.new(
143
156
  ::Google::Cloud::Kms::Inventory::V1::KeyTrackingService::Stub,
144
- credentials: credentials,
145
- endpoint: @config.endpoint,
157
+ credentials: credentials,
158
+ endpoint: @config.endpoint,
159
+ endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
160
+ universe_domain: @config.universe_domain,
146
161
  channel_args: @config.channel_args,
147
- interceptors: @config.interceptors
162
+ interceptors: @config.interceptors,
163
+ channel_pool_config: @config.channel_pool
148
164
  )
149
165
  end
150
166
 
@@ -393,9 +409,9 @@ module Google
393
409
  # end
394
410
  #
395
411
  # @!attribute [rw] endpoint
396
- # The hostname or hostname:port of the service endpoint.
397
- # Defaults to `"kmsinventory.googleapis.com"`.
398
- # @return [::String]
412
+ # A custom service endpoint, as a hostname or hostname:port. The default is
413
+ # nil, indicating to use the default endpoint in the current universe domain.
414
+ # @return [::String,nil]
399
415
  # @!attribute [rw] credentials
400
416
  # Credentials to send with calls. You may provide any of the following types:
401
417
  # * (`String`) The path to a service account key file in JSON format
@@ -441,13 +457,20 @@ module Google
441
457
  # @!attribute [rw] quota_project
442
458
  # A separate project against which to charge quota.
443
459
  # @return [::String]
460
+ # @!attribute [rw] universe_domain
461
+ # The universe domain within which to make requests. This determines the
462
+ # default endpoint URL. The default value of nil uses the environment
463
+ # universe (usually the default "googleapis.com" universe).
464
+ # @return [::String,nil]
444
465
  #
445
466
  class Configuration
446
467
  extend ::Gapic::Config
447
468
 
469
+ # @private
470
+ # The endpoint specific to the default "googleapis.com" universe. Deprecated.
448
471
  DEFAULT_ENDPOINT = "kmsinventory.googleapis.com"
449
472
 
450
- config_attr :endpoint, DEFAULT_ENDPOINT, ::String
473
+ config_attr :endpoint, nil, ::String, nil
451
474
  config_attr :credentials, nil do |value|
452
475
  allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
453
476
  allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
@@ -462,6 +485,7 @@ module Google
462
485
  config_attr :metadata, nil, ::Hash, nil
463
486
  config_attr :retry_policy, nil, ::Hash, ::Proc, nil
464
487
  config_attr :quota_project, nil, ::String, nil
488
+ config_attr :universe_domain, nil, ::String, nil
465
489
 
466
490
  # @private
467
491
  def initialize parent_config = nil
@@ -482,6 +506,14 @@ module Google
482
506
  end
483
507
  end
484
508
 
509
+ ##
510
+ # Configuration for the channel pool
511
+ # @return [::Gapic::ServiceStub::ChannelPool::Configuration]
512
+ #
513
+ def channel_pool
514
+ @channel_pool ||= ::Gapic::ServiceStub::ChannelPool::Configuration.new
515
+ end
516
+
485
517
  ##
486
518
  # Configuration RPC class for the KeyTrackingService API.
487
519
  #
@@ -34,6 +34,9 @@ module Google
34
34
  # given Cloud KMS key via CMEK.
35
35
  #
36
36
  class Client
37
+ # @private
38
+ DEFAULT_ENDPOINT_TEMPLATE = "kmsinventory.$UNIVERSE_DOMAIN$"
39
+
37
40
  include Paths
38
41
 
39
42
  # @private
@@ -98,6 +101,15 @@ module Google
98
101
  @config
99
102
  end
100
103
 
104
+ ##
105
+ # The effective universe domain
106
+ #
107
+ # @return [String]
108
+ #
109
+ def universe_domain
110
+ @key_tracking_service_stub.universe_domain
111
+ end
112
+
101
113
  ##
102
114
  # Create a new KeyTrackingService REST client object.
103
115
  #
@@ -125,8 +137,9 @@ module Google
125
137
  credentials = @config.credentials
126
138
  # Use self-signed JWT if the endpoint is unchanged from default,
127
139
  # but only if the default endpoint does not have a region prefix.
128
- enable_self_signed_jwt = @config.endpoint == Configuration::DEFAULT_ENDPOINT &&
129
- !@config.endpoint.split(".").first.include?("-")
140
+ enable_self_signed_jwt = @config.endpoint.nil? ||
141
+ (@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
142
+ !@config.endpoint.split(".").first.include?("-"))
130
143
  credentials ||= Credentials.default scope: @config.scope,
131
144
  enable_self_signed_jwt: enable_self_signed_jwt
132
145
  if credentials.is_a?(::String) || credentials.is_a?(::Hash)
@@ -136,7 +149,12 @@ module Google
136
149
  @quota_project_id = @config.quota_project
137
150
  @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id
138
151
 
