strongdm 3.5.5 → 3.6.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 05f597f5d34b2450a28bf04dffc2921eb8fd6a51b4e80ddf7967da4d4dca1522
-  data.tar.gz: 0fbb02d96799b6fc07866ed9e62555be5ab7cf00b723ed7d95c9e26ed9fce4c3
+  metadata.gz: 0422edba8bf3e651e34ee80a04636820bf84c3091cf6ce57ea33ad4e0d554720
+  data.tar.gz: 803d2fece2c378b009e06da5676969a07fdf34ef8187dd0ebe65cc0412c102f7
 SHA512:
-  metadata.gz: cf0903d086fa186201d64fdd22653f65bb677c8d9cb26e05a07fed4b08b5bb294b686b6a9c8414bf598f5b434c284c7aa9e07e0c7ca3d7d60679541ef21f2f78
-  data.tar.gz: d68a6d9fe5a7676dcd31920c4ebf799abdc609d322e6fa5aa34efe293db1c78452d7ebbed9834544b22e003b9d98faec1f5fdef89be27eabcf23151e86795ddd
+  metadata.gz: 134fdc741aa68a757e732a3d51719fb4ad441593b52e4f39d3d015569f5f478d5bb44151602ff62c74f0c98bad99291ebc21fa7ca8c363cc068d6155360af82c
+  data.tar.gz: 9230544165b6e5a015170105f6edc97d323e8011421b828ea9007e52b60bb6d999b2c2546235a28bafc7f80aff4ec07a03dca5718734716396a8470bd22c3053

data/.git/ORIG_HEAD

@@ -1 +1 @@
-67d9309e77842e64a4b43d8c3fa2c52ece706a3d
+7f688fbda6c715ebd7f057720b4e16216ff54064

data/.git/hooks/fsmonitor-watchman.sample

@@ -8,107 +8,166 @@ use IPC::Open2;
 # (https://facebook.github.io/watchman/) with git to speed up detecting
 # new and modified files.
 #
-# The hook is passed a version (currently 1) and a time in nanoseconds
-# formatted as a string and outputs to stdout all files that have been
-# modified since the given time. Paths must be relative to the root of
-# the working tree and separated by a single NUL.
+# The hook is passed a version (currently 2) and last update token
+# formatted as a string and outputs to stdout a new update token and
+# all files that have been modified since the update token. Paths must
+# be relative to the root of the working tree and separated by a single NUL.
 #
 # To enable this hook, rename this file to "query-watchman" and set
 # 'git config core.fsmonitor .git/hooks/query-watchman'
 #
-my ($version, $time) = @ARGV;
+my ($version, $last_update_token) = @ARGV;
 
-# Check the hook interface version
+# Uncomment for debugging
+# print STDERR "$0 $version $last_update_token\n";
 
-if ($version == 1) {
-	# convert nanoseconds to seconds
-	$time = int $time / 1000000000;
-} else {
+# Check the hook interface version
+if ($version ne 2) {
 	die "Unsupported query-fsmonitor hook version '$version'.\n" .
 	    "Falling back to scanning...\n";
 }
 
-my $git_work_tree;
-if ($^O =~ 'msys' || $^O =~ 'cygwin') {
-	$git_work_tree = Win32::GetCwd();
-	$git_work_tree =~ tr/\\/\//;
-} else {
-	require Cwd;
-	$git_work_tree = Cwd::cwd();
-}
+my $git_work_tree = get_working_dir();
 
 my $retry = 1;
 
+my $json_pkg;
+eval {
+	require JSON::XS;
+	$json_pkg = "JSON::XS";
+	1;
+} or do {
+	require JSON::PP;
+	$json_pkg = "JSON::PP";
+};
+
 launch_watchman();
 
 sub launch_watchman {
+	my $o = watchman_query();
+	if (is_work_tree_watched($o)) {
+		output_result($o->{clock}, @{$o->{files}});
+	}
+}
+
+sub output_result {
+	my ($clockid, @files) = @_;
 
+	# Uncomment for debugging watchman output
+	# open (my $fh, ">", ".git/watchman-output.out");
+	# binmode $fh, ":utf8";
+	# print $fh "$clockid\n@files\n";
+	# close $fh;
+
+	binmode STDOUT, ":utf8";
+	print $clockid;
+	print "\0";
+	local $, = "\0";
+	print @files;
+}
+
+sub watchman_clock {
+	my $response = qx/watchman clock "$git_work_tree"/;
+	die "Failed to get clock id on '$git_work_tree'.\n" .
+		"Falling back to scanning...\n" if $? != 0;
+
+	return $json_pkg->new->utf8->decode($response);
+}
+
+sub watchman_query {
 	my $pid = open2(\*CHLD_OUT, \*CHLD_IN, 'watchman -j --no-pretty')
-	    or die "open2() failed: $!\n" .
-	    "Falling back to scanning...\n";
+	or die "open2() failed: $!\n" .
+	"Falling back to scanning...\n";
 
