From e884d9ed1c4d3805607d673d189e5d7c612e2179 Mon Sep 17 00:00:00 2001 From: Gemma Hou Date: Thu, 29 Feb 2024 01:52:05 +0000 Subject: [PATCH] http logs --- config/tests/samples/create/harness.go | 2 +- .../mockaccesscontextmanager/accesslevel.go | 2 +- mockgcp/pkg/storage/memory.go | 3 - .../accesscontextmanageraccesslevel/_http.log | 279 ++++++ .../_http.log | 937 ++++++++++++++++++ ...scontextmanagerserviceperimeterresource.md | 20 - .../resource-reference/overview.md | 4 - tests/e2e/unified_test.go | 17 +- 8 files changed, 1229 insertions(+), 35 deletions(-) create mode 100644 pkg/test/resourcefixture/testdata/basic/accesscontextmanager/v1beta1/accesscontextmanageraccesslevel/_http.log create mode 100644 pkg/test/resourcefixture/testdata/basic/accesscontextmanager/v1beta1/accesscontextmanagerserviceperimeter/_http.log diff --git a/config/tests/samples/create/harness.go b/config/tests/samples/create/harness.go index e4d4e752d7..231d0ea79a 100644 --- a/config/tests/samples/create/harness.go +++ b/config/tests/samples/create/harness.go @@ -440,7 +440,7 @@ func MaybeSkip(t *testing.T, name string, resources []*unstructured.Unstructured switch gvk.GroupKind() { case schema.GroupKind{Group: "accesscontextmanager.cnrm.cloud.google.com", Kind: "AccessContextManagerAccessLevel"}: case schema.GroupKind{Group: "accesscontextmanager.cnrm.cloud.google.com", Kind: "AccessContextManagerServicePerimeter"}: - case schema.GroupKind{Group: "accesscontextmanager.cnrm.cloud.google.com", Kind: "AccessContextManagerServicePerimeterResource"}: + //case schema.GroupKind{Group: "accesscontextmanager.cnrm.cloud.google.com", Kind: "AccessContextManagerServicePerimeterResource"}: case schema.GroupKind{Group: "apikeys.cnrm.cloud.google.com", Kind: "APIKeysKey"}: diff --git a/mockgcp/mockaccesscontextmanager/accesslevel.go b/mockgcp/mockaccesscontextmanager/accesslevel.go index 67eda10580..e322195ff6 100644 --- a/mockgcp/mockaccesscontextmanager/accesslevel.go +++ b/mockgcp/mockaccesscontextmanager/accesslevel.go @@ -46,7 +46,7 @@ func (s *AccessContextManagerV1) GetAccessLevel(ctx context.Context, req *pb.Get } func (s *AccessContextManagerV1) CreateAccessLevel(ctx context.Context, req *pb.CreateAccessLevelRequest) (*longrunning.Operation, error) { - reqName := req.GetAccessLevel().Name + reqName := req.GetAccessLevel().GetName() name, err := s.parseAccessLevelName(reqName) if err != nil { return nil, err diff --git a/mockgcp/pkg/storage/memory.go b/mockgcp/pkg/storage/memory.go index 939996c7e0..2d909837a4 100644 --- a/mockgcp/pkg/storage/memory.go +++ b/mockgcp/pkg/storage/memory.go @@ -19,9 +19,6 @@ import ( "strings" "sync" - apierrors "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/runtime/schema" - "google.golang.org/grpc/codes" "google.golang.org/grpc/status" "google.golang.org/protobuf/proto" diff --git a/pkg/test/resourcefixture/testdata/basic/accesscontextmanager/v1beta1/accesscontextmanageraccesslevel/_http.log b/pkg/test/resourcefixture/testdata/basic/accesscontextmanager/v1beta1/accesscontextmanageraccesslevel/_http.log new file mode 100644 index 0000000000..9c296e390d --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/accesscontextmanager/v1beta1/accesscontextmanageraccesslevel/_http.log @@ -0,0 +1,279 @@ +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +404 Not Found +Content-Type: application/json + +{ + "code": 5, + "details": [], + "message": "accessLevel \"accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}\" not found" +} + +--- + +POST https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +{ + "basic": { + "combiningFunction": "AND", + "conditions": [ + { + "devicePolicy": { + "requireCorpOwned": true + } + } + ] + }, + "name": "accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}", + "title": "KCC ${uniqueId}" +} + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "done": true, + "metadata": null, + "name": "${operationID}" +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "basic": { + "combiningFunction": "AND", + "conditions": [ + { + "devicePolicy": { + "allowedDeviceManagementLevels": [], + "allowedEncryptionStatuses": [], + "osConstraints": [], + "requireAdminApproval": false, + "requireCorpOwned": true, + "requireScreenlock": false + }, + "ipSubnetworks": [], + "members": [], + "negate": false, + "regions": [], + "requiredAccessLevels": [] + } + ] + }, + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}", + "title": "KCC ${uniqueId}", + "updateTime": null +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "basic": { + "combiningFunction": "AND", + "conditions": [ + { + "devicePolicy": { + "allowedDeviceManagementLevels": [], + "allowedEncryptionStatuses": [], + "osConstraints": [], + "requireAdminApproval": false, + "requireCorpOwned": true, + "requireScreenlock": false + }, + "ipSubnetworks": [], + "members": [], + "negate": false, + "regions": [], + "requiredAccessLevels": [] + } + ] + }, + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}", + "title": "KCC ${uniqueId}", + "updateTime": null +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "basic": { + "combiningFunction": "AND", + "conditions": [ + { + "devicePolicy": { + "allowedDeviceManagementLevels": [], + "allowedEncryptionStatuses": [], + "osConstraints": [], + "requireAdminApproval": false, + "requireCorpOwned": true, + "requireScreenlock": false + }, + "ipSubnetworks": [], + "members": [], + "negate": false, + "regions": [], + "requiredAccessLevels": [] + } + ] + }, + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}", + "title": "KCC ${uniqueId}", + "updateTime": null +} + +--- + +PATCH https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}?alt=json&updateMask=title +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +{ + "basic": { + "combiningFunction": "AND", + "conditions": [ + { + "devicePolicy": { + "requireCorpOwned": true + } + } + ] + }, + "title": "KCC ${uniqueId} 2" +} + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "done": true, + "metadata": null, + "name": "${operationID}" +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "basic": { + "combiningFunction": "AND", + "conditions": [ + { + "devicePolicy": { + "allowedDeviceManagementLevels": [], + "allowedEncryptionStatuses": [], + "osConstraints": [], + "requireAdminApproval": false, + "requireCorpOwned": true, + "requireScreenlock": false + }, + "ipSubnetworks": [], + "members": [], + "negate": false, + "regions": [], + "requiredAccessLevels": [] + } + ] + }, + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}", + "title": "KCC ${uniqueId} 2", + "updateTime": null +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "basic": { + "combiningFunction": "AND", + "conditions": [ + { + "devicePolicy": { + "allowedDeviceManagementLevels": [], + "allowedEncryptionStatuses": [], + "osConstraints": [], + "requireAdminApproval": false, + "requireCorpOwned": true, + "requireScreenlock": false + }, + "ipSubnetworks": [], + "members": [], + "negate": false, + "regions": [], + "requiredAccessLevels": [] + } + ] + }, + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}", + "title": "KCC ${uniqueId} 2", + "updateTime": null +} + +--- + +DELETE https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/kccaccesslevel${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "done": true, + "metadata": null, + "name": "${operationID}" +} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/accesscontextmanager/v1beta1/accesscontextmanagerserviceperimeter/_http.log b/pkg/test/resourcefixture/testdata/basic/accesscontextmanager/v1beta1/accesscontextmanagerserviceperimeter/_http.log new file mode 100644 index 0000000000..f87fadedb5 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/accesscontextmanager/v1beta1/accesscontextmanagerserviceperimeter/_http.log @@ -0,0 +1,937 @@ +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/acl${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +404 Not Found +Content-Type: application/json + +{ + "code": 5, + "details": [], + "message": "accessLevel \"accessPolicies/${accessPolicyID}/accessLevels/acl${uniqueId}\" not found" +} + +--- + +POST https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +{ + "basic": { + "combiningFunction": "AND", + "conditions": [ + { + "devicePolicy": { + "requireCorpOwned": true + } + } + ] + }, + "name": "accessPolicies/${accessPolicyID}/accessLevels/acl${uniqueId}", + "title": "Config Connector Access Level ${uniqueId}" +} + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "done": true, + "metadata": null, + "name": "${operationID}" +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/acl${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "basic": { + "combiningFunction": "AND", + "conditions": [ + { + "devicePolicy": { + "allowedDeviceManagementLevels": [], + "allowedEncryptionStatuses": [], + "osConstraints": [], + "requireAdminApproval": false, + "requireCorpOwned": true, + "requireScreenlock": false + }, + "ipSubnetworks": [], + "members": [], + "negate": false, + "regions": [], + "requiredAccessLevels": [] + } + ] + }, + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/accessLevels/acl${uniqueId}", + "title": "Config Connector Access Level ${uniqueId}", + "updateTime": null +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/acl${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "basic": { + "combiningFunction": "AND", + "conditions": [ + { + "devicePolicy": { + "allowedDeviceManagementLevels": [], + "allowedEncryptionStatuses": [], + "osConstraints": [], + "requireAdminApproval": false, + "requireCorpOwned": true, + "requireScreenlock": false + }, + "ipSubnetworks": [], + "members": [], + "negate": false, + "regions": [], + "requiredAccessLevels": [] + } + ] + }, + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/accessLevels/acl${uniqueId}", + "title": "Config Connector Access Level ${uniqueId}", + "updateTime": null +} + +--- + +GET https://cloudresourcemanager.googleapis.com/v1/projects/project-${uniqueId}?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +403 Forbidden +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 403, + "message": "The caller does not have permission", + "status": "PERMISSION_DENIED" + } +} + +--- + +POST https://cloudresourcemanager.googleapis.com/v1/projects?alt=json&prettyPrint=false +Content-Type: application/json +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "project-${uniqueId}", + "parent": { + "id": "123450001", + "type": "organization" + }, + "projectId": "project-${uniqueId}" +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "done": true, + "name": "${operationID}", + "response": { + "@type": "type.googleapis.com/mockgcp.cloud.resourcemanager.v1.Project", + "createTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "lifecycleState": "ACTIVE", + "name": "project-${uniqueId}", + "parent": { + "id": "123450001", + "type": "organization" + }, + "projectId": "project-${uniqueId}", + "projectNumber": "2611284615" + } +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +404 Not Found +Content-Type: application/json + +{ + "code": 5, + "details": [], + "message": "servicePerimeter \"accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}\" not found" +} + +--- + +POST https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/servicePerimeters?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +{ + "name": "accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}", + "perimeterType": "PERIMETER_TYPE_REGULAR", + "title": "default policy ${uniqueId}" +} + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "done": true, + "metadata": null, + "name": "${operationID}" +} + +--- + +GET https://iam.googleapis.com/v1/projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "errors": [ + { + "domain": "global", + "message": "serviceAccount \"projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com\" not found", + "reason": "notFound" + } + ], + "message": "serviceAccount \"projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com\" not found", + "status": "NOT_FOUND" + } +} + +--- + +POST https://iam.googleapis.com/v1/projects/${projectId}/serviceAccounts?alt=json&prettyPrint=false +Content-Type: application/json +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +{ + "accountId": "gsa-${uniqueId}", + "serviceAccount": {} +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "email": "gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com", + "etag": "abcdef0123A=", + "name": "projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com", + "oauth2ClientId": "888888888888888888888", + "projectId": "${projectId}", + "uniqueId": "111111111111111111111" +} + +--- + +GET https://iam.googleapis.com/v1/projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "email": "gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com", + "etag": "abcdef0123A=", + "name": "projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com", + "oauth2ClientId": "888888888888888888888", + "projectId": "${projectId}", + "uniqueId": "111111111111111111111" +} + +--- + +GET https://iam.googleapis.com/v1/projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "email": "gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com", + "etag": "abcdef0123A=", + "name": "projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com", + "oauth2ClientId": "888888888888888888888", + "projectId": "${projectId}", + "uniqueId": "111111111111111111111" +} + +--- + +GET