google-cloud-os_login-v1 0.2.2 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +68 -0
- data/lib/google/cloud/os_login/v1.rb +3 -0
- data/lib/google/cloud/os_login/v1/os_login_service/client.rb +15 -9
- data/lib/google/cloud/os_login/v1/version.rb +1 -1
- data/lib/google/cloud/oslogin/v1/oslogin_services_pb.rb +6 -6
- data/proto_docs/google/api/field_behavior.rb +6 -0
- data/proto_docs/google/api/resource.rb +50 -14
- metadata +8 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 82b27578c5e0348326f1c2c37aa83f94aab199f489a64054869ed8934b7d91ad
|
4
|
+
data.tar.gz: a43262031c3b4f6bffd72660d78b04571c5c917feded8e363bf6504620122ee7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d72948228712b485abff5f50dd7ff3bf8aae082b71b11f4ff8ffe2344a82ae23b9903a3c69b8c531686c8370cb5cc0bc9d9cba3a092ec339415b4a5fbc8ed2ac
|
7
|
+
data.tar.gz: 865aecb9f01d36b1050750894ed69f70076c317f955e62b832e18224252eaec63b191f10d24ea298778dd3cf70b5bca7aaf4fc271cd1b72185a84a3778549561
|
data/README.md
CHANGED
@@ -6,6 +6,12 @@ Use OS Login to manage SSH access to your instances using IAM without having to
|
|
6
6
|
|
7
7
|
https://github.com/googleapis/google-cloud-ruby
|
8
8
|
|
9
|
+
This gem is a _versioned_ client. It provides basic client classes for a
|
10
|
+
specific version of the Cloud OS Login V1 API. Most users should consider using
|
11
|
+
the main client gem,
|
12
|
+
[google-cloud-os_login](https://rubygems.org/gems/google-cloud-os_login).
|
13
|
+
See the section below titled *Which client should I use?* for more information.
|
14
|
+
|
9
15
|
## Installation
|
10
16
|
|
11
17
|
```
|
@@ -18,6 +24,7 @@ In order to use this library, you first need to go through the following steps:
|
|
18
24
|
|
19
25
|
1. [Select or create a Cloud Platform project.](https://console.cloud.google.com/project)
|
20
26
|
1. [Enable billing for your project.](https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project)
|
27
|
+
1. [Enable the API.](https://console.cloud.google.com/apis/library/oslogin.googleapis.com)
|
21
28
|
1. {file:AUTHENTICATION.md Set up authentication.}
|
22
29
|
|
23
30
|
## Quick Start
|
@@ -33,6 +40,9 @@ response = client.delete_posix_account request
|
|
33
40
|
View the [Client Library Documentation](https://googleapis.dev/ruby/google-cloud-os_login-v1/latest)
|
34
41
|
for class and method documentation.
|
35
42
|
|
43
|
+
See also the [Product Documentation](https://cloud.google.com/compute/docs/oslogin)
|
44
|
+
for general usage information.
|
45
|
+
|
36
46
|
## Enabling Logging
|
37
47
|
|
38
48
|
To enable logging for this library, set the logger for the underlying [gRPC](https://github.com/grpc/grpc/tree/master/src/ruby) library.
|
@@ -69,3 +79,61 @@ in security maintenance, and not end of life. Currently, this means Ruby 2.4
|
|
69
79
|
and later. Older versions of Ruby _may_ still work, but are unsupported and not
|
70
80
|
recommended. See https://www.ruby-lang.org/en/downloads/branches/ for details
|
71
81
|
about the Ruby support schedule.
|
82
|
+
|
83
|
+
## Which client should I use?
|
84
|
+
|
85
|
+
Most modern Ruby client libraries for Google APIs come in two flavors: the main
|
86
|
+
client library with a name such as `google-cloud-os_login`,
|
87
|
+
and lower-level _versioned_ client libraries with names such as
|
88
|
+
`google-cloud-os_login-v1`.
|
89
|
+
_In most cases, you should install the main client._
|
90
|
+
|
91
|
+
### What's the difference between the main client and a versioned client?
|
92
|
+
|
93
|
+
A _versioned client_ provides a basic set of data types and client classes for
|
94
|
+
a _single version_ of a specific service. (That is, for a service with multiple
|
95
|
+
versions, there might be a separate versioned client for each service version.)
