From 674f809775cda8e613a9117e095163484b052dac Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Thu, 13 Jul 2023 18:55:23 +0000 Subject: [PATCH] feat: add resource_types to SearchAllResources, to allow filtering by resource type PiperOrigin-RevId: 547834040 Source-Link: https://github.com/googleapis/googleapis/commit/ecb3e475876b7e3461d9759242ff118321a7a09f Source-Link: https://github.com/googleapis/googleapis-gen/commit/6869315f60f1a202968f66fb11b07483b11148fc Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLWttcy1pbnZlbnRvcnkvLk93bEJvdC55YW1sIiwiaCI6IjY4NjkzMTVmNjBmMWEyMDI5NjhmNjZmYjExYjA3NDgzYjExMTQ4ZmMifQ== --- .../google-cloud-kms-inventory/v1/.coveragerc | 13 + .../google-cloud-kms-inventory/v1/.flake8 | 33 + .../google-cloud-kms-inventory/v1/MANIFEST.in | 2 + .../google-cloud-kms-inventory/v1/README.rst | 49 + .../v1/docs/conf.py | 376 +++ .../v1/docs/index.rst | 7 + .../key_dashboard_service.rst | 10 + .../kms_inventory_v1/key_tracking_service.rst | 10 + .../v1/docs/kms_inventory_v1/services.rst | 7 + .../v1/docs/kms_inventory_v1/types.rst | 6 + .../v1/google/cloud/kms_inventory/__init__.py | 45 + .../cloud/kms_inventory/gapic_version.py | 16 + .../v1/google/cloud/kms_inventory/py.typed | 2 + .../google/cloud/kms_inventory_v1/__init__.py | 46 + .../kms_inventory_v1/gapic_metadata.json | 92 + .../cloud/kms_inventory_v1/gapic_version.py | 16 + .../v1/google/cloud/kms_inventory_v1/py.typed | 2 + .../kms_inventory_v1/services/__init__.py | 15 + .../key_dashboard_service/__init__.py | 22 + .../key_dashboard_service/async_client.py | 320 +++ .../services/key_dashboard_service/client.py | 533 ++++ .../services/key_dashboard_service/pagers.py | 140 + .../transports/__init__.py | 38 + .../key_dashboard_service/transports/base.py | 148 + .../key_dashboard_service/transports/grpc.py | 268 ++ .../transports/grpc_asyncio.py | 267 ++ .../key_dashboard_service/transports/rest.py | 292 ++ .../services/key_tracking_service/__init__.py | 22 + .../key_tracking_service/async_client.py | 438 +++ .../services/key_tracking_service/client.py | 660 +++++ .../services/key_tracking_service/pagers.py | 139 + .../transports/__init__.py | 38 + .../key_tracking_service/transports/base.py | 162 ++ .../key_tracking_service/transports/grpc.py | 298 ++ .../transports/grpc_asyncio.py | 297 ++ .../key_tracking_service/transports/rest.py | 409 +++ .../cloud/kms_inventory_v1/types/__init__.py | 36 + .../types/key_dashboard_service.py | 94 + .../types/key_tracking_service.py | 292 ++ .../google-cloud-kms-inventory/v1/mypy.ini | 3 + .../google-cloud-kms-inventory/v1/noxfile.py | 184 ++ ...ashboard_service_list_crypto_keys_async.py | 53 + ...dashboard_service_list_crypto_keys_sync.py | 53 + ...e_get_protected_resources_summary_async.py | 52 + ...ce_get_protected_resources_summary_sync.py | 52 + ...ervice_search_protected_resources_async.py | 54 + ...service_search_protected_resources_sync.py | 54 + ...etadata_google.cloud.kms.inventory.v1.json | 506 ++++ .../fixup_kms_inventory_v1_keywords.py | 178 ++ .../google-cloud-kms-inventory/v1/setup.py | 91 + .../v1/testing/constraints-3.10.txt | 7 + .../v1/testing/constraints-3.11.txt | 7 + .../v1/testing/constraints-3.12.txt | 7 + .../v1/testing/constraints-3.7.txt | 10 + .../v1/testing/constraints-3.8.txt | 7 + .../v1/testing/constraints-3.9.txt | 7 + .../v1/tests/__init__.py | 16 + .../v1/tests/unit/__init__.py | 16 + .../v1/tests/unit/gapic/__init__.py | 16 + .../unit/gapic/kms_inventory_v1/__init__.py | 16 + .../test_key_dashboard_service.py | 1961 +++++++++++++ .../test_key_tracking_service.py | 2479 +++++++++++++++++ 62 files changed, 11489 insertions(+) create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/.coveragerc create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/.flake8 create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/MANIFEST.in create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/README.rst create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/docs/conf.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/docs/index.rst create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/key_dashboard_service.rst create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/key_tracking_service.rst create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/services.rst create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/types.rst create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory/__init__.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory/gapic_version.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory/py.typed create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/__init__.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/gapic_metadata.json create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/gapic_version.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/py.typed create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/__init__.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/__init__.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/async_client.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/client.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/pagers.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/__init__.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/base.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/grpc.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/rest.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/__init__.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/async_client.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/client.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/pagers.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/__init__.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/base.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/grpc.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/rest.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/types/__init__.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/types/key_dashboard_service.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/types/key_tracking_service.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/mypy.ini create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/noxfile.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_dashboard_service_list_crypto_keys_async.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_dashboard_service_list_crypto_keys_sync.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_get_protected_resources_summary_async.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_get_protected_resources_summary_sync.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_search_protected_resources_async.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_search_protected_resources_sync.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/snippet_metadata_google.cloud.kms.inventory.v1.json create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/scripts/fixup_kms_inventory_v1_keywords.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/setup.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.10.txt create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.11.txt create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.12.txt create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.7.txt create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.8.txt create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.9.txt create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/tests/__init__.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/__init__.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/__init__.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/kms_inventory_v1/__init__.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/kms_inventory_v1/test_key_dashboard_service.py create mode 100644 owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/kms_inventory_v1/test_key_tracking_service.py diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/.coveragerc b/owl-bot-staging/google-cloud-kms-inventory/v1/.coveragerc new file mode 100644 index 000000000000..4023b063fcc7 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/.coveragerc @@ -0,0 +1,13 @@ +[run] +branch = True + +[report] +show_missing = True +omit = + google/cloud/kms_inventory/__init__.py + google/cloud/kms_inventory/gapic_version.py +exclude_lines = + # Re-enable the standard pragma + pragma: NO COVER + # Ignore debug-only repr + def __repr__ diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/.flake8 b/owl-bot-staging/google-cloud-kms-inventory/v1/.flake8 new file mode 100644 index 000000000000..29227d4cf419 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/.flake8 @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generated by synthtool. DO NOT EDIT! +[flake8] +ignore = E203, E266, E501, W503 +exclude = + # Exclude generated code. + **/proto/** + **/gapic/** + **/services/** + **/types/** + *_pb2.py + + # Standard linting exemptions. + **/.nox/** + __pycache__, + .git, + *.pyc, + conf.py diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/MANIFEST.in b/owl-bot-staging/google-cloud-kms-inventory/v1/MANIFEST.in new file mode 100644 index 000000000000..5df74db8b57f --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/MANIFEST.in @@ -0,0 +1,2 @@ +recursive-include google/cloud/kms_inventory *.py +recursive-include google/cloud/kms_inventory_v1 *.py diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/README.rst b/owl-bot-staging/google-cloud-kms-inventory/v1/README.rst new file mode 100644 index 000000000000..cb0fd6c1c039 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/README.rst @@ -0,0 +1,49 @@ +Python Client for Google Cloud Kms Inventory API +================================================= + +Quick Start +----------- + +In order to use this library, you first need to go through the following steps: + +1. `Select or create a Cloud Platform project.`_ +2. `Enable billing for your project.`_ +3. Enable the Google Cloud Kms Inventory API. +4. `Setup Authentication.`_ + +.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project +.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project +.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html + +Installation +~~~~~~~~~~~~ + +Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to +create isolated Python environments. The basic problem it addresses is one of +dependencies and versions, and indirectly permissions. + +With `virtualenv`_, it's possible to install this library without needing system +install permissions, and without clashing with the installed system +dependencies. + +.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ + + +Mac/Linux +^^^^^^^^^ + +.. code-block:: console + + python3 -m venv + source /bin/activate + /bin/pip install /path/to/library + + +Windows +^^^^^^^ + +.. code-block:: console + + python3 -m venv + \Scripts\activate + \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/docs/conf.py b/owl-bot-staging/google-cloud-kms-inventory/v1/docs/conf.py new file mode 100644 index 000000000000..86fcffb684f7 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/docs/conf.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# google-cloud-kms-inventory documentation build configuration file +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys +import os +import shlex + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +sys.path.insert(0, os.path.abspath("..")) + +__version__ = "0.1.0" + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = "4.0.1" + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + "sphinx.ext.autodoc", + "sphinx.ext.autosummary", + "sphinx.ext.intersphinx", + "sphinx.ext.coverage", + "sphinx.ext.napoleon", + "sphinx.ext.todo", + "sphinx.ext.viewcode", +] + +# autodoc/autosummary flags +autoclass_content = "both" +autodoc_default_flags = ["members"] +autosummary_generate = True + + +# Add any paths that contain templates here, relative to this directory. +templates_path = ["_templates"] + +# Allow markdown includes (so releases.md can include CHANGLEOG.md) +# http://www.sphinx-doc.org/en/master/markdown.html +source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +source_suffix = [".rst", ".md"] + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The root toctree document. +root_doc = "index" + +# General information about the project. +project = u"google-cloud-kms-inventory" +copyright = u"2023, Google, LLC" +author = u"Google APIs" # TODO: autogenerate this bit + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The full version, including alpha/beta/rc tags. +release = __version__ +# The short X.Y version. +version = ".".join(release.split(".")