 	# In the query expression below we're asking for names of files that
-	# changed since $time but were not transient (ie created after
-	# $time but no longer exist).
+	# changed since $last_update_token but not from the .git folder.
 	#
 	# To accomplish this, we're using the "since" generator to use the
 	# recency index to select candidate nodes and "fields" to limit the
 	# output to file names only. Then we're using the "expression" term to
 	# further constrain the results.
-	#
-	# The category of transient files that we want to ignore will have a
-	# creation clock (cclock) newer than $time_t value and will also not
-	# currently exist.
-
+	if (substr($last_update_token, 0, 1) eq "c") {
+		$last_update_token = "\"$last_update_token\"";
+	}
 	my $query = <<"	END";
 		["query", "$git_work_tree", {
-			"since": $time,
+			"since": $last_update_token,
 			"fields": ["name"],
-			"expression": ["not", ["allof", ["since", $time, "cclock"], ["not", "exists"]]]
+			"expression": ["not", ["dirname", ".git"]]
 		}]
 	END
 
+	# Uncomment for debugging the watchman query
+	# open (my $fh, ">", ".git/watchman-query.json");
+	# print $fh $query;
+	# close $fh;
+
 	print CHLD_IN $query;
 	close CHLD_IN;
 	my $response = do {local $/; <CHLD_OUT>};
 
+	# Uncomment for debugging the watch response
+	# open ($fh, ">", ".git/watchman-response.json");
+	# print $fh $response;
+	# close $fh;
+
 	die "Watchman: command returned no output.\n" .
-	    "Falling back to scanning...\n" if $response eq "";
+	"Falling back to scanning...\n" if $response eq "";
 	die "Watchman: command returned invalid output: $response\n" .
-	    "Falling back to scanning...\n" unless $response =~ /^\{/;
-
-	my $json_pkg;
-	eval {
-		require JSON::XS;
-		$json_pkg = "JSON::XS";
-		1;
-	} or do {
-		require JSON::PP;
-		$json_pkg = "JSON::PP";
-	};
-
-	my $o = $json_pkg->new->utf8->decode($response);
-
-	if ($retry > 0 and $o->{error} and $o->{error} =~ m/unable to resolve root .* directory (.*) is not watched/) {
-		print STDERR "Adding '$git_work_tree' to watchman's watch list.\n";
+	"Falling back to scanning...\n" unless $response =~ /^\{/;
+
+	return $json_pkg->new->utf8->decode($response);
+}
+
+sub is_work_tree_watched {
+	my ($output) = @_;
+	my $error = $output->{error};
+	if ($retry > 0 and $error and $error =~ m/unable to resolve root .* directory (.*) is not watched/) {
 		$retry--;
-		qx/watchman watch "$git_work_tree"/;
+		my $response = qx/watchman watch "$git_work_tree"/;
 		die "Failed to make watchman watch '$git_work_tree'.\n" .
 		    "Falling back to scanning...\n" if $? != 0;
+		$output = $json_pkg->new->utf8->decode($response);
+		$error = $output->{error};
+		die "Watchman: $error.\n" .
+		"Falling back to scanning...\n" if $error;
+
+		# Uncomment for debugging watchman output
+		# open (my $fh, ">", ".git/watchman-output.out");
+		# close $fh;
 
 		# Watchman will always return all files on the first query so
 		# return the fast "everything is dirty" flag to git and do the
 		# Watchman query just to get it over with now so we won't pay
 		# the cost in git to look up each individual file.
-		print "/\0";
+		my $o = watchman_clock();
+		$error = $output->{error};
+
+		die "Watchman: $error.\n" .
+		"Falling back to scanning...\n" if $error;
+
+		output_result($o->{clock}, ("/"));
+		$last_update_token = $o->{clock};
+
 		eval { launch_watchman() };
-		exit 0;
+		return 0;
 	}
 
-	die "Watchman: $o->{error}.\n" .
-	    "Falling back to scanning...\n" if $o->{error};
+	die "Watchman: $error.\n" .
+	"Falling back to scanning...\n" if $error;
 