|
96
|
+
Most versioned clients are written and maintained by a code generator.
|
97
|
+
|
98
|
+
The _main client_ is designed to provide you with the _recommended_ client
|
99
|
+
interfaces for the service. There will be only one main client for any given
|
100
|
+
service, even a service with multiple versions. The main client includes
|
101
|
+
factory methods for constructing the client objects we recommend for most
|
102
|
+
users. In some cases, those will be classes provided by an underlying versioned
|
103
|
+
client; in other cases, they will be handwritten higher-level client objects
|
104
|
+
with additional capabilities, convenience methods, or best practices built in.
|
105
|
+
Generally, the main client will default to a recommended service version,
|
106
|
+
although in some cases you can override this if you need to talk to a specific
|
107
|
+
service version.
|
108
|
+
|
109
|
+
### Why would I want to use the main client?
|
110
|
+
|
111
|
+
We recommend that most users install the main client gem for a service. You can
|
112
|
+
identify this gem as the one _without_ a version in its name, e.g.
|
113
|
+
`google-cloud-os_login`.
|
114
|
+
The main client is recommended because it will embody the best practices for
|
115
|
+
accessing the service, and may also provide more convenient interfaces or
|
116
|
+
tighter integration into frameworks and third-party libraries. In addition, the
|
117
|
+
documentation and samples published by Google will generally demonstrate use of
|
118
|
+
the main client.
|
119
|
+
|
120
|
+
### Why would I want to use a versioned client?
|
121
|
+
|
122
|
+
You can use a versioned client if you are content with a possibly lower-level
|
123
|
+
class interface, you explicitly want to avoid features provided by the main
|
124
|
+
client, or you want to access a specific service version not be covered by the
|
125
|
+
main client. You can identify versioned client gems because the service version
|
126
|
+
is part of the name, e.g. `google-cloud-os_login-v1`.
|
127
|
+
|
128
|
+
### What about the google-apis-<name> clients?
|
129
|
+
|
130
|
+
Client library gems with names that begin with `google-apis-` are based on an
|
131
|
+
older code generation technology. They talk to a REST/JSON backend (whereas
|
132
|
+
most modern clients talk to a [gRPC](https://grpc.io/) backend) and they may
|
133
|
+
not offer the same performance, features, and ease of use provided by more
|
134
|
+
modern clients.
|
135
|
+
|
136
|
+
The `google-apis-` clients have wide coverage across Google services, so you
|
137
|
+
might need to use one if there is no modern client available for the service.
|
138
|
+
However, if a modern client is available, we generally recommend it over the
|
139
|
+
older `google-apis-` clients.
|
@@ -73,7 +73,7 @@ module Google
|
|
73
73
|
initial_delay: 0.1,
|
74
74
|
max_delay: 60.0,
|
75
75
|
multiplier: 1.3,
|
76
|
-
retry_codes: [
|
76
|
+
retry_codes: [14, 4]
|
77
77
|
}
|
78
78
|
|
79
79
|
default_config.rpcs.delete_ssh_public_key.timeout = 10.0
|
@@ -81,7 +81,7 @@ module Google
|
|
81
81
|
initial_delay: 0.1,
|
82
82
|
max_delay: 60.0,
|
83
83
|
multiplier: 1.3,
|
84
|
-
retry_codes: [
|
84
|
+
retry_codes: [14, 4]
|
85
85
|
}
|
86
86
|
|
87
87
|
default_config.rpcs.get_login_profile.timeout = 10.0
|
@@ -89,7 +89,7 @@ module Google
|
|
89
89
|
initial_delay: 0.1,
|
90
90
|
max_delay: 60.0,
|
91
91
|
multiplier: 1.3,
|
92
|
-
retry_codes: [
|
92
|
+
retry_codes: [14, 4]
|
93
93
|
}
|
94
94
|
|
95
95
|
default_config.rpcs.get_ssh_public_key.timeout = 10.0
|
@@ -97,7 +97,7 @@ module Google
|
|
97
97
|
initial_delay: 0.1,
|
98
98
|
max_delay: 60.0,
|
99
99
|
multiplier: 1.3,
|
100
|
-
retry_codes: [
|
100
|
+
retry_codes: [14, 4]
|
101
101
|
}
|
102
102
|
|
103
103
|
default_config.rpcs.import_ssh_public_key.timeout = 10.0
|
@@ -105,7 +105,7 @@ module Google
|
|
105
105
|
initial_delay: 0.1,
|
106
106
|
max_delay: 60.0,
|
107
107
|
multiplier: 1.3,
|
108
|
-
retry_codes: [
|
108
|
+
retry_codes: [14, 4]
|
109
109
|
}
|
110
110
|
|
111
111
|
default_config.rpcs.update_ssh_public_key.timeout = 10.0
|
@@ -113,7 +113,7 @@ module Google
|
|
113
113
|
initial_delay: 0.1,
|
114
114
|
max_delay: 60.0,
|
115
115
|
multiplier: 1.3,
|
116
|
-
retry_codes: [
|
116
|
+
retry_codes: [14, 4]