[0:2]) + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ["_build"] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = "sphinx" + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = True + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = "alabaster" + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +html_theme_options = { + "description": "Google Cloud Client Libraries for Python", + "github_user": "googleapis", + "github_repo": "google-cloud-python", + "github_banner": True, + "font_family": "'Roboto', Georgia, sans", + "head_font_family": "'Roboto', Georgia, serif", + "code_font_family": "'Roboto Mono', 'Consolas', monospace", +} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ["_static"] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = "google-cloud-kms-inventory-doc" + +# -- Options for warnings ------------------------------------------------------ + + +suppress_warnings = [ + # Temporarily suppress this to avoid "more than one target found for + # cross-reference" warning, which are intractable for us to avoid while in + # a mono-repo. + # See https://github.com/sphinx-doc/sphinx/blob + # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 + "ref.python" +] + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ( + root_doc, + "google-cloud-kms-inventory.tex", + u"google-cloud-kms-inventory Documentation", + author, + "manual", + ) +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ( + root_doc, + "google-cloud-kms-inventory", + u"Google Cloud Kms Inventory Documentation", + [author], + 1, + ) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ( + root_doc, + "google-cloud-kms-inventory", + u"google-cloud-kms-inventory Documentation", + author, + "google-cloud-kms-inventory", + "GAPIC library for Google Cloud Kms Inventory API", + "APIs", + ) +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = { + "python": ("http://python.readthedocs.org/en/latest/", None), + "gax": ("https://gax-python.readthedocs.org/en/latest/", None), + "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), + "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), + "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), + "grpc": ("https://grpc.io/grpc/python/", None), + "requests": ("http://requests.kennethreitz.org/en/stable/", None), + "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), +} + + +# Napoleon settings +napoleon_google_docstring = True +napoleon_numpy_docstring = True +napoleon_include_private_with_doc = False +napoleon_include_special_with_doc = True +napoleon_use_admonition_for_examples = False +napoleon_use_admonition_for_notes = False +napoleon_use_admonition_for_references = False +napoleon_use_ivar = False +napoleon_use_param = True +napoleon_use_rtype = True diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/docs/index.rst b/owl-bot-staging/google-cloud-kms-inventory/v1/docs/index.rst new file mode 100644 index 000000000000..ac63d3eed97a --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/docs/index.rst @@ -0,0 +1,7 @@ +API Reference +------------- +.. toctree:: + :maxdepth: 2 + + kms_inventory_v1/services + kms_inventory_v1/types diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/key_dashboard_service.rst b/owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/key_dashboard_service.rst new file mode 100644 index 000000000000..a5ef39542398 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/key_dashboard_service.rst @@ -0,0 +1,10 @@ +KeyDashboardService +------------------------------------- + +.. automodule:: google.cloud.kms_inventory_v1.services.key_dashboard_service + :members: + :inherited-members: + +.. automodule:: google.cloud.kms_inventory_v1.services.key_dashboard_service.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/key_tracking_service.rst b/owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/key_tracking_service.rst new file mode 100644 index 000000000000..94e1b497fc99 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/key_tracking_service.rst @@ -0,0 +1,10 @@ +KeyTrackingService +------------------------------------ + +.. automodule:: google.cloud.kms_inventory_v1.services.key_tracking_service + :members: + :inherited-members: + +.. automodule:: google.cloud.kms_inventory_v1.services.key_tracking_service.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/services.rst b/owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/services.rst new file mode 100644 index 000000000000..9b3b18506649 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/services.rst @@ -0,0 +1,7 @@ +Services for Google Cloud Kms Inventory v1 API +============================================== +.. toctree:: + :maxdepth: 2 + + key_dashboard_service + key_tracking_service diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/types.rst b/owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/types.rst new file mode 100644 index 000000000000..a2f70e19f26f --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/docs/kms_inventory_v1/types.rst @@ -0,0 +1,6 @@ +Types for Google Cloud Kms Inventory v1 API +=========================================== + +.. automodule:: google.cloud.kms_inventory_v1.types + :members: + :show-inheritance: diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory/__init__.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory/__init__.py new file mode 100644 index 000000000000..fecafeb0c9bf --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory/__init__.py @@ -0,0 +1,45 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.kms_inventory import gapic_version as package_version + +__version__ = package_version.__version__ + + +from google.cloud.kms_inventory_v1.services.key_dashboard_service.client import KeyDashboardServiceClient +from google.cloud.kms_inventory_v1.services.key_dashboard_service.async_client import KeyDashboardServiceAsyncClient +from google.cloud.kms_inventory_v1.services.key_tracking_service.client import KeyTrackingServiceClient +from google.cloud.kms_inventory_v1.services.key_tracking_service.async_client import KeyTrackingServiceAsyncClient + +from google.cloud.kms_inventory_v1.types.key_dashboard_service import ListCryptoKeysRequest +from google.cloud.kms_inventory_v1.types.key_dashboard_service import ListCryptoKeysResponse +from google.cloud.kms_inventory_v1.types.key_tracking_service import GetProtectedResourcesSummaryRequest +from google.cloud.kms_inventory_v1.types.key_tracking_service import ProtectedResource +from google.cloud.kms_inventory_v1.types.key_tracking_service import ProtectedResourcesSummary +from google.cloud.kms_inventory_v1.types.key_tracking_service import SearchProtectedResourcesRequest +from google.cloud.kms_inventory_v1.types.key_tracking_service import SearchProtectedResourcesResponse + +__all__ = ('KeyDashboardServiceClient', + 'KeyDashboardServiceAsyncClient', + 'KeyTrackingServiceClient', + 'KeyTrackingServiceAsyncClient', + 'ListCryptoKeysRequest', + 'ListCryptoKeysResponse', + 'GetProtectedResourcesSummaryRequest', + 'ProtectedResource', + 'ProtectedResourcesSummary', + 'SearchProtectedResourcesRequest', + 'SearchProtectedResourcesResponse', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory/gapic_version.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory/gapic_version.py new file mode 100644 index 000000000000..360a0d13ebdd --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.0.0" # {x-release-please-version} diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory/py.typed b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory/py.typed new file mode 100644 index 000000000000..066be8e851ff --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-kms-inventory package uses inline types. diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/__init__.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/__init__.py new file mode 100644 index 000000000000..f147f848f836 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/__init__.py @@ -0,0 +1,46 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.kms_inventory_v1 import gapic_version as package_version + +__version__ = package_version.__version__ + + +from .services.key_dashboard_service import KeyDashboardServiceClient +from .services.key_dashboard_service import KeyDashboardServiceAsyncClient +from .services.key_tracking_service import KeyTrackingServiceClient +from .services.key_tracking_service import KeyTrackingServiceAsyncClient + +from .types.key_dashboard_service import ListCryptoKeysRequest +from .types.key_dashboard_service import ListCryptoKeysResponse +from .types.key_tracking_service import GetProtectedResourcesSummaryRequest +from .types.key_tracking_service import ProtectedResource +from .types.key_tracking_service import ProtectedResourcesSummary +from .types.key_tracking_service import SearchProtectedResourcesRequest +from .types.key_tracking_service import SearchProtectedResourcesResponse + +__all__ = ( + 'KeyDashboardServiceAsyncClient', + 'KeyTrackingServiceAsyncClient', +'GetProtectedResourcesSummaryRequest', +'KeyDashboardServiceClient', +'KeyTrackingServiceClient', +'ListCryptoKeysRequest', +'ListCryptoKeysResponse', +'ProtectedResource', +'ProtectedResourcesSummary', +'SearchProtectedResourcesRequest', +'SearchProtectedResourcesResponse', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/gapic_metadata.json b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/gapic_metadata.json new file mode 100644 index 000000000000..e833e6dade2e --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/gapic_metadata.json @@ -0,0 +1,92 @@ + { + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "python", + "libraryPackage": "google.cloud.kms_inventory_v1", + "protoPackage": "google.cloud.kms.inventory.v1", + "schema": "1.0", + "services": { + "KeyDashboardService": { + "clients": { + "grpc": { + "libraryClient": "KeyDashboardServiceClient", + "rpcs": { + "ListCryptoKeys": { + "methods": [ + "list_crypto_keys" + ] + } + } + }, + "grpc-async": { + "libraryClient": "KeyDashboardServiceAsyncClient", + "rpcs": { + "ListCryptoKeys": { + "methods": [ + "list_crypto_keys" + ] + } + } + }, + "rest": { + "libraryClient": "KeyDashboardServiceClient", + "rpcs": { + "ListCryptoKeys": { + "methods": [ + "list_crypto_keys" + ] + } + } + } + } + }, + "KeyTrackingService": { + "clients": { + "grpc": { + "libraryClient": "KeyTrackingServiceClient", + "rpcs": { + "GetProtectedResourcesSummary": { + "methods": [ + "get_protected_resources_summary" + ] + }, + "SearchProtectedResources": { + "methods": [ + "search_protected_resources" + ] + } + } + }, + "grpc-async": { + "libraryClient": "KeyTrackingServiceAsyncClient", + "rpcs": { + "GetProtectedResourcesSummary": { + "methods": [ + "get_protected_resources_summary" + ] + }, + "SearchProtectedResources": { + "methods": [ + "search_protected_resources" + ] + } + } + }, + "rest": { + "libraryClient": "KeyTrackingServiceClient", + "rpcs": { + "GetProtectedResourcesSummary": { + "methods": [ + "get_protected_resources_summary" + ] + }, + "SearchProtectedResources": { + "methods": [ + "search_protected_resources" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/gapic_version.