139
- @key_tracking_service_stub = ::Google::Cloud::Kms::Inventory::V1::KeyTrackingService::Rest::ServiceStub.new endpoint: @config.endpoint, credentials: credentials
152
+ @key_tracking_service_stub = ::Google::Cloud::Kms::Inventory::V1::KeyTrackingService::Rest::ServiceStub.new(
153
+ endpoint: @config.endpoint,
154
+ endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
155
+ universe_domain: @config.universe_domain,
156
+ credentials: credentials
157
+ )
140
158
  end
141
159
 
142
160
  # Service calls
@@ -173,6 +191,22 @@ module Google
173
191
  # @return [::Google::Cloud::Kms::Inventory::V1::ProtectedResourcesSummary]
174
192
  #
175
193
  # @raise [::Google::Cloud::Error] if the REST call is aborted.
194
+ #
195
+ # @example Basic example
196
+ # require "google/cloud/kms/inventory/v1"
197
+ #
198
+ # # Create a client object. The client can be reused for multiple calls.
199
+ # client = Google::Cloud::Kms::Inventory::V1::KeyTrackingService::Rest::Client.new
200
+ #
201
+ # # Create a request. To set request fields, pass in keyword arguments.
202
+ # request = Google::Cloud::Kms::Inventory::V1::GetProtectedResourcesSummaryRequest.new
203
+ #
204
+ # # Call the get_protected_resources_summary method.
205
+ # result = client.get_protected_resources_summary request
206
+ #
207
+ # # The returned object is of type Google::Cloud::Kms::Inventory::V1::ProtectedResourcesSummary.
208
+ # p result
209
+ #
176
210
  def get_protected_resources_summary request, options = nil
177
211
  raise ::ArgumentError, "request must be provided" if request.nil?
178
212
 
@@ -268,6 +302,26 @@ module Google
268
302
  # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::Inventory::V1::ProtectedResource>]
269
303
  #
270
304
  # @raise [::Google::Cloud::Error] if the REST call is aborted.
305
+ #
306
+ # @example Basic example
307
+ # require "google/cloud/kms/inventory/v1"
308
+ #
309
+ # # Create a client object. The client can be reused for multiple calls.
310
+ # client = Google::Cloud::Kms::Inventory::V1::KeyTrackingService::Rest::Client.new
311
+ #
312
+ # # Create a request. To set request fields, pass in keyword arguments.
313
+ # request = Google::Cloud::Kms::Inventory::V1::SearchProtectedResourcesRequest.new
314
+ #
315
+ # # Call the search_protected_resources method.
316
+ # result = client.search_protected_resources request
317
+ #
318
+ # # The returned object is of type Gapic::PagedEnumerable. You can iterate
319
+ # # over elements, and API calls will be issued to fetch pages as needed.
320
+ # result.each do |item|
321
+ # # Each element is of type ::Google::Cloud::Kms::Inventory::V1::ProtectedResource.
322
+ # p item
323
+ # end
324
+ #
271
325
  def search_protected_resources request, options = nil
272
326
  raise ::ArgumentError, "request must be provided" if request.nil?
273
327
 
@@ -334,9 +388,9 @@ module Google
334
388
  # end
335
389
  #
336
390
  # @!attribute [rw] endpoint
337
- # The hostname or hostname:port of the service endpoint.
338
- # Defaults to `"kmsinventory.googleapis.com"`.
339
- # @return [::String]
391
+ # A custom service endpoint, as a hostname or hostname:port. The default is
392
+ # nil, indicating to use the default endpoint in the current universe domain.
393
+ # @return [::String,nil]
340
394
  # @!attribute [rw] credentials
341
395
  # Credentials to send with calls. You may provide any of the following types:
342
396
  # * (`String`) The path to a service account key file in JSON format
@@ -373,13 +427,20 @@ module Google
373
427
  # @!attribute [rw] quota_project
374
428
  # A separate project against which to charge quota.
375
429
  # @return [::String]
430
+ # @!attribute [rw] universe_domain
431
+ # The universe domain within which to make requests. This determines the
432
+ # default endpoint URL. The default value of nil uses the environment
433
+ # universe (usually the default "googleapis.com" universe).
434
+ # @return [::String,nil]
376
435
  #
377
436
  class Configuration
378
437
  extend ::Gapic::Config
379
438
 
439
+ # @private
440
+ # The endpoint specific to the default "googleapis.com" universe. Deprecated.
380
441
  DEFAULT_ENDPOINT = "kmsinventory.googleapis.com"
381
442
 