https://iam.googleapis.com/v1/projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "email": "gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com", + "etag": "abcdef0123A=", + "name": "projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com", + "oauth2ClientId": "888888888888888888888", + "projectId": "${projectId}", + "uniqueId": "111111111111111111111" +} + +--- + +GET https://iam.googleapis.com/v1/projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "email": "gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com", + "etag": "abcdef0123A=", + "name": "projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com", + "oauth2ClientId": "888888888888888888888", + "projectId": "${projectId}", + "uniqueId": "111111111111111111111" +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}", + "perimeterType": "PERIMETER_TYPE_REGULAR", + "spec": null, + "status": null, + "title": "default policy ${uniqueId}", + "updateTime": null, + "useExplicitDryRunSpec": false +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}", + "perimeterType": "PERIMETER_TYPE_REGULAR", + "spec": null, + "status": null, + "title": "default policy ${uniqueId}", + "updateTime": null, + "useExplicitDryRunSpec": false +} + +--- + +GET https://cloudresourcemanager.googleapis.com/v1/projects/project-${uniqueId}?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "lifecycleState": "ACTIVE", + "name": "project-${uniqueId}", + "parent": { + "id": "123450001", + "type": "organization" + }, + "projectId": "project-${uniqueId}", + "projectNumber": "2611284615" +} + +--- + +GET https://cloudbilling.googleapis.com/v1/projects/project-${uniqueId}/billingInfo?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "billingAccountName": "", + "billingEnabled": false, + "name": "projects/project-${uniqueId}/billingInfo", + "projectId": "project-${uniqueId}" +} + +--- + +GET https://cloudresourcemanager.googleapis.com/v1/projects/project-${uniqueId}?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "lifecycleState": "ACTIVE", + "name": "project-${uniqueId}", + "parent": { + "id": "123450001", + "type": "organization" + }, + "projectId": "project-${uniqueId}", + "projectNumber": "2611284615" +} + +--- + +GET https://cloudbilling.googleapis.com/v1/projects/project-${uniqueId}/billingInfo?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "billingAccountName": "", + "billingEnabled": false, + "name": "projects/project-${uniqueId}/billingInfo", + "projectId": "project-${uniqueId}" +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}", + "perimeterType": "PERIMETER_TYPE_REGULAR", + "spec": null, + "status": null, + "title": "default policy ${uniqueId}", + "updateTime": null, + "useExplicitDryRunSpec": false +} + +--- + +PATCH https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}?alt=json&updateMask=title%2Cstatus%2Cspec%2CuseExplicitDryRunSpec +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +{ + "spec": { + "accessLevels": [ + "accessPolicies/${accessPolicyID}/accessLevels/acl${uniqueId}" + ], + "egressPolicies": [ + { + "egressFrom": { + "identities": [ + "serviceAccount:gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com" + ] + } + }, + { + "egressTo": { + "resources": [ + "projects/2611284615" + ] + } + } + ], + "ingressPolicies": [ + { + "ingressFrom": { + "identities": [ + "serviceAccount:gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com" + ], + "sources": [ + { + "accessLevel": "accessPolicies/${accessPolicyID}/accessLevels/acl${uniqueId}" + } + ] + } + }, + { + "ingressTo": { + "resources": [ + "projects/2611284615" + ] + } + } + ], + "resources": [ + "projects/2611284615" + ], + "restrictedServices": [ + "notebooks.googleapis.com" + ] + }, + "status": { + "restrictedServices": [ + "bigquery.googleapis.com" + ] + }, + "title": "default policy ${uniqueId} 2", + "useExplicitDryRunSpec": true +} + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "done": true, + "metadata": null, + "name": "${operationID}" +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}", + "perimeterType": "PERIMETER_TYPE_REGULAR", + "spec": null, + "status": null, + "title": "default policy ${uniqueId}", + "updateTime": null, + "useExplicitDryRunSpec": false +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}", + "perimeterType": "PERIMETER_TYPE_REGULAR", + "spec": null, + "status": null, + "title": "default policy ${uniqueId}", + "updateTime": null, + "useExplicitDryRunSpec": false +} + +--- + +PATCH https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}?alt=json&updateMask=title%2CuseExplicitDryRunSpec +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +{ + "title": "default policy ${uniqueId} 2", + "useExplicitDryRunSpec": true +} + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "done": true, + "metadata": null, + "name": "${operationID}" +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}", + "perimeterType": "PERIMETER_TYPE_REGULAR", + "spec": null, + "status": null, + "title": "default policy ${uniqueId}", + "updateTime": null, + "useExplicitDryRunSpec": false +} + +--- + +GET https://cloudresourcemanager.googleapis.com/v1/projects/project-${uniqueId}?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "lifecycleState": "ACTIVE", + "name": "project-${uniqueId}", + "parent": { + "id": "123450001", + "type": "organization" + }, + "projectId": "project-${uniqueId}", + "projectNumber": "2611284615" +} + +--- + +GET https://cloudbilling.googleapis.com/v1/projects/project-${uniqueId}/billingInfo?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "billingAccountName": "", + "billingEnabled": false, + "name": "projects/project-${uniqueId}/billingInfo", + "projectId": "project-${uniqueId}" +} + +--- + +DELETE https://cloudresourcemanager.googleapis.com/v1/projects/project-${uniqueId}?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "done": true, + "name": "${operationID}" +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}", + "perimeterType": "PERIMETER_TYPE_REGULAR", + "spec": null, + "status": null, + "title": "default policy ${uniqueId}", + "updateTime": null, + "useExplicitDryRunSpec": false +} + +--- + +GET https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/acl${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "basic": { + "combiningFunction": "AND", + "conditions": [ + { + "devicePolicy": { + "allowedDeviceManagementLevels": [], + "allowedEncryptionStatuses": [], + "osConstraints": [], + "requireAdminApproval": false, + "requireCorpOwned": true, + "requireScreenlock": false + }, + "ipSubnetworks": [], + "members": [], + "negate": false, + "regions": [], + "requiredAccessLevels": [] + } + ] + }, + "createTime": null, + "description": "", + "name": "accessPolicies/${accessPolicyID}/accessLevels/acl${uniqueId}", + "title": "Config Connector Access Level ${uniqueId}", + "updateTime": null +} + +--- + +DELETE https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/servicePerimeters/kccsvcperimeter${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "done": true, + "metadata": null, + "name": "${operationID}" +} + +--- + +DELETE https://accesscontextmanager.googleapis.com/v1/accessPolicies/${accessPolicyID}/accessLevels/acl${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev + +200 OK +Content-Type: application/json +Grpc-Metadata-Content-Type: application/grpc + +{ + "done": true, + "metadata": null, + "name": "${operationID}" +} + +--- + +GET https://iam.googleapis.com/v1/projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "email": "gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com", + "etag": "abcdef0123A=", + "name": "projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com", + "oauth2ClientId": "888888888888888888888", + "projectId": "${projectId}", + "uniqueId": "111111111111111111111" +} + +--- + +DELETE https://iam.googleapis.com/v1/projects/${projectId}/serviceAccounts/gsa-${uniqueId}@${projectId}.iam.gserviceaccount.com?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/dev +X-Goog-Api-Client: gl-go/1.21.5 gdcl/0.139.0 + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{} \ No newline at end of file diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/accesscontextmanager/accesscontextmanagerserviceperimeterresource.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/accesscontextmanager/accesscontextmanagerserviceperimeterresource.md index ef88213cc9..1bfff2bd9d 100644 --- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/accesscontextmanager/accesscontextmanagerserviceperimeterresource.md +++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/accesscontextmanager/accesscontextmanagerserviceperimeterresource.md @@ -98,14 +98,10 @@ resourceRef:

object

-<<<<<<< HEAD

{% verbatim %}Only the `external` field is supported to configure the reference. The name of the Service Perimeter to add this resource to. Referencing a resource name leads to recursive reference and KCC does not support the feature for now.{% endverbatim %}

-======= -

{% verbatim %}{% endverbatim %}

->>>>>>> 8fb7d4bb6 (Promote AccessContextManagerServicePerimeterResource v1alpha1 to v1beta1) @@ -140,11 +136,7 @@ Referencing a resource name leads to recursive reference and KCC does not suppor -<<<<<<< HEAD

resourceRef

-======= -

projectRef

->>>>>>> 8fb7d4bb6 (Promote AccessContextManagerServicePerimeterResource v1alpha1 to v1beta1)

Required

@@ -154,11 +146,7 @@ Referencing a resource name leads to recursive reference and KCC does not suppor -<<<<<<< HEAD

resourceRef.external

-======= -

projectRef.external

->>>>>>> 8fb7d4bb6 (Promote AccessContextManagerServicePerimeterResource v1alpha1 to v1beta1)

Optional

@@ -168,11 +156,7 @@ Referencing a resource name leads to recursive reference and KCC does not suppor -<<<<<<< HEAD

resourceRef.name

-======= -

projectRef.name

->>>>>>> 8fb7d4bb6 (Promote AccessContextManagerServicePerimeterResource v1alpha1 to v1beta1)

Optional

@@ -182,11 +166,7 @@ Referencing a resource name leads to recursive reference and KCC does not suppor -<<<<<<< HEAD

resourceRef.namespace

-======= -

projectRef.namespace

->>>>>>> 8fb7d4bb6 (Promote AccessContextManagerServicePerimeterResource v1alpha1 to v1beta1)

Optional

diff --git a/scripts/generate-google3-docs/resource-reference/overview.md b/scripts/generate-google3-docs/resource-reference/overview.md index 0f9d290d6c..9ffc1e3865 100644 --- a/scripts/generate-google3-docs/resource-reference/overview.md +++ b/scripts/generate-google3-docs/resource-reference/overview.md @@ -378,10 +378,6 @@ issues for {{product_name_short}}. {{container_analysis_name}} ContainerAnalysisNote - - {{anthos_attached_clusters_name}} - ContainerAttachedCluster - {{dataflow_name}} DataflowJob diff --git a/tests/e2e/unified_test.go b/tests/e2e/unified_test.go index 5c08275bf8..f3a8279ef5 100644 --- a/tests/e2e/unified_test.go +++ b/tests/e2e/unified_test.go @@ -241,26 +241,31 @@ func testFixturesInSeries(ctx context.Context, t *testing.T, testPause bool, can } for _, event := range events.HTTPEvents { - id := "" + operationID := "" body := event.Response.ParseBody() val, ok := body["name"] if ok { s := val.(string) // operation name format: operations/{operationId} if strings.HasPrefix(s, "operations/") { - id = strings.TrimPrefix(s, "operations/") + operationID = strings.TrimPrefix(s, "operations/") } // operation name format: {prefix}/operations/{operationId} if ix := strings.Index(s, "/operations/"); ix != -1 { - id = strings.TrimPrefix(s[ix:], "/operations/") + operationID = strings.TrimPrefix(s[ix:], "/operations/") } // operation name format: operation-{operationId} if strings.HasPrefix(s, "operation") { - id = s + operationID = s + } + // name format: accessPolicies/accessPolicyID}/accessLevels/{uniqueId} + if strings.HasPrefix(s, "accessPolicies/") { + tokens := strings.Split(s, "/") + pathIDs[tokens[1]] = "${accessPolicyID}" } } - if id != "" { - operationIDs[id] = true + if operationID != "" { + operationIDs[operationID] = true } }