|
117
117
|
}
|
118
118
|
|
119
119
|
default_config
|
@@ -177,7 +177,13 @@ module Google
|
|
177
177
|
|
178
178
|
# Create credentials
|
179
179
|
credentials = @config.credentials
|
180
|
-
|
180
|
+
# Use self-signed JWT if the scope and endpoint are unchanged from default,
|
181
|
+
# but only if the default endpoint does not have a region prefix.
|
182
|
+
enable_self_signed_jwt = @config.scope == Client.configure.scope &&
|
183
|
+
@config.endpoint == Client.configure.endpoint &&
|
184
|
+
!@config.endpoint.split(".").first.include?("-")
|
185
|
+
credentials ||= Credentials.default scope: @config.scope,
|
186
|
+
enable_self_signed_jwt: enable_self_signed_jwt
|
181
187
|
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
182
188
|
credentials = Credentials.new credentials, scope: @config.scope
|
183
189
|
end
|
@@ -700,7 +706,7 @@ module Google
|
|
700
706
|
|
701
707
|
config_attr :endpoint, "oslogin.googleapis.com", ::String
|
702
708
|
config_attr :credentials, nil do |value|
|
703
|
-
allowed = [::String, ::Hash, ::Proc, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
709
|
+
allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
704
710
|
allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
|
705
711
|
allowed.any? { |klass| klass === value }
|
706
712
|
end
|
@@ -740,7 +746,7 @@ module Google
|
|
740
746
|
# Each configuration object is of type `Gapic::Config::Method` and includes
|
741
747
|
# the following configuration fields:
|
742
748
|
#
|
743
|
-
# * `timeout` (*type:* `Numeric`) - The call timeout in
|
749
|
+
# * `timeout` (*type:* `Numeric`) - The call timeout in seconds
|
744
750
|
# * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional gRPC headers
|
745
751
|
# * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields
|
746
752
|
# include the following keys:
|
@@ -38,21 +38,21 @@ module Google
|
|
38
38
|
self.service_name = 'google.cloud.oslogin.v1.OsLoginService'
|
39
39
|
|
40
40
|
# Deletes a POSIX account.
|
41
|
-
rpc :DeletePosixAccount, Google::Cloud::OsLogin::V1::DeletePosixAccountRequest, Google::Protobuf::Empty
|
41
|
+
rpc :DeletePosixAccount, ::Google::Cloud::OsLogin::V1::DeletePosixAccountRequest, ::Google::Protobuf::Empty
|
42
42
|
# Deletes an SSH public key.
|
43
|
-
rpc :DeleteSshPublicKey, Google::Cloud::OsLogin::V1::DeleteSshPublicKeyRequest, Google::Protobuf::Empty
|
43
|
+
rpc :DeleteSshPublicKey, ::Google::Cloud::OsLogin::V1::DeleteSshPublicKeyRequest, ::Google::Protobuf::Empty
|
44
44
|
# Retrieves the profile information used for logging in to a virtual machine
|
45
45
|
# on Google Compute Engine.
|
46
|
-
rpc :GetLoginProfile, Google::Cloud::OsLogin::V1::GetLoginProfileRequest, Google::Cloud::OsLogin::V1::LoginProfile
|
46
|
+
rpc :GetLoginProfile, ::Google::Cloud::OsLogin::V1::GetLoginProfileRequest, ::Google::Cloud::OsLogin::V1::LoginProfile
