strongdm 2.1.0 → 2.6.0

data/lib/strongdm.rb

@@ -18,6 +18,7 @@
 require_relative "./svc"
 require "base64"
 require "openssl"
+require "time"
 
 module SDM #:nodoc:
 
@@ -27,11 +28,11 @@ module SDM #:nodoc:
     DEFAULT_BASE_RETRY_DELAY = 0.0030 # 30 ms
     DEFAULT_MAX_RETRY_DELAY = 300 # 300 seconds
     API_VERSION = "2021-08-23"
-    USER_AGENT = "strongdm-sdk-ruby/2.1.0"
+    USER_AGENT = "strongdm-sdk-ruby/2.6.0"
     private_constant :DEFAULT_MAX_RETRIES, :DEFAULT_BASE_RETRY_DELAY, :DEFAULT_MAX_RETRY_DELAY, :API_VERSION, :USER_AGENT
 
     # Creates a new strongDM API client.
-    def initialize(api_access_key, api_secret_key, host: "api.strongdm.com:443", insecure: false)
+    def initialize(api_access_key, api_secret_key, host: "api.strongdm.com:443", insecure: false, retry_rate_limit_errors: true)
       raise TypeError, "client access key must be a string" unless api_access_key.kind_of?(String)
       raise TypeError, "client secret key must be a string" unless api_secret_key.kind_of?(String)
       raise TypeError, "client host must be a string" unless host.kind_of?(String)
@@ -40,11 +41,14 @@ module SDM #:nodoc:
       @max_retries = DEFAULT_MAX_RETRIES
       @base_retry_delay = DEFAULT_BASE_RETRY_DELAY
       @max_retry_delay = DEFAULT_MAX_RETRY_DELAY
+      @expose_rate_limit_errors = (not retry_rate_limit_errors)
       @account_attachments = AccountAttachments.new(host, insecure, self)
       @account_grants = AccountGrants.new(host, insecure, self)
       @accounts = Accounts.new(host, insecure, self)
       @control_panel = ControlPanel.new(host, insecure, self)
       @nodes = Nodes.new(host, insecure, self)
+      @remote_identities = RemoteIdentities.new(host, insecure, self)
+      @remote_identity_groups = RemoteIdentityGroups.new(host, insecure, self)
       @resources = Resources.new(host, insecure, self)
       @role_attachments = RoleAttachments.new(host, insecure, self)
       @role_grants = RoleGrants.new(host, insecure, self)
@@ -94,6 +98,17 @@ module SDM #:nodoc:
       if not err.is_a? GRPC::BadStatus
         return true
       end
+      porcelainErr = Plumbing::convert_error_to_porcelain(err)
+      if (not @expose_rate_limit_errors) and (porcelainErr.is_a? RateLimitError)
+        sleep_for = porcelainErr.rate_limit.reset_at - Time.now
+        # If timezones or clock drift causes this calculation to fail,
+        # wait at most one minute.
+        if sleep_for < 0 or sleep_for > 60
+          sleep_for = 60
+        end
+        sleep(sleep_for)
+        return true
+      end
       return err.code() == 13
     end
 
@@ -127,6 +142,15 @@ module SDM #:nodoc:
     #
     # See {Nodes}.
     attr_reader :nodes
+    # RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.
+    #
+    # See {RemoteIdentities}.
+    attr_reader :remote_identities
+    # A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts.
+    # An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.
+    #
+    # See {RemoteIdentityGroups}.
+    attr_reader :remote_identity_groups
     # Resources are databases, servers, clusters, websites, or clouds that strongDM
     # delegates access to.
     #