-	binmode STDOUT, ":utf8";
-	local $, = "\0";
-	print @{$o->{files}};
+	return 1;
+}
+
+sub get_working_dir {
+	my $working_dir;
+	if ($^O =~ 'msys' || $^O =~ 'cygwin') {
+		$working_dir = Win32::GetCwd();
+		$working_dir =~ tr/\\/\//;
+	} else {
+		require Cwd;
+		$working_dir = Cwd::cwd();
+	}
+
+	return $working_dir;
 }

data/.git/hooks/pre-commit.sample

@@ -12,11 +12,11 @@ then
 	against=HEAD
 else
 	# Initial commit: diff against an empty tree object
-	against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
+	against=$(git hash-object -t tree /dev/null)
 fi
 
 # If you want to allow non-ASCII filenames set this variable to true.
-allownonascii=$(git config --bool hooks.allownonascii)
+allownonascii=$(git config --type=bool hooks.allownonascii)
 
 # Redirect output to stderr.
 exec 1>&2

data/.git/hooks/pre-merge-commit.sample

@@ -0,0 +1,13 @@
+#!/bin/sh
+#
+# An example hook script to verify what is about to be committed.
+# Called by "git merge" with no arguments.  The hook should
+# exit with non-zero status after issuing an appropriate message to
+# stderr if it wants to stop the merge commit.
+#
+# To enable this hook, rename this file to "pre-merge-commit".
+
+. git-sh-setup
+test -x "$GIT_DIR/hooks/pre-commit" &&
+        exec "$GIT_DIR/hooks/pre-commit"
+:

data/.git/hooks/pre-push.sample

@@ -14,7 +14,7 @@
 # Information about the commits which are being pushed is supplied as lines to
 # the standard input in the form:
 #
-#   <local ref> <local sha1> <remote ref> <remote sha1>
+#   <local ref> <local oid> <remote ref> <remote oid>
 #
 # This sample shows how to prevent push of commits where the log message starts
 # with "WIP" (work in progress).
@@ -22,27 +22,27 @@
 remote="$1"
 url="$2"
 
-z40=0000000000000000000000000000000000000000
+zero=$(git hash-object --stdin </dev/null | tr '[0-9a-f]' '0')
 
-while read local_ref local_sha remote_ref remote_sha
+while read local_ref local_oid remote_ref remote_oid
 do
-	if [ "$local_sha" = $z40 ]
+	if test "$local_oid" = "$zero"
 	then
 		# Handle delete
 		:
 	else
-		if [ "$remote_sha" = $z40 ]
+		if test "$remote_oid" = "$zero"
 		then
 			# New branch, examine all commits
-			range="$local_sha"
+			range="$local_oid"
 		else
 			# Update to existing branch, examine new commits
-			range="$remote_sha..$local_sha"
+			range="$remote_oid..$local_oid"
 		fi
 
 		# Check for WIP commit
-		commit=`git rev-list -n 1 --grep '^WIP' "$range"`
-		if [ -n "$commit" ]
+		commit=$(git rev-list -n 1 --grep '^WIP' "$range")
+		if test -n "$commit"
 		then
 			echo >&2 "Found WIP commit in $local_ref, not pushing"
 			exit 1

data/.git/hooks/push-to-checkout.sample

@@ -0,0 +1,78 @@
+#!/bin/sh
+
+# An example hook script to update a checked-out tree on a git push.
+#
+# This hook is invoked by git-receive-pack(1) when it reacts to git
+# push and updates reference(s) in its repository, and when the push
+# tries to update the branch that is currently checked out and the
+# receive.denyCurrentBranch configuration variable is set to
+# updateInstead.
+#
+# By default, such a push is refused if the working tree and the index
+# of the remote repository has any difference from the currently
+# checked out commit; when both the working tree and the index match
+# the current commit, they are updated to match the newly pushed tip
+# of the branch. This hook is to be used to override the default
+# behaviour; however the code below reimplements the default behaviour
+# as a starting point for convenient modification.
+#
+# The hook receives the commit with which the tip of the current
+# branch is going to be updated:
+commit=$1
+
+# It can exit with a non-zero status to refuse the push (when it does
+# so, it must not modify the index or the working tree).
+die () {
+	echo >&2 "$*"
+	exit 1
+}
+
+# Or it can make any necessary changes to the working tree and to the
+# index to bring them to the desired state when the tip of the current
+# branch is updated to the new commit, and exit with a zero status.
+#
+# For example, the hook can simply run git read-tree -u -m HEAD "$1"
+# in order to emulate git fetch that is run in the reverse direction
+# with git push, as the two-tree form of git read-tree -u -m is
+# essentially the same as git switch or git checkout that switches
+# branches while keeping the local changes in the working tree that do
+# not interfere with the difference between the branches.
+
+# The below is a more-or-less exact translation to shell of the C code
+# for the default behaviour for git's push-to-checkout hook defined in
+# the push_to_deploy() function in builtin/receive-pack.c.
+#
+# Note that the hook will be executed from the repository directory,
+# not from the working tree, so if you want to perform operations on
+# the working tree, you will have to adapt your code accordingly, e.g.
+# by adding "cd .." or using relative paths.
+
+if ! git update-index -q --ignore-submodules --refresh
+then
+	die "Up-to-date check failed"
+fi
+
+if ! git diff-files --quiet --ignore-submodules --
+then
+	die "Working directory has unstaged changes"
+fi
+
+# This is a rough translation of:
+#
+#   head_has_history() ? "HEAD" : EMPTY_TREE_SHA1_HEX
+if git cat-file -e HEAD 2>/dev/null
+then
+	head=HEAD
+else
+	head=$(git hash-object -t tree --stdin </dev/null)
+fi
+
+if ! git diff-index --quiet --cached --ignore-submodules $head --
+then
+	die "Working directory has staged changes"
+fi
+
+if ! git read-tree -u -m "$commit"
+then
+	die "Could not update working tree to new HEAD"
+fi