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/gapic_version.py new file mode 100644 index 000000000000..360a0d13ebdd --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.0.0" # {x-release-please-version} diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/py.typed b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/py.typed new file mode 100644 index 000000000000..066be8e851ff --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-kms-inventory package uses inline types. diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/__init__.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/__init__.py new file mode 100644 index 000000000000..89a37dc92c5a --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/__init__.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/__init__.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/__init__.py new file mode 100644 index 000000000000..a8452ed68334 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import KeyDashboardServiceClient +from .async_client import KeyDashboardServiceAsyncClient + +__all__ = ( + 'KeyDashboardServiceClient', + 'KeyDashboardServiceAsyncClient', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/async_client.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/async_client.py new file mode 100644 index 000000000000..fbf0bc29f01b --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/async_client.py @@ -0,0 +1,320 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union + +from google.cloud.kms_inventory_v1 import gapic_version as package_version + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.kms_inventory_v1.services.key_dashboard_service import pagers +from google.cloud.kms_inventory_v1.types import key_dashboard_service +from google.cloud.kms_v1.types import resources +from .transports.base import KeyDashboardServiceTransport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import KeyDashboardServiceGrpcAsyncIOTransport +from .client import KeyDashboardServiceClient + + +class KeyDashboardServiceAsyncClient: + """Provides a cross-region view of all Cloud KMS keys in a given + Cloud project. + """ + + _client: KeyDashboardServiceClient + + DEFAULT_ENDPOINT = KeyDashboardServiceClient.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = KeyDashboardServiceClient.DEFAULT_MTLS_ENDPOINT + + crypto_key_path = staticmethod(KeyDashboardServiceClient.crypto_key_path) + parse_crypto_key_path = staticmethod(KeyDashboardServiceClient.parse_crypto_key_path) + crypto_key_version_path = staticmethod(KeyDashboardServiceClient.crypto_key_version_path) + parse_crypto_key_version_path = staticmethod(KeyDashboardServiceClient.parse_crypto_key_version_path) + common_billing_account_path = staticmethod(KeyDashboardServiceClient.common_billing_account_path) + parse_common_billing_account_path = staticmethod(KeyDashboardServiceClient.parse_common_billing_account_path) + common_folder_path = staticmethod(KeyDashboardServiceClient.common_folder_path) + parse_common_folder_path = staticmethod(KeyDashboardServiceClient.parse_common_folder_path) + common_organization_path = staticmethod(KeyDashboardServiceClient.common_organization_path) + parse_common_organization_path = staticmethod(KeyDashboardServiceClient.parse_common_organization_path) + common_project_path = staticmethod(KeyDashboardServiceClient.common_project_path) + parse_common_project_path = staticmethod(KeyDashboardServiceClient.parse_common_project_path) + common_location_path = staticmethod(KeyDashboardServiceClient.common_location_path) + parse_common_location_path = staticmethod(KeyDashboardServiceClient.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + KeyDashboardServiceAsyncClient: The constructed client. + """ + return KeyDashboardServiceClient.from_service_account_info.__func__(KeyDashboardServiceAsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + KeyDashboardServiceAsyncClient: The constructed client. + """ + return KeyDashboardServiceClient.from_service_account_file.__func__(KeyDashboardServiceAsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variable is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return KeyDashboardServiceClient.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> KeyDashboardServiceTransport: + """Returns the transport used by the client instance. + + Returns: + KeyDashboardServiceTransport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(KeyDashboardServiceClient).get_transport_class, type(KeyDashboardServiceClient)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, KeyDashboardServiceTransport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the key dashboard service client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.KeyDashboardServiceTransport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = KeyDashboardServiceClient( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def list_crypto_keys(self, + request: Optional[Union[key_dashboard_service.ListCryptoKeysRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListCryptoKeysAsyncPager: + r"""Returns cryptographic keys managed by Cloud KMS in a + given Cloud project. Note that this data is sourced from + snapshots, meaning it may not completely reflect the + actual state of key metadata at call time. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import kms_inventory_v1 + + async def sample_list_crypto_keys(): + # Create a client + client = kms_inventory_v1.KeyDashboardServiceAsyncClient() + + # Initialize request argument(s) + request = kms_inventory_v1.ListCryptoKeysRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_crypto_keys(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Optional[Union[google.cloud.kms_inventory_v1.types.ListCryptoKeysRequest, dict]]): + The request object. Request message for + [KeyDashboardService.ListCryptoKeys][google.cloud.kms.inventory.v1.KeyDashboardService.ListCryptoKeys]. + parent (:class:`str`): + Required. The Google Cloud project for which to retrieve + key metadata, in the format ``projects/*`` + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.kms_inventory_v1.services.key_dashboard_service.pagers.ListCryptoKeysAsyncPager: + Response message for + [KeyDashboardService.ListCryptoKeys][google.cloud.kms.inventory.v1.KeyDashboardService.ListCryptoKeys]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = key_dashboard_service.ListCryptoKeysRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_crypto_keys, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListCryptoKeysAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self) -> "KeyDashboardServiceAsyncClient": + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +__all__ = ( + "KeyDashboardServiceAsyncClient", +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/client.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/client.py new file mode 100644 index 000000000000..647ddfc64119 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/client.py @@ -0,0 +1,533 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast + +from google.cloud.kms_inventory_v1 import gapic_version as package_version + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.kms_inventory_v1.services.key_dashboard_service import pagers +from google.cloud.kms_inventory_v1.types import key_dashboard_service +from google.cloud.kms_v1.types import resources +from .transports.base import KeyDashboardServiceTransport, DEFAULT_CLIENT_INFO +from .transports.grpc import KeyDashboardServiceGrpcTransport +from .transports.grpc_asyncio import KeyDashboardServiceGrpcAsyncIOTransport +from .transports.rest import KeyDashboardServiceRestTransport + + +class KeyDashboardServiceClientMeta(type): + """Metaclass for the KeyDashboardService client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[KeyDashboardServiceTransport]] + _transport_registry["grpc"] = KeyDashboardServiceGrpcTransport + _transport_registry["grpc_asyncio"] = KeyDashboardServiceGrpcAsyncIOTransport + _transport_registry["rest"] = KeyDashboardServiceRestTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[KeyDashboardServiceTransport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class KeyDashboardServiceClient(metaclass=KeyDashboardServiceClientMeta): + """Provides a cross-region view of all Cloud KMS keys in a given + Cloud project. + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "kmsinventory.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + KeyDashboardServiceClient: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + KeyDashboardServiceClient: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> KeyDashboardServiceTransport: + """Returns the transport used by the client instance. + + Returns: + KeyDashboardServiceTransport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def crypto_key_path(project: str,location: str,key_ring: str,crypto_key: str,) -> str: + """Returns a fully-qualified crypto_key string.""" + return "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}".format(project=project, location=location, key_ring=key_ring, crypto_key=crypto_key, ) + + @staticmethod + def parse_crypto_key_path(path: str) -> Dict[str,str]: + """Parses a crypto_key path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)/keyRings/(?P.+?)/cryptoKeys/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def crypto_key_version_path(project: str,location: str,key_ring: str,crypto_key: str,crypto_key_version: str,) -> str: + """Returns a fully-qualified crypto_key_version string.""" + return "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}".format(project=project, location=location, key_ring=key_ring, crypto_key=crypto_key, crypto_key_version=crypto_key_version, ) + + @staticmethod + def parse_crypto_key_version_path(path: str) -> Dict[str,str]: + """Parses a crypto_key_version path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)/keyRings/(?P.+?)/cryptoKeys/(?P.+?)/cryptoKeyVersions/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variable is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, KeyDashboardServiceTransport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the key dashboard service client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, KeyDashboardServiceTransport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, KeyDashboardServiceTransport): + # transport is a KeyDashboardServiceTransport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def list_crypto_keys(self, + request: Optional[Union[key_dashboard_service.ListCryptoKeysRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListCryptoKeysPager: + r"""Returns cryptographic keys managed by Cloud KMS in a + given Cloud project. Note that this data is sourced from + snapshots, meaning it may not completely reflect the + actual state of key metadata at call time. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import kms_inventory_v1 + + def sample_list_crypto_keys(): + # Create a client + client = kms_inventory_v1.KeyDashboardServiceClient() + + # Initialize request argument(s) + request = kms_inventory_v1.ListCryptoKeysRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_crypto_keys(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.kms_inventory_v1.types.ListCryptoKeysRequest, dict]): + The request object. Request message for + [KeyDashboardService.ListCryptoKeys][google.cloud.kms.inventory.v1.KeyDashboardService.ListCryptoKeys]. + parent (str): + Required. The Google Cloud project for which to retrieve + key metadata, in the format ``projects/*`` + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.kms_inventory_v1.services.key_dashboard_service.pagers.ListCryptoKeysPager: + Response message for + [KeyDashboardService.ListCryptoKeys][google.cloud.kms.inventory.v1.KeyDashboardService.ListCryptoKeys]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a key_dashboard_service.ListCryptoKeysRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, key_dashboard_service.ListCryptoKeysRequest): + request = key_dashboard_service.ListCryptoKeysRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_crypto_keys] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListCryptoKeysPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self) -> "KeyDashboardServiceClient": + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +__all__ = ( + "KeyDashboardServiceClient", +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/pagers.