382
- config_attr :endpoint, DEFAULT_ENDPOINT, ::String
443
+ config_attr :endpoint, nil, ::String, nil
383
444
  config_attr :credentials, nil do |value|
384
445
  allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
385
446
  allowed.any? { |klass| klass === value }
@@ -391,6 +452,7 @@ module Google
391
452
  config_attr :metadata, nil, ::Hash, nil
392
453
  config_attr :retry_policy, nil, ::Hash, ::Proc, nil
393
454
  config_attr :quota_project, nil, ::String, nil
455
+ config_attr :universe_domain, nil, ::String, nil
394
456
 
395
457
  # @private
396
458
  def initialize parent_config = nil
@@ -31,16 +31,28 @@ module Google
31
31
  # including transcoding, making the REST call, and deserialing the response.
32
32
  #
33
33
  class ServiceStub
34
- def initialize endpoint:, credentials:
34
+ def initialize endpoint:, endpoint_template:, universe_domain:, credentials:
35
35
  # These require statements are intentionally placed here to initialize
36
36
  # the REST modules only when it's required.
37
37
  require "gapic/rest"
38
38
 
39
- @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint, credentials: credentials,
39
+ @client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint,
40
+ endpoint_template: endpoint_template,
41
+ universe_domain: universe_domain,
42
+ credentials: credentials,
40
43
  numeric_enums: true,
41
44
  raise_faraday_errors: false
42
45
  end
43
46
 
47
+ ##
48
+ # The effective universe domain
49
+ #
50
+ # @return [String]
51
+ #
52
+ def universe_domain
53
+ @client_stub.universe_domain
54
+ end
55
+
44
56
  ##
45
57
  # Baseline implementation for the get_protected_resources_summary REST call
46
58
  #
@@ -22,7 +22,7 @@ module Google
22
22
  module Kms
23
23
  module Inventory
24
24
  module V1
25
- VERSION = "0.6.1"
25
+ VERSION = "0.8.0"
26
26
  end
27
27
  end
28
28
  end
@@ -21,6 +21,7 @@ module Google
21
21
  module Api
22
22
  # Required information for every language.
23
23
  # @!attribute [rw] reference_docs_uri
24
+ # @deprecated This field is deprecated and may be removed in the next major version update.
24
25
  # @return [::String]
25
26
  # Link to automatically generated reference documentation. Example:
26
27
  # https://cloud.google.com/nodejs/docs/reference/asset/latest
@@ -304,6 +305,19 @@ module Google
304
305
  # seconds: 360 # 6 minutes
305
306
  # total_poll_timeout:
306
307
  # seconds: 54000 # 90 minutes
308
+ # @!attribute [rw] auto_populated_fields
309
+ # @return [::Array<::String>]
310
+ # List of top-level fields of the request message, that should be
311
+ # automatically populated by the client libraries based on their
312
+ # (google.api.field_info).format. Currently supported format: UUID4.
313
+ #
314
+ # Example of a YAML configuration:
315
+ #
316
+ # publishing:
317
+ # method_settings:
318
+ # - selector: google.example.v1.ExampleService.CreateExample
319
+ # auto_populated_fields:
320
+ # - request_id
307
321
  class MethodSettings
308
322
  include ::Google::Protobuf::MessageExts
309
323
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -66,6 +66,20 @@ module Google
66
66
  # a non-empty value will be returned. The user will not be aware of what
67
67
  # non-empty value to expect.
68
68
  NON_EMPTY_DEFAULT = 7
69
+
70
+ # Denotes that the field in a resource (a message annotated with
71
+ # google.api.resource) is used in the resource name to uniquely identify the
72
+ # resource. For AIP-compliant APIs, this should only be applied to the
73
+ # `name` field on the resource.
74
+ #
75
+ # This behavior should not be applied to references to other resources within
76
+ # the message.
77
+ #
78
+ # The identifier field of resources often have different field behavior
79
+ # depending on the request it is embedded in (e.g. for Create methods name
80
+ # is optional and unused, while for Update methods it is required). Instead
81
+ # of method-specific annotations, only `IDENTIFIER` is required.
82
+ IDENTIFIER = 8
69
83
  end
70
84
  end
71
85
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-cloud-kms-inventory-v1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.1
4
+ version: 0.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-04 00:00:00.000000000 Z
11
+ date: 2024-01-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: 0.19.1
19
+ version: 0.21.1
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
22
  version: 2.a
@@ -26,7 +26,7 @@ dependencies:
26
26
  requirements:
27
27
  - - ">="
28
28
  - !ruby/object:Gem::Version
29
- version: 0.19.1
29
+ version: 0.21.1
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
32
  version: 2.a
@@ -241,7 +241,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
241
241
  - !ruby/object:Gem::Version
242
242
  version: '0'
243
243
  requirements: []
244
- rubygems_version: 3.4.2
244
+ rubygems_version: 3.5.3
245
245
  signing_key:
246
246
  specification_version: 4
247
247
  summary: API Client library for the KMS Inventory V1 API