data/.git/hooks/update.sample

@@ -43,11 +43,11 @@ if [ -z "$refname" -o -z "$oldrev" -o -z "$newrev" ]; then
 fi
 
 # --- Config
-allowunannotated=$(git config --bool hooks.allowunannotated)
-allowdeletebranch=$(git config --bool hooks.allowdeletebranch)
-denycreatebranch=$(git config --bool hooks.denycreatebranch)
-allowdeletetag=$(git config --bool hooks.allowdeletetag)
-allowmodifytag=$(git config --bool hooks.allowmodifytag)
+allowunannotated=$(git config --type=bool hooks.allowunannotated)
+allowdeletebranch=$(git config --type=bool hooks.allowdeletebranch)
+denycreatebranch=$(git config --type=bool hooks.denycreatebranch)
+allowdeletetag=$(git config --type=bool hooks.allowdeletetag)
+allowmodifytag=$(git config --type=bool hooks.allowmodifytag)
 
 # check for no description
 projectdesc=$(sed -e '1q' "$GIT_DIR/description")
@@ -60,7 +60,7 @@ esac
 
 # --- Check types
 # if $newrev is 0000...0000, it's a commit to delete a ref.
-zero="0000000000000000000000000000000000000000"
+zero=$(git hash-object --stdin </dev/null | tr '[0-9a-f]' '0')
 if [ "$newrev" = "$zero" ]; then
 	newrev_type=delete
 else

data/.git/logs/HEAD

@@ -1,3 +1,3 @@
-0000000000000000000000000000000000000000 67d9309e77842e64a4b43d8c3fa2c52ece706a3d sdmrelease <support@strongdm.com> 1671651098 +0000	clone: from git@github.com:strongdm/strongdm-sdk-ruby.git
-67d9309e77842e64a4b43d8c3fa2c52ece706a3d 67d9309e77842e64a4b43d8c3fa2c52ece706a3d sdmrelease <support@strongdm.com> 1671651098 +0000	checkout: moving from master to master
-67d9309e77842e64a4b43d8c3fa2c52ece706a3d ed61eaceb77e62a0c1a0bb8d36fc0bda7b242af4 sdmrelease <support@strongdm.com> 1671651098 +0000	merge origin/development: Fast-forward
+0000000000000000000000000000000000000000 7f688fbda6c715ebd7f057720b4e16216ff54064 root <root@a1a787bc334e.(none)> 1676573766 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
+7f688fbda6c715ebd7f057720b4e16216ff54064 7f688fbda6c715ebd7f057720b4e16216ff54064 root <root@a1a787bc334e.(none)> 1676573766 +0000	checkout: moving from master to master
+7f688fbda6c715ebd7f057720b4e16216ff54064 ffd4706f2b64466550868d42ee2a5a4b88b3a372 root <root@a1a787bc334e.(none)> 1676573766 +0000	merge origin/development: Fast-forward