|
47
47
|
# Retrieves an SSH public key.
|
48
|
-
rpc :GetSshPublicKey, Google::Cloud::OsLogin::V1::GetSshPublicKeyRequest, Google::Cloud::OsLogin::Common::SshPublicKey
|
48
|
+
rpc :GetSshPublicKey, ::Google::Cloud::OsLogin::V1::GetSshPublicKeyRequest, ::Google::Cloud::OsLogin::Common::SshPublicKey
|
49
49
|
# Adds an SSH public key and returns the profile information. Default POSIX
|
50
50
|
# account information is set when no username and UID exist as part of the
|
51
51
|
# login profile.
|
52
|
-
rpc :ImportSshPublicKey, Google::Cloud::OsLogin::V1::ImportSshPublicKeyRequest, Google::Cloud::OsLogin::V1::ImportSshPublicKeyResponse
|
52
|
+
rpc :ImportSshPublicKey, ::Google::Cloud::OsLogin::V1::ImportSshPublicKeyRequest, ::Google::Cloud::OsLogin::V1::ImportSshPublicKeyResponse
|
53
53
|
# Updates an SSH public key and returns the profile information. This method
|
54
54
|
# supports patch semantics.
|
55
|
-
rpc :UpdateSshPublicKey, Google::Cloud::OsLogin::V1::UpdateSshPublicKeyRequest, Google::Cloud::OsLogin::Common::SshPublicKey
|
55
|
+
rpc :UpdateSshPublicKey, ::Google::Cloud::OsLogin::V1::UpdateSshPublicKeyRequest, ::Google::Cloud::OsLogin::Common::SshPublicKey
