google-cloud-security_center-v1p1beta1 0.14.2 → 0.16.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7b90c422f1b6fd2c572793c12d9918c8e207565d5ccd011109e03782a03824bb
-  data.tar.gz: 7992f03d071a7d3ae8d405331fe74aeb8311d0f0109c0e818cfe5c8f84b498bf
+  metadata.gz: 686ec6f61d9d05118bde5799e1f65431cd41ec9eccf55de81c8714be289d812d
+  data.tar.gz: ac670cdf01f353e29a51c7b50ac0f0d08ada46388a87170d1b1e808f9c6d9e60
 SHA512:
-  metadata.gz: ccd6f862954483290b59d779c4cc53bcb29464dad0ed3eb264b71aa314e136db022283797d203a1a2e8b9bde6c58859c8e6d15073f358186e290806879a6741b
-  data.tar.gz: 2d0384dd82e2010e85b866a7b52569c2697dac0a888f6a80011276ce6fd160fc95f450b635414e3d6e9f8e0bad19d4eaa4eaee8b8fe44c0565648268153a12b5
+  metadata.gz: c4b5677565eea753c1489e91452029d2731e3b91fb5434b19d8c1a17cc0f788f73f950e0141a789a49ebfd8bd626ab0349fbce57940558c5cf926e4df5b89b4a
+  data.tar.gz: 77c47703a8decdca2b7e4a7fed584061db4b00a83d085f2c04401ce26d82b4d8ed60f5e9fbb18afe4c83680613299feb3510f4787d26c3358e1f4b190273717a

data/README.md

@@ -42,40 +42,50 @@ for class and method documentation.
 See also the [Product Documentation](https://cloud.google.com/security-command-center)
 for general usage information.
 
-## Enabling Logging
-
-To enable logging for this library, set the logger for the underlying [gRPC](https://github.com/grpc/grpc/tree/master/src/ruby) library.
-The logger that you set may be a Ruby stdlib [`Logger`](https://ruby-doc.org/current/stdlibs/logger/Logger.html) as shown below,
-or a [`Google::Cloud::Logging::Logger`](https://cloud.google.com/ruby/docs/reference/google-cloud-logging/latest)
-that will write logs to [Cloud Logging](https://cloud.google.com/logging/). See [grpc/logconfig.rb](https://github.com/grpc/grpc/blob/master/src/ruby/lib/grpc/logconfig.rb)
-and the gRPC [spec_helper.rb](https://github.com/grpc/grpc/blob/master/src/ruby/spec/spec_helper.rb) for additional information.
-
-Configuring a Ruby stdlib logger:
+## Debug Logging
+
+This library comes with opt-in Debug Logging that can help you troubleshoot
+your application's integration with the API. When logging is activated, key
+events such as requests and responses, along with data payloads and metadata
+such as headers and client configuration, are logged to the standard error
+stream.
+
+**WARNING:** Client Library Debug Logging includes your data payloads in
+plaintext, which could include sensitive data such as PII for yourself or your
+customers, private keys, or other security data that could be compromising if
+leaked. Always practice good data hygiene with your application logs, and follow
+the principle of least access. Google also recommends that Client Library Debug
+Logging be enabled only temporarily during active debugging, and not used
+permanently in production.
+
+To enable logging, set the environment variable `GOOGLE_SDK_RUBY_LOGGING_GEMS`
+to the value `all`. Alternatively, you can set the value to a comma-delimited
+list of client library gem names. This will select the default logging behavior,
+which writes logs to the standard error stream. On a local workstation, this may
+result in logs appearing on the console. When running on a Google Cloud hosting
+service such as [Google Cloud Run](https://cloud.google.com/run), this generally
+results in logs appearing alongside your application logs in the
+[Google Cloud Logging](https://cloud.google.com/logging/) service.
+
+You can customize logging by modifying the `logger` configuration when
+constructing a client object. For example:
 
 ```ruby
+require "google/cloud/security_center/v1p1beta1"
 require "logger"
 
-module MyLogger
-  LOGGER = Logger.new $stderr, level: Logger::WARN
-  def logger
-    LOGGER
-  end
-end
-
-# Define a gRPC module-level logger method before grpc/logconfig.rb loads.
-module GRPC
-  extend MyLogger
+client = ::Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Client.new do |config|
+  config.logger = Logger.new "my-app.log"
 end
 ```
 
-
 ## Google Cloud Samples
 
 To browse ready to use code samples check [Google Cloud Samples](https://cloud.google.com/docs/samples).
 