data/.git/logs/refs/heads/master

@@ -1,2 +1,2 @@
-0000000000000000000000000000000000000000 67d9309e77842e64a4b43d8c3fa2c52ece706a3d sdmrelease <support@strongdm.com> 1671651098 +0000	clone: from git@github.com:strongdm/strongdm-sdk-ruby.git
-67d9309e77842e64a4b43d8c3fa2c52ece706a3d ed61eaceb77e62a0c1a0bb8d36fc0bda7b242af4 sdmrelease <support@strongdm.com> 1671651098 +0000	merge origin/development: Fast-forward
+0000000000000000000000000000000000000000 7f688fbda6c715ebd7f057720b4e16216ff54064 root <root@a1a787bc334e.(none)> 1676573766 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
+7f688fbda6c715ebd7f057720b4e16216ff54064 ffd4706f2b64466550868d42ee2a5a4b88b3a372 root <root@a1a787bc334e.(none)> 1676573766 +0000	merge origin/development: Fast-forward

data/.git/logs/refs/remotes/origin/HEAD

@@ -1 +1 @@
-0000000000000000000000000000000000000000 67d9309e77842e64a4b43d8c3fa2c52ece706a3d sdmrelease <support@strongdm.com> 1671651098 +0000	clone: from git@github.com:strongdm/strongdm-sdk-ruby.git
+0000000000000000000000000000000000000000 7f688fbda6c715ebd7f057720b4e16216ff54064 root <root@a1a787bc334e.(none)> 1676573766 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git

data/.git/packed-refs

@@ -1,6 +1,6 @@
 # pack-refs with: peeled fully-peeled sorted 
-ed61eaceb77e62a0c1a0bb8d36fc0bda7b242af4 refs/remotes/origin/development
-67d9309e77842e64a4b43d8c3fa2c52ece706a3d refs/remotes/origin/master
+ffd4706f2b64466550868d42ee2a5a4b88b3a372 refs/remotes/origin/development
+7f688fbda6c715ebd7f057720b4e16216ff54064 refs/remotes/origin/master
 2e4fe8087177ddea9b3991ca499f758384839c89 refs/tags/untagged-84fd83a4484c785cce63
 04f604866214fab4d5663b5171a3e596331577bd refs/tags/v0.9.4
 6f9a7b75b345c65fb554884907b7060680c807b7 refs/tags/v0.9.5
@@ -53,3 +53,5 @@ bfb8a3cdb41c617913f0295b25ac7ecc7398d2c2 refs/tags/v3.5.0
 8ddacf3c9cbe388ee11ed4617ba41cf7b0cc2a41 refs/tags/v3.5.1
 003b46a249146cb3a4f25d16432c89f0b78ac37c refs/tags/v3.5.3
 67d9309e77842e64a4b43d8c3fa2c52ece706a3d refs/tags/v3.5.4
+ed61eaceb77e62a0c1a0bb8d36fc0bda7b242af4 refs/tags/v3.5.5
+7f688fbda6c715ebd7f057720b4e16216ff54064 refs/tags/v3.6.0

data/.git/refs/heads/master

@@ -1 +1 @@
-ed61eaceb77e62a0c1a0bb8d36fc0bda7b242af4
+ffd4706f2b64466550868d42ee2a5a4b88b3a372

data/.gitignore

@@ -0,0 +1 @@
+*.gem

data/lib/constants.rb

@@ -44,6 +44,7 @@ module SDM
 
   # Providers responsible for managing roles and users.
   # None, or an empty string, implies the user is managed by strongDM.
+  # Deprecated: Please use SCIMProvider instead.
   module Provider
     NONE = ""
     OKTA = "okta"
@@ -53,4 +54,16 @@ module SDM
     ONE_LOGIN = "onelogin"
     GOOGLE = "google"
   end
+
+  # Providers responsible for managing roles and users.
+  # None, or an empty string, implies the user is managed by strongDM.
+  module SCIMProvider
+    NONE = ""
+    OKTA = "okta"
+    SAIL_POINT = "sailpoint"
+    AZURE = "azure"
+    GENERIC = "generic"
+    ONE_LOGIN = "onelogin"
+    GOOGLE = "google"
+  end
 end