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/pagers.py new file mode 100644 index 000000000000..1bc2bf219aeb --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/pagers.py @@ -0,0 +1,140 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.kms_inventory_v1.types import key_dashboard_service +from google.cloud.kms_v1.types import resources + + +class ListCryptoKeysPager: + """A pager for iterating through ``list_crypto_keys`` requests. + + This class thinly wraps an initial + :class:`google.cloud.kms_inventory_v1.types.ListCryptoKeysResponse` object, and + provides an ``__iter__`` method to iterate through its + ``crypto_keys`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListCryptoKeys`` requests and continue to iterate + through the ``crypto_keys`` field on the + corresponding responses. + + All the usual :class:`google.cloud.kms_inventory_v1.types.ListCryptoKeysResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., key_dashboard_service.ListCryptoKeysResponse], + request: key_dashboard_service.ListCryptoKeysRequest, + response: key_dashboard_service.ListCryptoKeysResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.kms_inventory_v1.types.ListCryptoKeysRequest): + The initial request object. + response (google.cloud.kms_inventory_v1.types.ListCryptoKeysResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = key_dashboard_service.ListCryptoKeysRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[key_dashboard_service.ListCryptoKeysResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.CryptoKey]: + for page in self.pages: + yield from page.crypto_keys + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListCryptoKeysAsyncPager: + """A pager for iterating through ``list_crypto_keys`` requests. + + This class thinly wraps an initial + :class:`google.cloud.kms_inventory_v1.types.ListCryptoKeysResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``crypto_keys`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListCryptoKeys`` requests and continue to iterate + through the ``crypto_keys`` field on the + corresponding responses. + + All the usual :class:`google.cloud.kms_inventory_v1.types.ListCryptoKeysResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[key_dashboard_service.ListCryptoKeysResponse]], + request: key_dashboard_service.ListCryptoKeysRequest, + response: key_dashboard_service.ListCryptoKeysResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.kms_inventory_v1.types.ListCryptoKeysRequest): + The initial request object. + response (google.cloud.kms_inventory_v1.types.ListCryptoKeysResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = key_dashboard_service.ListCryptoKeysRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[key_dashboard_service.ListCryptoKeysResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.CryptoKey]: + async def async_generator(): + async for page in self.pages: + for response in page.crypto_keys: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/__init__.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/__init__.py new file mode 100644 index 000000000000..497f5b2c963c --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/__init__.py @@ -0,0 +1,38 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import KeyDashboardServiceTransport +from .grpc import KeyDashboardServiceGrpcTransport +from .grpc_asyncio import KeyDashboardServiceGrpcAsyncIOTransport +from .rest import KeyDashboardServiceRestTransport +from .rest import KeyDashboardServiceRestInterceptor + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[KeyDashboardServiceTransport]] +_transport_registry['grpc'] = KeyDashboardServiceGrpcTransport +_transport_registry['grpc_asyncio'] = KeyDashboardServiceGrpcAsyncIOTransport +_transport_registry['rest'] = KeyDashboardServiceRestTransport + +__all__ = ( + 'KeyDashboardServiceTransport', + 'KeyDashboardServiceGrpcTransport', + 'KeyDashboardServiceGrpcAsyncIOTransport', + 'KeyDashboardServiceRestTransport', + 'KeyDashboardServiceRestInterceptor', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/base.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/base.py new file mode 100644 index 000000000000..4f4104c7829d --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/base.py @@ -0,0 +1,148 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union + +from google.cloud.kms_inventory_v1 import gapic_version as package_version + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.kms_inventory_v1.types import key_dashboard_service + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +class KeyDashboardServiceTransport(abc.ABC): + """Abstract transport class for KeyDashboardService.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'kmsinventory.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.list_crypto_keys: gapic_v1.method.wrap_method( + self.list_crypto_keys, + default_timeout=60.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def list_crypto_keys(self) -> Callable[ + [key_dashboard_service.ListCryptoKeysRequest], + Union[ + key_dashboard_service.ListCryptoKeysResponse, + Awaitable[key_dashboard_service.ListCryptoKeysResponse] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'KeyDashboardServiceTransport', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/grpc.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/grpc.py new file mode 100644 index 000000000000..0922e730ac0f --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/grpc.py @@ -0,0 +1,268 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.kms_inventory_v1.types import key_dashboard_service +from .base import KeyDashboardServiceTransport, DEFAULT_CLIENT_INFO + + +class KeyDashboardServiceGrpcTransport(KeyDashboardServiceTransport): + """gRPC backend transport for KeyDashboardService. + + Provides a cross-region view of all Cloud KMS keys in a given + Cloud project. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'kmsinventory.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'kmsinventory.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def list_crypto_keys(self) -> Callable[ + [key_dashboard_service.ListCryptoKeysRequest], + key_dashboard_service.ListCryptoKeysResponse]: + r"""Return a callable for the list crypto keys method over gRPC. + + Returns cryptographic keys managed by Cloud KMS in a + given Cloud project. Note that this data is sourced from + snapshots, meaning it may not completely reflect the + actual state of key metadata at call time. + + Returns: + Callable[[~.ListCryptoKeysRequest], + ~.ListCryptoKeysResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_crypto_keys' not in self._stubs: + self._stubs['list_crypto_keys'] = self.grpc_channel.unary_unary( + '/google.cloud.kms.inventory.v1.KeyDashboardService/ListCryptoKeys', + request_serializer=key_dashboard_service.ListCryptoKeysRequest.serialize, + response_deserializer=key_dashboard_service.ListCryptoKeysResponse.deserialize, + ) + return self._stubs['list_crypto_keys'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'KeyDashboardServiceGrpcTransport', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/grpc_asyncio.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/grpc_asyncio.py new file mode 100644 index 000000000000..8a58bfce18ae --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/grpc_asyncio.py @@ -0,0 +1,267 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.kms_inventory_v1.types import key_dashboard_service +from .base import KeyDashboardServiceTransport, DEFAULT_CLIENT_INFO +from .grpc import KeyDashboardServiceGrpcTransport + + +class KeyDashboardServiceGrpcAsyncIOTransport(KeyDashboardServiceTransport): + """gRPC AsyncIO backend transport for KeyDashboardService. + + Provides a cross-region view of all Cloud KMS keys in a given + Cloud project. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'kmsinventory.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'kmsinventory.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def list_crypto_keys(self) -> Callable[ + [key_dashboard_service.ListCryptoKeysRequest], + Awaitable[key_dashboard_service.ListCryptoKeysResponse]]: + r"""Return a callable for the list crypto keys method over gRPC. + + Returns cryptographic keys managed by Cloud KMS in a + given Cloud project. Note that this data is sourced from + snapshots, meaning it may not completely reflect the + actual state of key metadata at call time. + + Returns: + Callable[[~.ListCryptoKeysRequest], + Awaitable[~.ListCryptoKeysResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_crypto_keys' not in self._stubs: + self._stubs['list_crypto_keys'] = self.grpc_channel.unary_unary( + '/google.cloud.kms.inventory.v1.KeyDashboardService/ListCryptoKeys', + request_serializer=key_dashboard_service.ListCryptoKeysRequest.serialize, + response_deserializer=key_dashboard_service.ListCryptoKeysResponse.deserialize, + ) + return self._stubs['list_crypto_keys'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'KeyDashboardServiceGrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/rest.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/rest.py new file mode 100644 index 000000000000..ce6e438f8d31 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_dashboard_service/transports/rest.py @@ -0,0 +1,292 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +from google.auth.transport.requests import AuthorizedSession # type: ignore +import json # type: ignore +import grpc # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.api_core import exceptions as core_exceptions +from google.api_core import retry as retries +from google.api_core import rest_helpers +from google.api_core import rest_streaming +from google.api_core import path_template +from google.api_core import gapic_v1 + +from google.protobuf import json_format +from requests import __version__ as requests_version +import dataclasses +import re +from typing import Any, Callable, Dict, List, Optional, Sequence, Tuple, Union +import warnings + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + + +from google.cloud.kms_inventory_v1.types import key_dashboard_service + +from .base import KeyDashboardServiceTransport, DEFAULT_CLIENT_INFO as BASE_DEFAULT_CLIENT_INFO + + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=BASE_DEFAULT_CLIENT_INFO.gapic_version, + grpc_version=None, + rest_version=requests_version, +) + + +class KeyDashboardServiceRestInterceptor: + """Interceptor for KeyDashboardService. + + Interceptors are used to manipulate requests, request metadata, and responses + in arbitrary ways. + Example use cases include: + * Logging + * Verifying requests according to service or custom semantics + * Stripping extraneous information from responses + + These use cases and more can be enabled by injecting an + instance of a custom subclass when constructing the KeyDashboardServiceRestTransport. + + .. code-block:: python + class MyCustomKeyDashboardServiceInterceptor(KeyDashboardServiceRestInterceptor): + def pre_list_crypto_keys(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_list_crypto_keys(self, response): + logging.log(f"Received response: {response}") + return response + + transport = KeyDashboardServiceRestTransport(interceptor=MyCustomKeyDashboardServiceInterceptor()) + client = KeyDashboardServiceClient(transport=transport) + + + """ + def pre_list_crypto_keys(self, request: key_dashboard_service.ListCryptoKeysRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[key_dashboard_service.ListCryptoKeysRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for list_crypto_keys + + Override in a subclass to manipulate the request or metadata + before they are sent to the KeyDashboardService server. + """ + return request, metadata + + def post_list_crypto_keys(self, response: key_dashboard_service.ListCryptoKeysResponse) -> key_dashboard_service.ListCryptoKeysResponse: + """Post-rpc interceptor for list_crypto_keys + + Override in a subclass to manipulate the response + after it is returned by the KeyDashboardService server but before + it is returned to user code. + """ + return response + + +@dataclasses.dataclass +class KeyDashboardServiceRestStub: + _session: AuthorizedSession + _host: str + _interceptor: KeyDashboardServiceRestInterceptor + + +class KeyDashboardServiceRestTransport(KeyDashboardServiceTransport): + """REST backend transport for KeyDashboardService. + + Provides a cross-region view of all Cloud KMS keys in a given + Cloud project. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends JSON representations of protocol buffers over HTTP/1.1 + + """ + + def __init__(self, *, + host: str = 'kmsinventory.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + client_cert_source_for_mtls: Optional[Callable[[ + ], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + url_scheme: str = 'https', + interceptor: Optional[KeyDashboardServiceRestInterceptor] = None, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + client_cert_source_for_mtls (Callable[[], Tuple[bytes, bytes]]): Client + certificate to configure mutual TLS HTTP channel. It is ignored + if ``channel`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you are developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + url_scheme: the protocol scheme for the API endpoint. Normally + "https", but for testing or local servers, + "http" can be specified. + """ + # Run the base constructor + # TODO(yon-mg): resolve other ctor params i.e. scopes, quota, etc. + # TODO: When custom host (api_endpoint) is set, `scopes` must *also* be set on the + # credentials object + maybe_url_match = re.match("^(?Phttp(?:s)?://)?(?P.*)$", host) + if maybe_url_match is None: + raise ValueError(f"Unexpected hostname structure: {host}") # pragma: NO COVER + + url_match_items = maybe_url_match.groupdict() + + host = f"{url_scheme}://{host}" if not url_match_items["scheme"] else host + + super().__init__( + host=host, + credentials=credentials, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience + ) + self._session = AuthorizedSession( + self._credentials, default_host=self.DEFAULT_HOST) + if client_cert_source_for_mtls: + self._session.configure_mtls_channel(client_cert_source_for_mtls) + self._interceptor = interceptor or KeyDashboardServiceRestInterceptor() + self._prep_wrapped_messages(client_info) + + class _ListCryptoKeys(KeyDashboardServiceRestStub): + def __hash__(self): + return hash("ListCryptoKeys") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: key_dashboard_service.ListCryptoKeysRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> key_dashboard_service.ListCryptoKeysResponse: + r"""Call the list crypto keys method over HTTP. + + Args: + request (~.key_dashboard_service.ListCryptoKeysRequest): + The request object. Request message for + [KeyDashboardService.ListCryptoKeys][google.cloud.kms.inventory.v1.KeyDashboardService.ListCryptoKeys]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.key_dashboard_service.ListCryptoKeysResponse: + Response message for + [KeyDashboardService.ListCryptoKeys][google.cloud.kms.inventory.v1.KeyDashboardService.ListCryptoKeys]. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1/{parent=projects/*}/cryptoKeys', + }, + ] + request, metadata = self._interceptor.pre_list_crypto_keys(request, metadata) + pb_request = key_dashboard_service.ListCryptoKeysRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + including_default_value_fields=False, + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = key_dashboard_service.ListCryptoKeysResponse() + pb_resp = key_dashboard_service.ListCryptoKeysResponse.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_list_crypto_keys(resp) + return resp + + @property + def list_crypto_keys(self) -> Callable[ + [key_dashboard_service.ListCryptoKeysRequest], + key_dashboard_service.ListCryptoKeysResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._ListCryptoKeys(self._session, self._host, self._interceptor) # type: ignore + + @property + def kind(self) -> str: + return "rest" + + def close(self): + self._session.close() + + +__all__=( + 'KeyDashboardServiceRestTransport', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/__init__.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/__init__.py new file mode 100644 index 000000000000..8b9c94301922 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import KeyTrackingServiceClient +from .async_client import KeyTrackingServiceAsyncClient + +__all__ = ( + 'KeyTrackingServiceClient', + 'KeyTrackingServiceAsyncClient', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/async_client.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/async_client.py new file mode 100644 index 000000000000..d07b8e4f21b2 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/async_client.py @@ -0,0 +1,438 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union + +from google.cloud.kms_inventory_v1 import gapic_version as package_version + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.kms_inventory_v1.services.key_tracking_service import pagers +from google.cloud.kms_inventory_v1.types import key_tracking_service +from .transports.base import KeyTrackingServiceTransport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import KeyTrackingServiceGrpcAsyncIOTransport +from .client import KeyTrackingServiceClient + + +class KeyTrackingServiceAsyncClient: + """Returns information about the resources in an org that are + protected by a given Cloud KMS key via CMEK. + """ + + _client: KeyTrackingServiceClient + + DEFAULT_ENDPOINT = KeyTrackingServiceClient.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = KeyTrackingServiceClient.DEFAULT_MTLS_ENDPOINT + + asset_path = staticmethod(KeyTrackingServiceClient.asset_path) + parse_asset_path = staticmethod(KeyTrackingServiceClient.parse_asset_path) + crypto_key_version_path = staticmethod(KeyTrackingServiceClient.crypto_key_version_path) + parse_crypto_key_version_path = staticmethod(KeyTrackingServiceClient.parse_crypto_key_version_path) + protected_resources_summary_path = staticmethod(KeyTrackingServiceClient.protected_resources_summary_path) + parse_protected_resources_summary_path = staticmethod(KeyTrackingServiceClient.parse_protected_resources_summary_path) + common_billing_account_path = staticmethod(KeyTrackingServiceClient.common_billing_account_path) + parse_common_billing_account_path = staticmethod(KeyTrackingServiceClient.parse_common_billing_account_path) + common_folder_path = staticmethod(KeyTrackingServiceClient.common_folder_path) + parse_common_folder_path = staticmethod(KeyTrackingServiceClient.parse_common_folder_path) + common_organization_path = staticmethod(KeyTrackingServiceClient.common_organization_path) + parse_common_organization_path = staticmethod(KeyTrackingServiceClient.parse_common_organization_path) + common_project_path = staticmethod(KeyTrackingServiceClient.common_project_path) + parse_common_project_path = staticmethod(KeyTrackingServiceClient.parse_common_project_path) + common_location_path = staticmethod(KeyTrackingServiceClient.common_location_path) + parse_common_location_path = staticmethod(KeyTrackingServiceClient.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + KeyTrackingServiceAsyncClient: The constructed client. + """ + return KeyTrackingServiceClient.from_service_account_info.__func__(KeyTrackingServiceAsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + KeyTrackingServiceAsyncClient: The constructed client. + """ + return KeyTrackingServiceClient.from_service_account_file.__func__(KeyTrackingServiceAsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variable is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return KeyTrackingServiceClient.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> KeyTrackingServiceTransport: + """Returns the transport used by the client instance. + + Returns: + KeyTrackingServiceTransport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(KeyTrackingServiceClient).get_transport_class, type(KeyTrackingServiceClient)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, KeyTrackingServiceTransport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the key tracking service client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.KeyTrackingServiceTransport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = KeyTrackingServiceClient( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_protected_resources_summary(self, + request: Optional[Union[key_tracking_service.GetProtectedResourcesSummaryRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> key_tracking_service.ProtectedResourcesSummary: + r"""Returns aggregate information about the resources protected by + the given Cloud KMS [CryptoKey][google.cloud.kms.v1.CryptoKey]. + Only resources within the same Cloud organization as the key + will be returned. The project that holds the key must be part of + an organization in order for this call to succeed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import kms_inventory_v1 + + async def sample_get_protected_resources_summary(): + # Create a client + client = kms_inventory_v1.KeyTrackingServiceAsyncClient() + + # Initialize request argument(s) + request = kms_inventory_v1.GetProtectedResourcesSummaryRequest( + name="name_value", + ) + + # Make the request + response = await client.get_protected_resources_summary(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.kms_inventory_v1.types.GetProtectedResourcesSummaryRequest, dict]]): + The request object. Request message for + [KeyTrackingService.GetProtectedResourcesSummary][google.cloud.kms.inventory.v1.KeyTrackingService.GetProtectedResourcesSummary]. + name (:class:`str`): + Required. The resource name of the + [CryptoKey][google.cloud.kms.v1.CryptoKey]. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.kms_inventory_v1.types.ProtectedResourcesSummary: + Aggregate information about the + resources protected by a Cloud KMS key + in the same Cloud organization as the + key. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = key_tracking_service.GetProtectedResourcesSummaryRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_protected_resources_summary, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def search_protected_resources(self, + request: Optional[Union[key_tracking_service.SearchProtectedResourcesRequest, dict]] = None, + *, + scope: Optional[str] = None, + crypto_key: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.SearchProtectedResourcesAsyncPager: + r"""Returns metadata about the resources protected by the given + Cloud KMS [CryptoKey][google.cloud.kms.v1.CryptoKey] in the + given Cloud organization. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import kms_inventory_v1 + + async def sample_search_protected_resources(): + # Create a client + client = kms_inventory_v1.KeyTrackingServiceAsyncClient() + + # Initialize request argument(s) + request = kms_inventory_v1.SearchProtectedResourcesRequest( + scope="scope_value", + crypto_key="crypto_key_value", + ) + + # Make the request + page_result = client.search_protected_resources(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Optional[Union[google.cloud.kms_inventory_v1.types.SearchProtectedResourcesRequest, dict]]): + The request object. Request message for + [KeyTrackingService.SearchProtectedResources][google.cloud.kms.inventory.v1.KeyTrackingService.SearchProtectedResources]. + scope (:class:`str`): + Required. Resource name of the + organization. Example: organizations/123 + + This corresponds to the ``scope`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + crypto_key (:class:`str`): + Required. The resource name of the + [CryptoKey][google.cloud.kms.v1.CryptoKey]. + + This corresponds to the ``crypto_key`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.kms_inventory_v1.services.key_tracking_service.pagers.SearchProtectedResourcesAsyncPager: + Response message for + [KeyTrackingService.SearchProtectedResources][google.cloud.kms.inventory.v1.KeyTrackingService.SearchProtectedResources]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([scope, crypto_key]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = key_tracking_service.SearchProtectedResourcesRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if scope is not None: + request.scope = scope + if crypto_key is not None: + request.crypto_key = crypto_key + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.search_protected_resources, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("scope", request.scope), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.SearchProtectedResourcesAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self) -> "KeyTrackingServiceAsyncClient": + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +__all__ = ( + "KeyTrackingServiceAsyncClient", +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/client.