cai

package
v5.34.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 17, 2024 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrEmptyIdentityField = errors.New("empty identity field")

ErrEmptyIdentityField can be returned when fetching a resource is not possible due to the identity field of that resource returning empty.

View Source 
var ErrNoConversion = errors.New("no conversion")

because of the current state of the system. Example: The conversion requires that the resource has already been created and is now being updated).

View Source 
var ErrResourceInaccessible = errors.New("resource does not exist or service account is lacking sufficient permissions")

ErrResourceInaccessible can be returned when fetching an IAM resource on a project that has not yet been created or if the service account lacks sufficient permissions

Functions

func AssetName 

func AssetName(d tpgresource.TerraformResourceData, config *transport_tpg.Config, linkTmpl string) (string, error)

AssetName templates an asset.name by looking up and replacing all instances of {{field}}. In the case where a field would resolve to an empty string, a generated unique string will be used: "placeholder-" + randomString(). This is done to preserve uniqueness of asset.name for a given asset.asset_type.

func JsonMap 

func JsonMap(x interface{}) (map[string]interface{}, error)

JsonMap converts a given value to a map[string]interface{} that matches its JSON format.

func RandString 

func RandString(n int) string

Types

type Asset 

type Asset struct {
	// The name, in a peculiar format: `\\<api>.googleapis.com/<self_link>`
	Name string `json:"name"`
	// The type name in `google.<api>.<resourcename>` format.
	Type          string           `json:"asset_type"`
	Resource      *AssetResource   `json:"resource,omitempty"`
	IAMPolicy     *IAMPolicy       `json:"iam_policy,omitempty"`
	OrgPolicy     []*OrgPolicy     `json:"org_policy,omitempty"`
	V2OrgPolicies []*V2OrgPolicies `json:"v2_org_policies,omitempty"`
}

Asset is the CAI representation of a resource.

func FetchIamPolicy 

func FetchIamPolicy(
	newUpdaterFunc tpgiamresource.NewResourceIamUpdaterFunc,
	d tpgresource.TerraformResourceData,
	config *transport_tpg.Config,
	assetNameTmpl string,
	assetType string,
) (Asset, error)

func MergeDeleteIamAssets 

func MergeDeleteIamAssets(
	existing, incoming Asset,
	MergeBindings func(existing, incoming []IAMBinding) []IAMBinding,
) Asset

incoming is the last known state of an asset prior to deletion

func MergeIamAssets 

func MergeIamAssets(
	existing, incoming Asset,
	MergeBindings func(existing, incoming []IAMBinding) []IAMBinding,
) Asset

MergeIamAssets merges an existing asset with the IAM bindings of an incoming Asset.

type AssetResource 

type AssetResource struct {
	// Api version
	Version string `json:"version"`
	// URI including scheme for the discovery doc - assembled from
	// product name and version.
	DiscoveryDocumentURI string `json:"discovery_document_uri"`
	// Resource name.
	DiscoveryName string `json:"discovery_name"`
	// Actual resource state as per Terraform.  Note that this does
	// not necessarily correspond perfectly with the CAI representation
	// as there are occasional deviations between CAI and API responses.
	// This returns the API response values instead.
	Data map[string]interface{} `json:"data,omitempty"`
}

AssetResource is the Asset's Resource field.

type BooleanPolicy 

type BooleanPolicy struct {
	Enforced bool `json:"enforced,omitempty"`
}

type ConvertFunc 

type ConvertFunc func(d tpgresource.TerraformResourceData, config *transport_tpg.Config) ([]Asset, error)

type Expr 

type Expr struct {
	Expression  string `json:"expression,omitempty"`
	Title       string `json:"title,omitempty"`
	Description string `json:"description,omitempty"`
	Location    string `json:"location,omitempty"`
}

type FetchFullResourceFunc 

type FetchFullResourceFunc func(d tpgresource.TerraformResourceData, config *transport_tpg.Config) (Asset, error)

FetchFullResourceFunc allows initial data for a resource to be fetched from the API and merged with the planned changes. This is useful for resources that are only partially managed by Terraform, like IAM policies managed with member/binding resources.

type Folder 

type Folder struct {
	Name        string     `json:"name,omitempty"`
	Parent      string     `json:"parent,omitempty"`
	DisplayName string     `json:"display_name,omitempty"`
	State       string     `json:"state,omitempty"`
	CreateTime  *Timestamp `json:"create_time,omitempty"`
}

type GetApiObjectFunc 

type GetApiObjectFunc func(d tpgresource.TerraformResourceData, config *transport_tpg.Config) (map[string]interface{}, error)

type IAMBinding 

type IAMBinding struct {
	Role    string   `json:"role"`
	Members []string `json:"members"`
}

func ExpandIamMemberBindings 

func ExpandIamMemberBindings(d tpgresource.TerraformResourceData) ([]IAMBinding, error)