data/lib/grpc/drivers_pb.rb

@@ -32,6 +32,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
         optional :aws_console, :message, 3000, "v1.AWSConsole"
         optional :aws_console_static_key_pair, :message, 3001, "v1.AWSConsoleStaticKeyPair"
         optional :amazon_eks, :message, 802, "v1.AmazonEKS"
+        optional :amazon_eks_instance_profile, :message, 809, "v1.AmazonEKSInstanceProfile"
         optional :amazon_eks_user_impersonation, :message, 818, "v1.AmazonEKSUserImpersonation"
         optional :amazon_es, :message, 600, "v1.AmazonES"
         optional :amazon_mqamqp_091, :message, 2501, "v1.AmazonMQAMQP091"
@@ -250,6 +251,24 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :role_external_id, :string, 10
       optional :secret_access_key, :string, 3
     end
+    add_message "v1.AmazonEKSInstanceProfile" do
+      optional :id, :string, 32768
+      optional :name, :string, 32769
+      optional :healthy, :bool, 32770
+      optional :tags, :message, 32771, "v1.Tags"
+      optional :secret_store_id, :string, 32772
+      optional :egress_filter, :string, 32773
+      optional :bind_interface, :string, 32774
+      optional :certificate_authority, :string, 2
+      optional :cluster_name, :string, 5
+      optional :endpoint, :string, 1
+      optional :healthcheck_namespace, :string, 8
+      optional :region, :string, 4
+      optional :remote_identity_group_id, :string, 9
+      optional :remote_identity_healthcheck_username, :string, 10
+      optional :role_arn, :string, 6
+      optional :role_external_id, :string, 7
+    end
     add_message "v1.AmazonEKSUserImpersonation" do
       optional :id, :string, 32768
       optional :name, :string, 32769
@@ -1277,6 +1296,7 @@ module V1
   AWSConsole = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AWSConsole").msgclass
   AWSConsoleStaticKeyPair = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AWSConsoleStaticKeyPair").msgclass
   AmazonEKS = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AmazonEKS").msgclass
+  AmazonEKSInstanceProfile = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AmazonEKSInstanceProfile").msgclass
   AmazonEKSUserImpersonation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AmazonEKSUserImpersonation").msgclass
   AmazonES = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AmazonES").msgclass
   AmazonMQAMQP091 = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AmazonMQAMQP091").msgclass

data/lib/grpc/options_pb.rb

@@ -26,6 +26,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :main_noun, :string, 1941400
       optional :id_prefix, :string, 1941402
       repeated :targets, :string, 1941401
+      optional :disable_snapshot_vertical, :bool, 1941403
     end
     add_message "v1.MethodOptions" do
       optional :method, :string, 1941300

data/lib/grpc/plumbing.rb

@@ -70,6 +70,20 @@ module SDM
       return Google::Protobuf::Timestamp.new(seconds: t.to_i, nanos: t.nsec)
     end
 