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/client.py new file mode 100644 index 000000000000..d218ff6f24ff --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/client.py @@ -0,0 +1,660 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast + +from google.cloud.kms_inventory_v1 import gapic_version as package_version + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.kms_inventory_v1.services.key_tracking_service import pagers +from google.cloud.kms_inventory_v1.types import key_tracking_service +from .transports.base import KeyTrackingServiceTransport, DEFAULT_CLIENT_INFO +from .transports.grpc import KeyTrackingServiceGrpcTransport +from .transports.grpc_asyncio import KeyTrackingServiceGrpcAsyncIOTransport +from .transports.rest import KeyTrackingServiceRestTransport + + +class KeyTrackingServiceClientMeta(type): + """Metaclass for the KeyTrackingService client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[KeyTrackingServiceTransport]] + _transport_registry["grpc"] = KeyTrackingServiceGrpcTransport + _transport_registry["grpc_asyncio"] = KeyTrackingServiceGrpcAsyncIOTransport + _transport_registry["rest"] = KeyTrackingServiceRestTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[KeyTrackingServiceTransport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class KeyTrackingServiceClient(metaclass=KeyTrackingServiceClientMeta): + """Returns information about the resources in an org that are + protected by a given Cloud KMS key via CMEK. + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "kmsinventory.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + KeyTrackingServiceClient: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + KeyTrackingServiceClient: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> KeyTrackingServiceTransport: + """Returns the transport used by the client instance. + + Returns: + KeyTrackingServiceTransport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def asset_path() -> str: + """Returns a fully-qualified asset string.""" + return "*".format() + + @staticmethod + def parse_asset_path(path: str) -> Dict[str,str]: + """Parses a asset path into its component segments.""" + m = re.match(r"^.*$", path) + return m.groupdict() if m else {} + + @staticmethod + def crypto_key_version_path(project: str,location: str,key_ring: str,crypto_key: str,crypto_key_version: str,) -> str: + """Returns a fully-qualified crypto_key_version string.""" + return "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}".format(project=project, location=location, key_ring=key_ring, crypto_key=crypto_key, crypto_key_version=crypto_key_version, ) + + @staticmethod + def parse_crypto_key_version_path(path: str) -> Dict[str,str]: + """Parses a crypto_key_version path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)/keyRings/(?P.+?)/cryptoKeys/(?P.+?)/cryptoKeyVersions/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def protected_resources_summary_path(project: str,location: str,key_ring: str,crypto_key: str,) -> str: + """Returns a fully-qualified protected_resources_summary string.""" + return "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/protectedResourcesSummary".format(project=project, location=location, key_ring=key_ring, crypto_key=crypto_key, ) + + @staticmethod + def parse_protected_resources_summary_path(path: str) -> Dict[str,str]: + """Parses a protected_resources_summary path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)/keyRings/(?P.+?)/cryptoKeys/(?P.+?)/protectedResourcesSummary$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variable is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, KeyTrackingServiceTransport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the key tracking service client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, KeyTrackingServiceTransport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, KeyTrackingServiceTransport): + # transport is a KeyTrackingServiceTransport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_protected_resources_summary(self, + request: Optional[Union[key_tracking_service.GetProtectedResourcesSummaryRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> key_tracking_service.ProtectedResourcesSummary: + r"""Returns aggregate information about the resources protected by + the given Cloud KMS [CryptoKey][google.cloud.kms.v1.CryptoKey]. + Only resources within the same Cloud organization as the key + will be returned. The project that holds the key must be part of + an organization in order for this call to succeed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import kms_inventory_v1 + + def sample_get_protected_resources_summary(): + # Create a client + client = kms_inventory_v1.KeyTrackingServiceClient() + + # Initialize request argument(s) + request = kms_inventory_v1.GetProtectedResourcesSummaryRequest( + name="name_value", + ) + + # Make the request + response = client.get_protected_resources_summary(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.kms_inventory_v1.types.GetProtectedResourcesSummaryRequest, dict]): + The request object. Request message for + [KeyTrackingService.GetProtectedResourcesSummary][google.cloud.kms.inventory.v1.KeyTrackingService.GetProtectedResourcesSummary]. + name (str): + Required. The resource name of the + [CryptoKey][google.cloud.kms.v1.CryptoKey]. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.kms_inventory_v1.types.ProtectedResourcesSummary: + Aggregate information about the + resources protected by a Cloud KMS key + in the same Cloud organization as the + key. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a key_tracking_service.GetProtectedResourcesSummaryRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, key_tracking_service.GetProtectedResourcesSummaryRequest): + request = key_tracking_service.GetProtectedResourcesSummaryRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_protected_resources_summary] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def search_protected_resources(self, + request: Optional[Union[key_tracking_service.SearchProtectedResourcesRequest, dict]] = None, + *, + scope: Optional[str] = None, + crypto_key: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.SearchProtectedResourcesPager: + r"""Returns metadata about the resources protected by the given + Cloud KMS [CryptoKey][google.cloud.kms.v1.CryptoKey] in the + given Cloud organization. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import kms_inventory_v1 + + def sample_search_protected_resources(): + # Create a client + client = kms_inventory_v1.KeyTrackingServiceClient() + + # Initialize request argument(s) + request = kms_inventory_v1.SearchProtectedResourcesRequest( + scope="scope_value", + crypto_key="crypto_key_value", + ) + + # Make the request + page_result = client.search_protected_resources(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.kms_inventory_v1.types.SearchProtectedResourcesRequest, dict]): + The request object. Request message for + [KeyTrackingService.SearchProtectedResources][google.cloud.kms.inventory.v1.KeyTrackingService.SearchProtectedResources]. + scope (str): + Required. Resource name of the + organization. Example: organizations/123 + + This corresponds to the ``scope`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + crypto_key (str): + Required. The resource name of the + [CryptoKey][google.cloud.kms.v1.CryptoKey]. + + This corresponds to the ``crypto_key`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.kms_inventory_v1.services.key_tracking_service.pagers.SearchProtectedResourcesPager: + Response message for + [KeyTrackingService.SearchProtectedResources][google.cloud.kms.inventory.v1.KeyTrackingService.SearchProtectedResources]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([scope, crypto_key]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a key_tracking_service.SearchProtectedResourcesRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, key_tracking_service.SearchProtectedResourcesRequest): + request = key_tracking_service.SearchProtectedResourcesRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if scope is not None: + request.scope = scope + if crypto_key is not None: + request.crypto_key = crypto_key + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.search_protected_resources] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("scope", request.scope), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.SearchProtectedResourcesPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self) -> "KeyTrackingServiceClient": + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +__all__ = ( + "KeyTrackingServiceClient", +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/pagers.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/pagers.py new file mode 100644 index 000000000000..76dfaa97bd14 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/pagers.py @@ -0,0 +1,139 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.kms_inventory_v1.types import key_tracking_service + + +class SearchProtectedResourcesPager: + """A pager for iterating through ``search_protected_resources`` requests. + + This class thinly wraps an initial + :class:`google.cloud.kms_inventory_v1.types.SearchProtectedResourcesResponse` object, and + provides an ``__iter__`` method to iterate through its + ``protected_resources`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``SearchProtectedResources`` requests and continue to iterate + through the ``protected_resources`` field on the + corresponding responses. + + All the usual :class:`google.cloud.kms_inventory_v1.types.SearchProtectedResourcesResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., key_tracking_service.SearchProtectedResourcesResponse], + request: key_tracking_service.SearchProtectedResourcesRequest, + response: key_tracking_service.SearchProtectedResourcesResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.kms_inventory_v1.types.SearchProtectedResourcesRequest): + The initial request object. + response (google.cloud.kms_inventory_v1.types.SearchProtectedResourcesResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = key_tracking_service.SearchProtectedResourcesRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[key_tracking_service.SearchProtectedResourcesResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[key_tracking_service.ProtectedResource]: + for page in self.pages: + yield from page.protected_resources + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class SearchProtectedResourcesAsyncPager: + """A pager for iterating through ``search_protected_resources`` requests. + + This class thinly wraps an initial + :class:`google.cloud.kms_inventory_v1.types.SearchProtectedResourcesResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``protected_resources`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``SearchProtectedResources`` requests and continue to iterate + through the ``protected_resources`` field on the + corresponding responses. + + All the usual :class:`google.cloud.kms_inventory_v1.types.SearchProtectedResourcesResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[key_tracking_service.SearchProtectedResourcesResponse]], + request: key_tracking_service.SearchProtectedResourcesRequest, + response: key_tracking_service.SearchProtectedResourcesResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.kms_inventory_v1.types.SearchProtectedResourcesRequest): + The initial request object. + response (google.cloud.kms_inventory_v1.types.SearchProtectedResourcesResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = key_tracking_service.SearchProtectedResourcesRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[key_tracking_service.SearchProtectedResourcesResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[key_tracking_service.ProtectedResource]: + async def async_generator(): + async for page in self.pages: + for response in page.protected_resources: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/__init__.