data/lib/svc.rb

@@ -759,6 +759,272 @@ module SDM #:nodoc:
     end
   end
 
+  # RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.
+  #
+  # See {RemoteIdentity}.
+  class RemoteIdentities
+    extend Gem::Deprecate
+
+    def initialize(host, insecure, parent)
+      begin
+        if insecure
+          @stub = V1::RemoteIdentities::Stub.new(host, :this_channel_is_insecure)
+        else
+          cred = GRPC::Core::ChannelCredentials.new()
+          @stub = V1::RemoteIdentities::Stub.new(host, cred)
+        end
+      rescue => exception
+        raise Plumbing::convert_error_to_porcelain(exception)
+      end
+      @parent = parent
+    end
+
+    # Create registers a new RemoteIdentity.
+    def create(
+      remote_identity,
+      deadline: nil
+    )
+      req = V1::RemoteIdentityCreateRequest.new()
+
+      req.remote_identity = Plumbing::convert_remote_identity_to_plumbing(remote_identity)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.create(req, metadata: @parent.get_metadata("RemoteIdentities.Create", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = RemoteIdentityCreateResponse.new()
+      resp.meta = Plumbing::convert_create_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp.remote_identity = Plumbing::convert_remote_identity_to_porcelain(plumbing_response.remote_identity)
+      resp
+    end
+
+    # Get reads one RemoteIdentity by ID.
+    def get(
+      id,
+      deadline: nil
+    )
+      req = V1::RemoteIdentityGetRequest.new()
+
+      req.id = (id)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.get(req, metadata: @parent.get_metadata("RemoteIdentities.Get", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = RemoteIdentityGetResponse.new()
+      resp.meta = Plumbing::convert_get_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp.remote_identity = Plumbing::convert_remote_identity_to_porcelain(plumbing_response.remote_identity)
+      resp
+    end
+
+    # Update replaces all the fields of a RemoteIdentity by ID.
+    def update(
+      remote_identity,
+      deadline: nil
+    )
+      req = V1::RemoteIdentityUpdateRequest.new()
+
+      req.remote_identity = Plumbing::convert_remote_identity_to_plumbing(remote_identity)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.update(req, metadata: @parent.get_metadata("RemoteIdentities.Update", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = RemoteIdentityUpdateResponse.new()
+      resp.meta = Plumbing::convert_update_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp.remote_identity = Plumbing::convert_remote_identity_to_porcelain(plumbing_response.remote_identity)
+      resp
+    end
+
+    # Delete removes a RemoteIdentity by ID.
+    def delete(
+      id,
+      deadline: nil
+    )
+      req = V1::RemoteIdentityDeleteRequest.new()
+
+      req.id = (id)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.delete(req, metadata: @parent.get_metadata("RemoteIdentities.Delete", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = RemoteIdentityDeleteResponse.new()
+      resp.meta = Plumbing::convert_delete_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp
+    end
+
+    # List gets a list of RemoteIdentities matching a given set of criteria.
+    def list(
+      filter,
+      *args,
+      deadline: nil
+    )
+      req = V1::RemoteIdentityListRequest.new()
+      req.meta = V1::ListRequestMetadata.new()
+      page_size_option = @parent._test_options["PageSize"]
+      if page_size_option.is_a? Integer
+        req.meta.limit = page_size_option
+      end
+
+      req.filter = Plumbing::quote_filter_args(filter, *args)
+      resp = Enumerator::Generator.new { |g|
+        tries = 0
+        loop do
+          begin
+            plumbing_response = @stub.list(req, metadata: @parent.get_metadata("RemoteIdentities.List", req), deadline: deadline)
+          rescue => exception
+            if (@parent.shouldRetry(tries, exception))
+              tries + +@parent.jitterSleep(tries)
+              next
+            end
+            raise Plumbing::convert_error_to_porcelain(exception)
+          end
+          tries = 0
+          plumbing_response.remote_identities.each do |plumbing_item|
+            g.yield Plumbing::convert_remote_identity_to_porcelain(plumbing_item)
+          end
+          break if plumbing_response.meta.next_cursor == ""
+          req.meta.cursor = plumbing_response.meta.next_cursor
+        end
+      }
+      resp
+    end
+  end
+
+  # A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts.
+  # An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.
+  #
+  # See {RemoteIdentityGroup}.
+  class RemoteIdentityGroups
+    extend Gem::Deprecate
+
+    def initialize(host, insecure, parent)
+      begin
+        if insecure
+          @stub = V1::RemoteIdentityGroups::Stub.new(host, :this_channel_is_insecure)
+        else
+          cred = GRPC::Core::ChannelCredentials.new()
+          @stub = V1::RemoteIdentityGroups::Stub.new(host, cred)
+        end
+      rescue => exception
+        raise Plumbing::convert_error_to_porcelain(exception)
+      end
+      @parent = parent
+    end
+
+    # Get reads one RemoteIdentityGroup by ID.
+    def get(
+      id,
+      deadline: nil
+    )
+      req = V1::RemoteIdentityGroupGetRequest.new()
+
+      req.id = (id)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.get(req, metadata: @parent.get_metadata("RemoteIdentityGroups.Get", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = RemoteIdentityGroupGetResponse.new()
+      resp.meta = Plumbing::convert_get_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp.remote_identity_group = Plumbing::convert_remote_identity_group_to_porcelain(plumbing_response.remote_identity_group)
+      resp
+    end
+
+    # List gets a list of RemoteIdentityGroups matching a given set of criteria.
+    def list(
+      filter,
+      *args,
+      deadline: nil
+    )
+      req = V1::RemoteIdentityGroupListRequest.new()
+      req.meta = V1::ListRequestMetadata.new()
+      page_size_option = @parent._test_options["PageSize"]
+      if page_size_option.is_a? Integer
+        req.meta.limit = page_size_option
+      end
+
+      req.filter = Plumbing::quote_filter_args(filter, *args)
+      resp = Enumerator::Generator.new { |g|
+        tries = 0
+        loop do
+          begin
+            plumbing_response = @stub.list(req, metadata: @parent.get_metadata("RemoteIdentityGroups.List", req), deadline: deadline)
+          rescue => exception
+            if (@parent.shouldRetry(tries, exception))
+              tries + +@parent.jitterSleep(tries)
+              next
+            end
+            raise Plumbing::convert_error_to_porcelain(exception)
+          end
+          tries = 0
+          plumbing_response.remote_identity_groups.each do |plumbing_item|
+            g.yield Plumbing::convert_remote_identity_group_to_porcelain(plumbing_item)
+          end
+          break if plumbing_response.meta.next_cursor == ""
+          req.meta.cursor = plumbing_response.meta.next_cursor
+        end
+      }
+      resp
+    end
+  end
+
   # Resources are databases, servers, clusters, websites, or clouds that strongDM
   # delegates access to.
   #