+    def self.convert_duration_to_porcelain(d)
+      if d == nil
+        return nil
+      end
+      return d.to_f
+    end
+
+    def self.convert_duration_to_plumbing(d)
+      if d == nil
+        return nil
+      end
+      return Google::Protobuf::Duration.new(seconds: d.to_i, nanos: (d.modulo(1) * 10 ** 9).to_i)
+    end
+
     def self.convert_tags_to_porcelain(t)
       if t == nil
         return nil
@@ -1202,6 +1216,70 @@ module SDM
       end
       items
     end
+    def self.convert_amazon_eks_instance_profile_to_porcelain(plumbing)
+      if plumbing == nil
+        return nil
+      end
+      porcelain = AmazonEKSInstanceProfile.new()
+      porcelain.bind_interface = (plumbing.bind_interface)
+      porcelain.certificate_authority = (plumbing.certificate_authority)
+      porcelain.cluster_name = (plumbing.cluster_name)
+      porcelain.egress_filter = (plumbing.egress_filter)
+      porcelain.endpoint = (plumbing.endpoint)
+      porcelain.healthcheck_namespace = (plumbing.healthcheck_namespace)
+      porcelain.healthy = (plumbing.healthy)
+      porcelain.id = (plumbing.id)
+      porcelain.name = (plumbing.name)
+      porcelain.region = (plumbing.region)
+      porcelain.remote_identity_group_id = (plumbing.remote_identity_group_id)
+      porcelain.remote_identity_healthcheck_username = (plumbing.remote_identity_healthcheck_username)
+      porcelain.role_arn = (plumbing.role_arn)
+      porcelain.role_external_id = (plumbing.role_external_id)
+      porcelain.secret_store_id = (plumbing.secret_store_id)
+      porcelain.tags = convert_tags_to_porcelain(plumbing.tags)
+      porcelain
+    end
+
+    def self.convert_amazon_eks_instance_profile_to_plumbing(porcelain)
+      if porcelain == nil
+        return nil
+      end
+      plumbing = V1::AmazonEKSInstanceProfile.new()
+      plumbing.bind_interface = (porcelain.bind_interface)
+      plumbing.certificate_authority = (porcelain.certificate_authority)
+      plumbing.cluster_name = (porcelain.cluster_name)
+      plumbing.egress_filter = (porcelain.egress_filter)
+      plumbing.endpoint = (porcelain.endpoint)
+      plumbing.healthcheck_namespace = (porcelain.healthcheck_namespace)
+      plumbing.healthy = (porcelain.healthy)
+      plumbing.id = (porcelain.id)
+      plumbing.name = (porcelain.name)
+      plumbing.region = (porcelain.region)
+      plumbing.remote_identity_group_id = (porcelain.remote_identity_group_id)
+      plumbing.remote_identity_healthcheck_username = (porcelain.remote_identity_healthcheck_username)
+      plumbing.role_arn = (porcelain.role_arn)
+      plumbing.role_external_id = (porcelain.role_external_id)
+      plumbing.secret_store_id = (porcelain.secret_store_id)
+      plumbing.tags = convert_tags_to_plumbing(porcelain.tags)
+      plumbing
+    end
+    def self.convert_repeated_amazon_eks_instance_profile_to_plumbing(porcelains)
+      items = Array.new
+      porcelains.each do |porcelain|
+        plumbing = convert_amazon_eks_instance_profile_to_plumbing(porcelain)
+        items.append(plumbing)
+      end
+      items
+    end
+
+    def self.convert_repeated_amazon_eks_instance_profile_to_porcelain(plumbings)
+      items = Array.new
+      plumbings.each do |plumbing|
+        porcelain = convert_amazon_eks_instance_profile_to_porcelain(plumbing)
+        items.append(porcelain)
+      end
+      items
+    end
     def self.convert_amazon_eks_user_impersonation_to_porcelain(plumbing)
       if plumbing == nil
         return nil
@@ -5526,6 +5604,9 @@ module SDM
       if porcelain.instance_of? AmazonEKS
         plumbing.amazon_eks = convert_amazon_eks_to_plumbing(porcelain)
       end
+      if porcelain.instance_of? AmazonEKSInstanceProfile
+        plumbing.amazon_eks_instance_profile = convert_amazon_eks_instance_profile_to_plumbing(porcelain)
+      end
       if porcelain.instance_of? AmazonEKSUserImpersonation
         plumbing.amazon_eks_user_impersonation = convert_amazon_eks_user_impersonation_to_plumbing(porcelain)
       end
@@ -5758,6 +5839,9 @@ module SDM
       if plumbing.amazon_eks != nil
         return convert_amazon_eks_to_porcelain(plumbing.amazon_eks)
       end
+      if plumbing.amazon_eks_instance_profile != nil
+        return convert_amazon_eks_instance_profile_to_porcelain(plumbing.amazon_eks_instance_profile)
+      end
       if plumbing.amazon_eks_user_impersonation != nil
         return convert_amazon_eks_user_impersonation_to_porcelain(plumbing.amazon_eks_user_impersonation)
       end

data/lib/models/porcelain.rb

@@ -1047,6 +1047,85 @@ module SDM
     end
   end
 
+  class AmazonEKSInstanceProfile
+    # Bind interface
+    attr_accessor :bind_interface
+
+    attr_accessor :certificate_authority
+
+    attr_accessor :cluster_name
+    # A filter applied to the routing logic to pin datasource to nodes.
+    attr_accessor :egress_filter
+
+    attr_accessor :endpoint
+    # The path used to check the health of your connection.  Defaults to `default`.
+    attr_accessor :healthcheck_namespace
+    # True if the datasource is reachable and the credentials are valid.
+    attr_accessor :healthy
+    # Unique identifier of the Resource.
+    attr_accessor :id
+    # Unique human-readable name of the Resource.
+    attr_accessor :name
+
+    attr_accessor :region
+
+    attr_accessor :remote_identity_group_id
+
+    attr_accessor :remote_identity_healthcheck_username
+
+    attr_accessor :role_arn
+
+    attr_accessor :role_external_id
+    # ID of the secret store containing credentials for this resource, if any.
+    attr_accessor :secret_store_id
+    # Tags is a map of key, value pairs.
+    attr_accessor :tags
+
+    def initialize(
+      bind_interface: nil,
+      certificate_authority: nil,
+      cluster_name: nil,
+      egress_filter: nil,
+      endpoint: nil,
+      healthcheck_namespace: nil,
+      healthy: nil,
+      id: nil,
+      name: nil,
+      region: nil,
+      remote_identity_group_id: nil,
+      remote_identity_healthcheck_username: nil,
+      role_arn: nil,
+      role_external_id: nil,
+      secret_store_id: nil,
+      tags: nil
+    )
+      @bind_interface = bind_interface == nil ? "" : bind_interface
+      @certificate_authority = certificate_authority == nil ? "" : certificate_authority
+      @cluster_name = cluster_name == nil ? "" : cluster_name
+      @egress_filter = egress_filter == nil ? "" : egress_filter
+      @endpoint = endpoint == nil ? "" : endpoint
+      @healthcheck_namespace = healthcheck_namespace == nil ? "" : healthcheck_namespace
+      @healthy = healthy == nil ? false : healthy
+      @id = id == nil ? "" : id
+      @name = name == nil ? "" : name
+      @region = region == nil ? "" : region
+      @remote_identity_group_id = remote_identity_group_id == nil ? "" : remote_identity_group_id
+      @remote_identity_healthcheck_username = remote_identity_healthcheck_username == nil ? "" : remote_identity_healthcheck_username
+      @role_arn = role_arn == nil ? "" : role_arn
+      @role_external_id = role_external_id == nil ? "" : role_external_id
+      @secret_store_id = secret_store_id == nil ? "" : secret_store_id
+      @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
   class AmazonEKSUserImpersonation
     attr_accessor :access_key
     # Bind interface
@@ -2398,7 +2477,6 @@ module SDM
     end
   end
 