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/__init__.py new file mode 100644 index 000000000000..bd009e92a344 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/__init__.py @@ -0,0 +1,38 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import KeyTrackingServiceTransport +from .grpc import KeyTrackingServiceGrpcTransport +from .grpc_asyncio import KeyTrackingServiceGrpcAsyncIOTransport +from .rest import KeyTrackingServiceRestTransport +from .rest import KeyTrackingServiceRestInterceptor + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[KeyTrackingServiceTransport]] +_transport_registry['grpc'] = KeyTrackingServiceGrpcTransport +_transport_registry['grpc_asyncio'] = KeyTrackingServiceGrpcAsyncIOTransport +_transport_registry['rest'] = KeyTrackingServiceRestTransport + +__all__ = ( + 'KeyTrackingServiceTransport', + 'KeyTrackingServiceGrpcTransport', + 'KeyTrackingServiceGrpcAsyncIOTransport', + 'KeyTrackingServiceRestTransport', + 'KeyTrackingServiceRestInterceptor', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/base.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/base.py new file mode 100644 index 000000000000..e19ad2ed9b8d --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/base.py @@ -0,0 +1,162 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union + +from google.cloud.kms_inventory_v1 import gapic_version as package_version + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.kms_inventory_v1.types import key_tracking_service + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +class KeyTrackingServiceTransport(abc.ABC): + """Abstract transport class for KeyTrackingService.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'kmsinventory.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_protected_resources_summary: gapic_v1.method.wrap_method( + self.get_protected_resources_summary, + default_timeout=60.0, + client_info=client_info, + ), + self.search_protected_resources: gapic_v1.method.wrap_method( + self.search_protected_resources, + default_timeout=60.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_protected_resources_summary(self) -> Callable[ + [key_tracking_service.GetProtectedResourcesSummaryRequest], + Union[ + key_tracking_service.ProtectedResourcesSummary, + Awaitable[key_tracking_service.ProtectedResourcesSummary] + ]]: + raise NotImplementedError() + + @property + def search_protected_resources(self) -> Callable[ + [key_tracking_service.SearchProtectedResourcesRequest], + Union[ + key_tracking_service.SearchProtectedResourcesResponse, + Awaitable[key_tracking_service.SearchProtectedResourcesResponse] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'KeyTrackingServiceTransport', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/grpc.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/grpc.py new file mode 100644 index 000000000000..a50122923f9a --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/grpc.py @@ -0,0 +1,298 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.kms_inventory_v1.types import key_tracking_service +from .base import KeyTrackingServiceTransport, DEFAULT_CLIENT_INFO + + +class KeyTrackingServiceGrpcTransport(KeyTrackingServiceTransport): + """gRPC backend transport for KeyTrackingService. + + Returns information about the resources in an org that are + protected by a given Cloud KMS key via CMEK. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'kmsinventory.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'kmsinventory.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_protected_resources_summary(self) -> Callable[ + [key_tracking_service.GetProtectedResourcesSummaryRequest], + key_tracking_service.ProtectedResourcesSummary]: + r"""Return a callable for the get protected resources + summary method over gRPC. + + Returns aggregate information about the resources protected by + the given Cloud KMS [CryptoKey][google.cloud.kms.v1.CryptoKey]. + Only resources within the same Cloud organization as the key + will be returned. The project that holds the key must be part of + an organization in order for this call to succeed. + + Returns: + Callable[[~.GetProtectedResourcesSummaryRequest], + ~.ProtectedResourcesSummary]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_protected_resources_summary' not in self._stubs: + self._stubs['get_protected_resources_summary'] = self.grpc_channel.unary_unary( + '/google.cloud.kms.inventory.v1.KeyTrackingService/GetProtectedResourcesSummary', + request_serializer=key_tracking_service.GetProtectedResourcesSummaryRequest.serialize, + response_deserializer=key_tracking_service.ProtectedResourcesSummary.deserialize, + ) + return self._stubs['get_protected_resources_summary'] + + @property + def search_protected_resources(self) -> Callable[ + [key_tracking_service.SearchProtectedResourcesRequest], + key_tracking_service.SearchProtectedResourcesResponse]: + r"""Return a callable for the search protected resources method over gRPC. + + Returns metadata about the resources protected by the given + Cloud KMS [CryptoKey][google.cloud.kms.v1.CryptoKey] in the + given Cloud organization. + + Returns: + Callable[[~.SearchProtectedResourcesRequest], + ~.SearchProtectedResourcesResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'search_protected_resources' not in self._stubs: + self._stubs['search_protected_resources'] = self.grpc_channel.unary_unary( + '/google.cloud.kms.inventory.v1.KeyTrackingService/SearchProtectedResources', + request_serializer=key_tracking_service.SearchProtectedResourcesRequest.serialize, + response_deserializer=key_tracking_service.SearchProtectedResourcesResponse.deserialize, + ) + return self._stubs['search_protected_resources'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'KeyTrackingServiceGrpcTransport', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/grpc_asyncio.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/grpc_asyncio.py new file mode 100644 index 000000000000..9a51e8aeee41 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/grpc_asyncio.py @@ -0,0 +1,297 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.kms_inventory_v1.types import key_tracking_service +from .base import KeyTrackingServiceTransport, DEFAULT_CLIENT_INFO +from .grpc import KeyTrackingServiceGrpcTransport + + +class KeyTrackingServiceGrpcAsyncIOTransport(KeyTrackingServiceTransport): + """gRPC AsyncIO backend transport for KeyTrackingService. + + Returns information about the resources in an org that are + protected by a given Cloud KMS key via CMEK. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'kmsinventory.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'kmsinventory.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_protected_resources_summary(self) -> Callable[ + [key_tracking_service.GetProtectedResourcesSummaryRequest], + Awaitable[key_tracking_service.ProtectedResourcesSummary]]: + r"""Return a callable for the get protected resources + summary method over gRPC. + + Returns aggregate information about the resources protected by + the given Cloud KMS [CryptoKey][google.cloud.kms.v1.CryptoKey]. + Only resources within the same Cloud organization as the key + will be returned. The project that holds the key must be part of + an organization in order for this call to succeed. + + Returns: + Callable[[~.GetProtectedResourcesSummaryRequest], + Awaitable[~.ProtectedResourcesSummary]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_protected_resources_summary' not in self._stubs: + self._stubs['get_protected_resources_summary'] = self.grpc_channel.unary_unary( + '/google.cloud.kms.inventory.v1.KeyTrackingService/GetProtectedResourcesSummary', + request_serializer=key_tracking_service.GetProtectedResourcesSummaryRequest.serialize, + response_deserializer=key_tracking_service.ProtectedResourcesSummary.deserialize, + ) + return self._stubs['get_protected_resources_summary'] + + @property + def search_protected_resources(self) -> Callable[ + [key_tracking_service.SearchProtectedResourcesRequest], + Awaitable[key_tracking_service.SearchProtectedResourcesResponse]]: + r"""Return a callable for the search protected resources method over gRPC. + + Returns metadata about the resources protected by the given + Cloud KMS [CryptoKey][google.cloud.kms.v1.CryptoKey] in the + given Cloud organization. + + Returns: + Callable[[~.SearchProtectedResourcesRequest], + Awaitable[~.SearchProtectedResourcesResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'search_protected_resources' not in self._stubs: + self._stubs['search_protected_resources'] = self.grpc_channel.unary_unary( + '/google.cloud.kms.inventory.v1.KeyTrackingService/SearchProtectedResources', + request_serializer=key_tracking_service.SearchProtectedResourcesRequest.serialize, + response_deserializer=key_tracking_service.SearchProtectedResourcesResponse.deserialize, + ) + return self._stubs['search_protected_resources'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'KeyTrackingServiceGrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/rest.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/rest.py new file mode 100644 index 000000000000..37ccfc5c8a25 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/services/key_tracking_service/transports/rest.py @@ -0,0 +1,409 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +from google.auth.transport.requests import AuthorizedSession # type: ignore +import json # type: ignore +import grpc # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.api_core import exceptions as core_exceptions +from google.api_core import retry as retries +from google.api_core import rest_helpers +from google.api_core import rest_streaming +from google.api_core import path_template +from google.api_core import gapic_v1 + +from google.protobuf import json_format +from requests import __version__ as requests_version +import dataclasses +import re +from typing import Any, Callable, Dict, List, Optional, Sequence, Tuple, Union +import warnings + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + + +from google.cloud.kms_inventory_v1.types import key_tracking_service + +from .base import KeyTrackingServiceTransport, DEFAULT_CLIENT_INFO as BASE_DEFAULT_CLIENT_INFO + + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=BASE_DEFAULT_CLIENT_INFO.gapic_version, + grpc_version=None, + rest_version=requests_version, +) + + +class KeyTrackingServiceRestInterceptor: + """Interceptor for KeyTrackingService. + + Interceptors are used to manipulate requests, request metadata, and responses + in arbitrary ways. + Example use cases include: + * Logging + * Verifying requests according to service or custom semantics + * Stripping extraneous information from responses + + These use cases and more can be enabled by injecting an + instance of a custom subclass when constructing the KeyTrackingServiceRestTransport. + + .. code-block:: python + class MyCustomKeyTrackingServiceInterceptor(KeyTrackingServiceRestInterceptor): + def pre_get_protected_resources_summary(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_get_protected_resources_summary(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_search_protected_resources(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_search_protected_resources(self, response): + logging.log(f"Received