|
56
56
|
end
|
57
57
|
|
58
58
|
Stub = Service.rpc_stub_class
|
@@ -54,6 +54,12 @@ module Google
|
|
54
54
|
# This indicates that the field may be set once in a request to create a
|
55
55
|
# resource, but may not be changed thereafter.
|
56
56
|
IMMUTABLE = 5
|
57
|
+
|
58
|
+
# Denotes that a (repeated) field is an unordered list.
|
59
|
+
# This indicates that the service may provide the elements of the list
|
60
|
+
# in any arbitrary order, rather than the order the user originally
|
61
|
+
# provided. Additionally, the list's order may or may not be stable.
|
62
|
+
UNORDERED_LIST = 6
|
57
63
|
end
|
58
64
|
end
|
59
65
|
end
|
@@ -43,12 +43,12 @@ module Google
|
|
43
43
|
#
|
44
44
|
# The ResourceDescriptor Yaml config will look like:
|
45
45
|
#
|
46
|
-
#
|
47
|
-
#
|
48
|
-
#
|
49
|
-
#
|
50
|
-
#
|
51
|
-
#
|
46
|
+
# resources:
|
47
|
+
# - type: "pubsub.googleapis.com/Topic"
|
48
|
+
# name_descriptor:
|
49
|
+
# - pattern: "projects/{project}/topics/{topic}"
|
50
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
51
|
+
# parent_name_extractor: "projects/{project}"
|
52
52
|
#
|
53
53
|
# Sometimes, resources have multiple patterns, typically because they can
|
54
54
|
# live under multiple parents.
|
@@ -183,15 +183,24 @@ module Google
|
|
183
183
|
# }
|
184
184
|
# @!attribute [rw] plural
|
185
185
|
# @return [::String]
|
186
|
-
# The plural name used in the resource name, such as
|
187
|
-
# the name of 'projects/\\{project}'
|
188
|
-
#
|
186
|
+
# The plural name used in the resource name and permission names, such as
|
187
|
+
# 'projects' for the resource name of 'projects/\\{project}' and the permission
|
188
|
+
# name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same
|
189
|
+
# concept of the `plural` field in k8s CRD spec
|
189
190
|
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
191
|
+
#
|
192
|
+
# Note: The plural form is required even for singleton resources. See
|
193
|
+
# https://aip.dev/156
|
190
194
|
# @!attribute [rw] singular
|
191
195
|
# @return [::String]
|
192
196
|
# The same concept of the `singular` field in k8s CRD spec
|
193
197
|
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
194
198
|
# Such as "project" for the `resourcemanager.googleapis.com/Project` type.
|
199
|
+
# @!attribute [rw] style
|
200
|
+
# @return [::Array<::Google::Api::ResourceDescriptor::Style>]
|
201
|
+
# Style flag(s) for this resource.
|
202
|
+
# These indicate that a resource is expected to conform to a given
|
203
|
+
# style. See the specific style flags for additional information.
|
195
204
|
class ResourceDescriptor
|
196
205
|
include ::Google::Protobuf::MessageExts
|
197
206
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -211,6 +220,22 @@ module Google
|
|
211
220
|
# that from being necessary once there are multiple patterns.)
|
212
221
|
FUTURE_MULTI_PATTERN = 2
|
213
222
|
end
|
223
|
+
|
224
|
+
# A flag representing a specific style that a resource claims to conform to.
|
225
|
+
module Style
|
226
|
+
# The unspecified value. Do not use.
|
227
|
+
STYLE_UNSPECIFIED = 0
|
228
|
+
|
229
|
+
# This resource is intended to be "declarative-friendly".
|
230
|
+
#
|
231
|
+
# Declarative-friendly resources must be more strictly consistent, and
|
232
|
+
# setting this to true communicates to tools that this resource should
|
233
|
+
# adhere to declarative-friendly expectations.
|
234
|
+
#
|
235
|
+
# Note: This is used by the API linter (linter.aip.dev) to enable
|
236
|
+
# additional checks.
|
237
|
+
DECLARATIVE_FRIENDLY = 1
|
238
|
+
end
|
214
239
|
end
|
215
240
|
|
216
241
|
# Defines a proto annotation that describes a string field that refers to
|
@@ -226,6 +251,17 @@ module Google
|
|
226
251
|
# type: "pubsub.googleapis.com/Topic"
|
227
252
|
# }];
|
228
253
|
# }
|
254
|
+
#
|
255
|
+
# Occasionally, a field may reference an arbitrary resource. In this case,
|
256
|
+
# APIs use the special value * in their resource reference.
|
257
|
+
#
|
258
|
+
# Example:
|
259
|
+
#
|
260
|
+
# message GetIamPolicyRequest {
|
261
|
+
# string resource = 2 [(google.api.resource_reference) = {
|
262
|
+
# type: "*"
|
263
|
+
# }];
|
264
|
+
# }
|
229
265
|
# @!attribute [rw] child_type
|
230
266
|
# @return [::String]
|
231
267
|
# The resource type of a child collection that the annotated field
|
@@ -234,11 +270,11 @@ module Google
|
|
234
270
|
#
|
235
271
|
# Example:
|
236
272
|
#
|
237
|
-
#
|
238
|
-
#
|
239
|
-
#
|
240
|
-
#
|
241
|
-
#
|
273
|
+
# message ListLogEntriesRequest {
|
274
|
+
# string parent = 1 [(google.api.resource_reference) = {
|
275
|
+
# child_type: "logging.googleapis.com/LogEntry"
|
276
|
+
# };
|
277
|
+
# }
|
242
278
|
class ResourceReference
|
243
279
|
include ::Google::Protobuf::MessageExts
|
244
280
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-os_login-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-02-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0.
|
19
|
+
version: '0.3'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '0.
|
26
|
+
version: '0.3'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: google-cloud-errors
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -153,7 +153,9 @@ dependencies:
|
|
153
153
|
description: Use OS Login to manage SSH access to your instances using IAM without
|
154
154
|
having to create and manage individual SSH keys. OS Login maintains a consistent
|
155
155
|
Linux user identity across VM instances and is the recommended way to manage many
|
156
|
-
users across multiple instances or projects.
|
156
|
+
users across multiple instances or projects. Note that google-cloud-os_login-v1
|
157
|
+
is a version-specific client library. For most uses, we recommend installing the
|
158
|
+
main client library google-cloud-os_login instead. See the readme for more details.
|
157
159
|
email: googleapis-packages@google.com
|
158
160
|
executables: []
|
159
161
|
extensions: []
|
@@ -199,7 +201,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
199
201
|
- !ruby/object:Gem::Version
|
200
202
|
version: '0'
|
201
203
|
requirements: []
|
202
|
-
rubygems_version: 3.
|
204
|
+
rubygems_version: 3.2.6
|
203
205
|
signing_key:
|
204
206
|
specification_version: 4
|
205
207
|
summary: API Client library for the Cloud OS Login V1 API
|