-  # DelineaStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class DelineaStore
     # Unique identifier of the SecretStore.
     attr_accessor :id

data/lib/strongdm.rb

@@ -29,7 +29,7 @@ module SDM #:nodoc:
     DEFAULT_BASE_RETRY_DELAY = 0.0030 # 30 ms
     DEFAULT_MAX_RETRY_DELAY = 300 # 300 seconds
     API_VERSION = "2021-08-23"
-    USER_AGENT = "strongdm-sdk-ruby/3.5.5"
+    USER_AGENT = "strongdm-sdk-ruby/3.6.1"
     private_constant :DEFAULT_MAX_RETRIES, :DEFAULT_BASE_RETRY_DELAY, :DEFAULT_MAX_RETRY_DELAY, :API_VERSION, :USER_AGENT
 
     # Creates a new strongDM API client.

data/lib/svc.rb

@@ -1000,6 +1000,7 @@ module SDM #:nodoc:
   # {AKSServiceAccountUserImpersonation}
   # {AKSUserImpersonation}
   # {AmazonEKS}
+  # {AmazonEKSInstanceProfile}
   # {AmazonEKSUserImpersonation}
   # {AmazonES}
   # {AmazonMQAMQP091}

data/lib/version

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "3.5.5"
+  VERSION = "3.6.1"
 end

data/lib/version.rb

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "3.5.5"
+  VERSION = "3.6.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: strongdm
 version: !ruby/object:Gem::Version
-  version: 3.5.5
+  version: 3.6.1
 platform: ruby
 authors:
 - strongDM Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-12-21 00:00:00.000000000 Z
+date: 2023-02-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc
@@ -69,21 +69,24 @@ files:
 - "./.git/hooks/post-update.sample"
 - "./.git/hooks/pre-applypatch.sample"
 - "./.git/hooks/pre-commit.sample"
+- "./.git/hooks/pre-merge-commit.sample"
 - "./.git/hooks/pre-push.sample"
 - "./.git/hooks/pre-rebase.sample"
 - "./.git/hooks/pre-receive.sample"
 - "./.git/hooks/prepare-commit-msg.sample"
+- "./.git/hooks/push-to-checkout.sample"
 - "./.git/hooks/update.sample"
 - "./.git/index"
 - "./.git/info/exclude"
 - "./.git/logs/HEAD"
 - "./.git/logs/refs/heads/master"
 - "./.git/logs/refs/remotes/origin/HEAD"
-- "./.git/objects/pack/pack-ebefa28012a8f08cd83ed884ef22b6c72831eb2a.idx"
-- "./.git/objects/pack/pack-ebefa28012a8f08cd83ed884ef22b6c72831eb2a.pack"
+- "./.git/objects/pack/pack-c0eff6575c38c9865988c2b59ce4060fff518355.idx"
+- "./.git/objects/pack/pack-c0eff6575c38c9865988c2b59ce4060fff518355.pack"
 - "./.git/packed-refs"
 - "./.git/refs/heads/master"
 - "./.git/refs/remotes/origin/HEAD"
+- "./.gitignore"
 - "./.yardopts"
 - "./LICENSE"
 - "./README.md"
@@ -140,7 +143,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 1.3.6
 requirements: []
-rubygems_version: 3.0.8
+rubygems_version: 3.2.5
 signing_key: 
 specification_version: 4
 summary: strongDM SDK for the Ruby programming language.