 ## Supported Ruby Versions
 
-This library is supported on Ruby 2.7+.
+This library is supported on Ruby 3.0+.
 
 Google provides official support for Ruby versions that are actively supported
 by Ruby Core—that is, Ruby versions that are either in normal maintenance or

data/lib/google/cloud/security_center/v1p1beta1/security_center/client.rb

@@ -243,8 +243,19 @@ module Google
                 universe_domain: @config.universe_domain,
                 channel_args: @config.channel_args,
                 interceptors: @config.interceptors,
-                channel_pool_config: @config.channel_pool
+                channel_pool_config: @config.channel_pool,
+                logger: @config.logger
               )
+
+              @security_center_stub.stub_logger&.info do |entry|
+                entry.set_system_name
+                entry.set_service
+                entry.message = "Created client for #{entry.service}"
+                entry.set_credentials_fields credentials
+                entry.set "customEndpoint", @config.endpoint if @config.endpoint
+                entry.set "defaultTimeout", @config.timeout if @config.timeout
+                entry.set "quotaProject", @quota_project_id if @quota_project_id
+              end
             end
 
             ##
@@ -254,6 +265,15 @@ module Google
             #
             attr_reader :operations_client
 
+            ##
+            # The logger used for request/response debug logging.
+            #
+            # @return [Logger]
+            #
+            def logger
+              @security_center_stub.logger
+            end
+
             # Service calls
 
             ##
@@ -340,7 +360,6 @@ module Google
 
               @security_center_stub.call_rpc :create_source, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -433,7 +452,6 @@ module Google
 
               @security_center_stub.call_rpc :create_finding, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -527,7 +545,6 @@ module Google
 
               @security_center_stub.call_rpc :create_notification_config, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -614,7 +631,6 @@ module Google
 
               @security_center_stub.call_rpc :delete_notification_config, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -704,7 +720,6 @@ module Google
 
               @security_center_stub.call_rpc :get_iam_policy, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -791,7 +806,6 @@ module Google
 
               @security_center_stub.call_rpc :get_notification_config, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -878,7 +892,6 @@ module Google
 
               @security_center_stub.call_rpc :get_organization_settings, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -965,7 +978,6 @@ module Google
 
               @security_center_stub.call_rpc :get_source, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -1181,7 +1193,7 @@ module Google
               @security_center_stub.call_rpc :group_assets, request, options: options do |response, operation|
                 response = ::Gapic::PagedEnumerable.new @security_center_stub, :group_assets, request, response, operation, options
                 yield response, operation if block_given?
-                return response
+                throw :response, response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -1396,7 +1408,7 @@ module Google
               @security_center_stub.call_rpc :group_findings, request, options: options do |response, operation|
                 response = ::Gapic::PagedEnumerable.new @security_center_stub, :group_findings, request, response, operation, options
                 yield response, operation if block_given?
-                return response
+                throw :response, response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -1615,7 +1627,7 @@ module Google
               @security_center_stub.call_rpc :list_assets, request, options: options do |response, operation|
                 response = ::Gapic::PagedEnumerable.new @security_center_stub, :list_assets, request, response, operation, options
                 yield response, operation if block_given?
-                return response
+                throw :response, response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -1831,7 +1843,7 @@ module Google
               @security_center_stub.call_rpc :list_findings, request, options: options do |response, operation|
                 response = ::Gapic::PagedEnumerable.new @security_center_stub, :list_findings, request, response, operation, options
                 yield response, operation if block_given?
-                return response
+                throw :response, response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -1930,7 +1942,7 @@ module Google
               @security_center_stub.call_rpc :list_notification_configs, request, options: options do |response, operation|
                 response = ::Gapic::PagedEnumerable.new @security_center_stub, :list_notification_configs, request, response, operation, options
                 yield response, operation if block_given?
-                return response
+                throw :response, response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -2030,7 +2042,7 @@ module Google
               @security_center_stub.call_rpc :list_sources, request, options: options do |response, operation|
                 response = ::Gapic::PagedEnumerable.new @security_center_stub, :list_sources, request, response, operation, options
                 yield response, operation if block_given?
-                return response
+                throw :response, response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -2130,7 +2142,7 @@ module Google
               @security_center_stub.call_rpc :run_asset_discovery, request, options: options do |response, operation|
                 response = ::Gapic::Operation.new response, @operations_client, options: options
                 yield response, operation if block_given?
-                return response
+                throw :response, response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -2223,7 +2235,6 @@ module Google
 