ExpandIamMemberBindings is used in google_<type>_iam_member resources.

func ExpandIamPolicyBindings 

func ExpandIamPolicyBindings(d tpgresource.TerraformResourceData) ([]IAMBinding, error)

ExpandIamPolicyBindings is used in google_<type>_iam_policy resources.

func ExpandIamRoleBindings 

func ExpandIamRoleBindings(d tpgresource.TerraformResourceData) ([]IAMBinding, error)

ExpandIamRoleBindings is used in google_<type>_iam_binding resources.

func MergeAdditiveBindings 

func MergeAdditiveBindings(existing, incoming []IAMBinding) []IAMBinding

MergeAdditiveBindings adds members to bindings with the same roles and adds new bindings for roles that dont exist.

func MergeAuthoritativeBindings 

func MergeAuthoritativeBindings(existing, incoming []IAMBinding) []IAMBinding

MergeAuthoritativeBindings clobbers members to bindings with the same roles and adds new bindings for roles that dont exist.

func MergeDeleteAdditiveBindings 

func MergeDeleteAdditiveBindings(existing, incoming []IAMBinding) []IAMBinding

MergeDeleteAdditiveBindings eliminates listed members from roles in the existing list. incoming is the last known state of the bindings being deleted.

func MergeDeleteAuthoritativeBindings 

func MergeDeleteAuthoritativeBindings(existing, incoming []IAMBinding) []IAMBinding

MergeDeleteAuthoritativeBindings eliminates any bindings with matching roles in the existing list. incoming is the last known state of the bindings being deleted.

type IAMPolicy 

type IAMPolicy struct {
	Bindings []IAMBinding `json:"bindings"`
}

type ListPolicy 

type ListPolicy struct {
	AllowedValues     []string            `json:"allowed_values,omitempty"`
	DeniedValues      []string            `json:"denied_values,omitempty"`
	AllValues         ListPolicyAllValues `json:"all_values,omitempty"`
	SuggestedValue    string              `json:"suggested_value,omitempty"`
	InheritFromParent bool                `json:"inherit_from_parent,omitempty"`
}

type ListPolicyAllValues 

type ListPolicyAllValues int32

type MergeFunc 

type MergeFunc func(existing, incoming Asset) Asset

MergeFunc combines multiple terraform resources into a single CAI asset. The incoming asset will either be an asset that was created/updated or deleted.

type OrgPolicy 

type OrgPolicy struct {
	Constraint     string          `json:"constraint,omitempty"`
	ListPolicy     *ListPolicy     `json:"listPolicy"`
	BooleanPolicy  *BooleanPolicy  `json:"booleanPolicy"`
	RestoreDefault *RestoreDefault `json:"restoreDefault"`
	UpdateTime     *Timestamp      `json:"update_time,omitempty"`
}

type PolicyRule 

type PolicyRule struct {
	Values    *StringValues `json:"values,omitempty"`
	AllowAll  bool          `json:"allow_all,omitempty"`
	DenyAll   bool          `json:"deny_all,omitempty"`
	Enforce   bool          `json:"enforce,omitempty"`
	Condition *Expr         `json:"condition,omitempty"`
}

type PolicySpec 

type PolicySpec struct {
	Etag              string        `json:"etag,omitempty"`
	UpdateTime        *Timestamp    `json:"update_time,omitempty"`
	PolicyRules       []*PolicyRule `json:"rules,omitempty"`
	InheritFromParent bool          `json:"inherit_from_parent,omitempty"`
	Reset             bool          `json:"reset,omitempty"`
}

Spec is the representation of Spec for V2OrgPolicy

type ResourceConverter 

type ResourceConverter struct {
	AssetType         string
	Convert           ConvertFunc
	FetchFullResource FetchFullResourceFunc
	MergeCreateUpdate MergeFunc
	MergeDelete       MergeFunc
}

type RestoreDefault 

type RestoreDefault struct {
}

type StringValues 

type StringValues struct {
	AllowedValues []string `json:"allowed_values,omitempty"`
	DeniedValues  []string `json:"denied_values,omitempty"`
}

type Timestamp 

type Timestamp struct {
	Seconds int64 `json:"seconds,omitempty"`
	Nanos   int64 `json:"nanos,omitempty"`
}

type V2OrgPolicies 

type V2OrgPolicies struct {
	Name       string      `json:"name"`
	PolicySpec *PolicySpec `json:"spec,omitempty"`
}

V2OrgPolicies is the represtation of V2OrgPolicies

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.