data/lib/version

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "2.1.0"
+  VERSION = "2.6.0"
 end

data/lib/version.rb

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "2.1.0"
+  VERSION = "2.6.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: strongdm
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.6.0
 platform: ruby
 authors:
 - strongDM Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-04-22 00:00:00.000000000 Z
+date: 2022-06-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc
@@ -79,8 +79,8 @@ files:
 - "./.git/logs/HEAD"
 - "./.git/logs/refs/heads/master"
 - "./.git/logs/refs/remotes/origin/HEAD"
-- "./.git/objects/pack/pack-a86846bb97666919e629e876c52e6b012d588625.idx"
-- "./.git/objects/pack/pack-a86846bb97666919e629e876c52e6b012d588625.pack"
+- "./.git/objects/pack/pack-886c8b7b48ee02690285f26795cb132efb2f15f6.idx"
+- "./.git/objects/pack/pack-886c8b7b48ee02690285f26795cb132efb2f15f6.pack"
 - "./.git/packed-refs"
 - "./.git/refs/heads/master"
 - "./.git/refs/remotes/origin/HEAD"
@@ -101,6 +101,10 @@ files:
 - "./lib/grpc/nodes_services_pb.rb"
 - "./lib/grpc/options_pb.rb"
 - "./lib/grpc/plumbing.rb"
+- "./lib/grpc/remote_identities_pb.rb"
+- "./lib/grpc/remote_identities_services_pb.rb"
+- "./lib/grpc/remote_identity_groups_pb.rb"
+- "./lib/grpc/remote_identity_groups_services_pb.rb"
 - "./lib/grpc/resources_pb.rb"
 - "./lib/grpc/resources_services_pb.rb"
 - "./lib/grpc/role_attachments_pb.rb"