               @security_center_stub.call_rpc :set_finding_state, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -2321,7 +2332,6 @@ module Google
 
               @security_center_stub.call_rpc :set_iam_policy, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -2413,7 +2423,6 @@ module Google
 
               @security_center_stub.call_rpc :test_iam_permissions, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -2513,7 +2522,6 @@ module Google
 
               @security_center_stub.call_rpc :update_finding, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -2604,7 +2612,6 @@ module Google
 
               @security_center_stub.call_rpc :update_notification_config, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -2694,7 +2701,6 @@ module Google
 
               @security_center_stub.call_rpc :update_organization_settings, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -2784,7 +2790,6 @@ module Google
 
               @security_center_stub.call_rpc :update_source, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -2880,7 +2885,6 @@ module Google
 
               @security_center_stub.call_rpc :update_security_marks, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -2930,6 +2934,13 @@ module Google
             #    *  (`GRPC::Core::Channel`) a gRPC channel with included credentials
             #    *  (`GRPC::Core::ChannelCredentials`) a gRPC credentails object
             #    *  (`nil`) indicating no credentials
+            #
+            #   Warning: If you accept a credential configuration (JSON file or Hash) from an
+            #   external source for authentication to Google Cloud, you must validate it before
+            #   providing it to a Google API client library. Providing an unvalidated credential
+            #   configuration to Google APIs can compromise the security of your systems and data.
+            #   For more information, refer to [Validate credential configurations from external
+            #   sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials).
             #   @return [::Object]
             # @!attribute [rw] scope
             #   The OAuth scopes
@@ -2969,6 +2980,11 @@ module Google
             #   default endpoint URL. The default value of nil uses the environment
             #   universe (usually the default "googleapis.com" universe).
             #   @return [::String,nil]
+            # @!attribute [rw] logger
+            #   A custom logger to use for request/response debug logging, or the value
+            #   `:default` (the default) to construct a default logger, or `nil` to
+            #   explicitly disable logging.
+            #   @return [::Logger,:default,nil]
             #
             class Configuration
               extend ::Gapic::Config
@@ -2993,6 +3009,7 @@ module Google
               config_attr :retry_policy,  nil, ::Hash, ::Proc, nil
               config_attr :quota_project, nil, ::String, nil
               config_attr :universe_domain, nil, ::String, nil
+              config_attr :logger, :default, ::Logger, nil, :default
 
               # @private
               def initialize parent_config = nil

data/lib/google/cloud/security_center/v1p1beta1/security_center/operations.rb

@@ -124,14 +124,6 @@ module Google
             # Lists operations that match the specified filter in the request. If the
             # server doesn't support this method, it returns `UNIMPLEMENTED`.
             #
-            # NOTE: the `name` binding allows API services to override the binding
-            # to use different resource name schemes, such as `users/*/operations`. To
-            # override the binding, API services can add a binding such as
-            # `"/v1/{name=users/*}/operations"` to their service configuration.
-            # For backwards compatibility, the default name includes the operations
-            # collection id, however overriding users must ensure the name binding
-            # is the parent resource, without the operations collection id.
-            #
             # @overload list_operations(request, options = nil)
             #   Pass arguments to `list_operations` via a request object, either of type
             #   {::Google::Longrunning::ListOperationsRequest} or an equivalent Hash.
@@ -221,7 +213,7 @@ module Google
                 wrap_lro_operation = ->(op_response) { ::Gapic::Operation.new op_response, @operations_client }
                 response = ::Gapic::PagedEnumerable.new @operations_stub, :list_operations, request, response, operation, options, format_resource: wrap_lro_operation
                 yield response, operation if block_given?
-                return response
+                throw :response, response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -317,7 +309,7 @@ module Google
               @operations_stub.call_rpc :get_operation, request, options: options do |response, operation|
                 response = ::Gapic::Operation.new response, @operations_client, options: options
                 yield response, operation if block_given?
-                return response
+                throw :response, response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -406,7 +398,6 @@ module Google
 
               @operations_stub.call_rpc :delete_operation, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -421,8 +412,9 @@ module Google
             # other methods to check whether the cancellation succeeded or whether the
             # operation completed despite cancellation. On successful cancellation,
             # the operation is not deleted; instead, it becomes an operation with
-            # an {::Google::Longrunning::Operation#error Operation.error} value with a {::Google::Rpc::Status#code google.rpc.Status.code} of 1,
-            # corresponding to `Code.CANCELLED`.
+            # an {::Google::Longrunning::Operation#error Operation.error} value with a
+            # {::Google::Rpc::Status#code google.rpc.Status.code} of `1`, corresponding to
+            # `Code.CANCELLED`.
             #
             # @overload cancel_operation(request, options = nil)
             #   Pass arguments to `cancel_operation` via a request object, either of type
@@ -501,7 +493,6 @@ module Google
 
               @operations_stub.call_rpc :cancel_operation, request, options: options do |response, operation|
                 yield response, operation if block_given?
-                return response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -599,7 +590,7 @@ module Google
               @operations_stub.call_rpc :wait_operation, request, options: options do |response, operation|
                 response = ::Gapic::Operation.new response, @operations_client, options: options
                 yield response, operation if block_given?
-                return response
+                throw :response, response
               end
             rescue ::GRPC::BadStatus => e
               raise ::Google::Cloud::Error.from_error(e)
@@ -649,6 +640,13 @@ module Google
             #    *  (`GRPC::Core::Channel`) a gRPC channel with included credentials
             #    *  (`GRPC::Core::ChannelCredentials`) a gRPC credentails object
             #    *  (`nil`) indicating no credentials
+            #
+            #   Warning: If you accept a credential configuration (JSON file or Hash) from an
+            #   external source for authentication to Google Cloud, you must validate it before
+            #   providing it to a Google API client library. Providing an unvalidated credential
+            #   configuration to Google APIs can compromise the security of your systems and data.
+            #   For more information, refer to [Validate credential configurations from external
+            #   sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials).
             #   @return [::Object]
             # @!attribute [rw] scope
             #   The OAuth scopes
@@ -688,6 +686,11 @@ module Google
             #   default endpoint URL. The default value of nil uses the environment
             #   universe (usually the default "googleapis.com" universe).
             #   @return [::String,nil]
+            # @!attribute [rw] logger
+            #   A custom logger to use for request/response debug logging, or the value
+            #   `:default` (the default) to construct a default logger, or `nil` to
+            #   explicitly disable logging.
+            #   @return [::Logger,:default,nil]
             #
             class Configuration
               extend ::Gapic::Config
@@ -712,6 +715,7 @@ module Google
               config_attr :retry_policy,  nil, ::Hash, ::Proc, nil
               config_attr :quota_project, nil, ::String, nil
               config_attr :universe_domain, nil, ::String, nil
+              config_attr :logger, :default, ::Logger, nil, :default
 
               # @private
               def initialize parent_config = nil