response: {response}") + return response + + transport = KeyTrackingServiceRestTransport(interceptor=MyCustomKeyTrackingServiceInterceptor()) + client = KeyTrackingServiceClient(transport=transport) + + + """ + def pre_get_protected_resources_summary(self, request: key_tracking_service.GetProtectedResourcesSummaryRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[key_tracking_service.GetProtectedResourcesSummaryRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for get_protected_resources_summary + + Override in a subclass to manipulate the request or metadata + before they are sent to the KeyTrackingService server. + """ + return request, metadata + + def post_get_protected_resources_summary(self, response: key_tracking_service.ProtectedResourcesSummary) -> key_tracking_service.ProtectedResourcesSummary: + """Post-rpc interceptor for get_protected_resources_summary + + Override in a subclass to manipulate the response + after it is returned by the KeyTrackingService server but before + it is returned to user code. + """ + return response + def pre_search_protected_resources(self, request: key_tracking_service.SearchProtectedResourcesRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[key_tracking_service.SearchProtectedResourcesRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for search_protected_resources + + Override in a subclass to manipulate the request or metadata + before they are sent to the KeyTrackingService server. + """ + return request, metadata + + def post_search_protected_resources(self, response: key_tracking_service.SearchProtectedResourcesResponse) -> key_tracking_service.SearchProtectedResourcesResponse: + """Post-rpc interceptor for search_protected_resources + + Override in a subclass to manipulate the response + after it is returned by the KeyTrackingService server but before + it is returned to user code. + """ + return response + + +@dataclasses.dataclass +class KeyTrackingServiceRestStub: + _session: AuthorizedSession + _host: str + _interceptor: KeyTrackingServiceRestInterceptor + + +class KeyTrackingServiceRestTransport(KeyTrackingServiceTransport): + """REST backend transport for KeyTrackingService. + + Returns information about the resources in an org that are + protected by a given Cloud KMS key via CMEK. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends JSON representations of protocol buffers over HTTP/1.1 + + """ + + def __init__(self, *, + host: str = 'kmsinventory.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + client_cert_source_for_mtls: Optional[Callable[[ + ], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + url_scheme: str = 'https', + interceptor: Optional[KeyTrackingServiceRestInterceptor] = None, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + client_cert_source_for_mtls (Callable[[], Tuple[bytes, bytes]]): Client + certificate to configure mutual TLS HTTP channel. It is ignored + if ``channel`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you are developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + url_scheme: the protocol scheme for the API endpoint. Normally + "https", but for testing or local servers, + "http" can be specified. + """ + # Run the base constructor + # TODO(yon-mg): resolve other ctor params i.e. scopes, quota, etc. + # TODO: When custom host (api_endpoint) is set, `scopes` must *also* be set on the + # credentials object + maybe_url_match = re.match("^(?Phttp(?:s)?://)?(?P.*)$", host) + if maybe_url_match is None: + raise ValueError(f"Unexpected hostname structure: {host}") # pragma: NO COVER + + url_match_items = maybe_url_match.groupdict() + + host = f"{url_scheme}://{host}" if not url_match_items["scheme"] else host + + super().__init__( + host=host, + credentials=credentials, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience + ) + self._session = AuthorizedSession( + self._credentials, default_host=self.DEFAULT_HOST) + if client_cert_source_for_mtls: + self._session.configure_mtls_channel(client_cert_source_for_mtls) + self._interceptor = interceptor or KeyTrackingServiceRestInterceptor() + self._prep_wrapped_messages(client_info) + + class _GetProtectedResourcesSummary(KeyTrackingServiceRestStub): + def __hash__(self): + return hash("GetProtectedResourcesSummary") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: key_tracking_service.GetProtectedResourcesSummaryRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> key_tracking_service.ProtectedResourcesSummary: + r"""Call the get protected resources + summary method over HTTP. + + Args: + request (~.key_tracking_service.GetProtectedResourcesSummaryRequest): + The request object. Request message for + [KeyTrackingService.GetProtectedResourcesSummary][google.cloud.kms.inventory.v1.KeyTrackingService.GetProtectedResourcesSummary]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.key_tracking_service.ProtectedResourcesSummary: + Aggregate information about the + resources protected by a Cloud KMS key + in the same Cloud organization as the + key. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/**}/protectedResourcesSummary', + }, + ] + request, metadata = self._interceptor.pre_get_protected_resources_summary(request, metadata) + pb_request = key_tracking_service.GetProtectedResourcesSummaryRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + including_default_value_fields=False, + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = key_tracking_service.ProtectedResourcesSummary() + pb_resp = key_tracking_service.ProtectedResourcesSummary.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_get_protected_resources_summary(resp) + return resp + + class _SearchProtectedResources(KeyTrackingServiceRestStub): + def __hash__(self): + return hash("SearchProtectedResources") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + "cryptoKey" : "", } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: key_tracking_service.SearchProtectedResourcesRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> key_tracking_service.SearchProtectedResourcesResponse: + r"""Call the search protected + resources method over HTTP. + + Args: + request (~.key_tracking_service.SearchProtectedResourcesRequest): + The request object. Request message for + [KeyTrackingService.SearchProtectedResources][google.cloud.kms.inventory.v1.KeyTrackingService.SearchProtectedResources]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.key_tracking_service.SearchProtectedResourcesResponse: + Response message for + [KeyTrackingService.SearchProtectedResources][google.cloud.kms.inventory.v1.KeyTrackingService.SearchProtectedResources]. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1/{scope=organizations/*}/protectedResources:search', + }, + ] + request, metadata = self._interceptor.pre_search_protected_resources(request, metadata) + pb_request = key_tracking_service.SearchProtectedResourcesRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + including_default_value_fields=False, + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = key_tracking_service.SearchProtectedResourcesResponse() + pb_resp = key_tracking_service.SearchProtectedResourcesResponse.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_search_protected_resources(resp) + return resp + + @property + def get_protected_resources_summary(self) -> Callable[ + [key_tracking_service.GetProtectedResourcesSummaryRequest], + key_tracking_service.ProtectedResourcesSummary]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._GetProtectedResourcesSummary(self._session, self._host, self._interceptor) # type: ignore + + @property + def search_protected_resources(self) -> Callable[ + [key_tracking_service.SearchProtectedResourcesRequest], + key_tracking_service.SearchProtectedResourcesResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._SearchProtectedResources(self._session, self._host, self._interceptor) # type: ignore + + @property + def kind(self) -> str: + return "rest" + + def close(self): + self._session.close() + + +__all__=( + 'KeyTrackingServiceRestTransport', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/types/__init__.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/types/__init__.py new file mode 100644 index 000000000000..5ee766652fca --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/types/__init__.py @@ -0,0 +1,36 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .key_dashboard_service import ( + ListCryptoKeysRequest, + ListCryptoKeysResponse, +) +from .key_tracking_service import ( + GetProtectedResourcesSummaryRequest, + ProtectedResource, + ProtectedResourcesSummary, + SearchProtectedResourcesRequest, + SearchProtectedResourcesResponse, +) + +__all__ = ( + 'ListCryptoKeysRequest', + 'ListCryptoKeysResponse', + 'GetProtectedResourcesSummaryRequest', + 'ProtectedResource', + 'ProtectedResourcesSummary', + 'SearchProtectedResourcesRequest', + 'SearchProtectedResourcesResponse', +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/types/key_dashboard_service.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/types/key_dashboard_service.py new file mode 100644 index 000000000000..f407b9f0e098 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/types/key_dashboard_service.py @@ -0,0 +1,94 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from __future__ import annotations + +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.cloud.kms_v1.types import resources + + +__protobuf__ = proto.module( + package='google.cloud.kms.inventory.v1', + manifest={ + 'ListCryptoKeysRequest', + 'ListCryptoKeysResponse', + }, +) + + +class ListCryptoKeysRequest(proto.Message): + r"""Request message for + [KeyDashboardService.ListCryptoKeys][google.cloud.kms.inventory.v1.KeyDashboardService.ListCryptoKeys]. + + Attributes: + parent (str): + Required. The Google Cloud project for which to retrieve key + metadata, in the format ``projects/*`` + page_size (int): + Optional. The maximum number of keys to + return. The service may return fewer than this + value. If unspecified, at most 1000 keys will be + returned. The maximum value is 1000; values + above 1000 will be coerced to 1000. + page_token (str): + Optional. Pass this into a subsequent request + in order to receive the next page of results. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + page_size: int = proto.Field( + proto.INT32, + number=2, + ) + page_token: str = proto.Field( + proto.STRING, + number=3, + ) + + +class ListCryptoKeysResponse(proto.Message): + r"""Response message for + [KeyDashboardService.ListCryptoKeys][google.cloud.kms.inventory.v1.KeyDashboardService.ListCryptoKeys]. + + Attributes: + crypto_keys (MutableSequence[google.cloud.kms_v1.types.CryptoKey]): + The list of [CryptoKeys][google.cloud.kms.v1.CryptoKey]. + next_page_token (str): + The page token returned from the previous + response if the next page is desired. + """ + + @property + def raw_page(self): + return self + + crypto_keys: MutableSequence[resources.CryptoKey] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.CryptoKey, + ) + next_page_token: str = proto.Field( + proto.STRING, + number=2, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/types/key_tracking_service.py b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/types/key_tracking_service.py new file mode 100644 index 000000000000..e2cbeab1f395 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/google/cloud/kms_inventory_v1/types/key_tracking_service.py @@ -0,0 +1,292 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from __future__ import annotations + +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.kms.inventory.v1', + manifest={ + 'GetProtectedResourcesSummaryRequest', + 'ProtectedResourcesSummary', + 'SearchProtectedResourcesRequest', + 'SearchProtectedResourcesResponse', + 'ProtectedResource', + }, +) + + +class GetProtectedResourcesSummaryRequest(proto.Message): + r"""Request message for + [KeyTrackingService.GetProtectedResourcesSummary][google.cloud.kms.inventory.v1.KeyTrackingService.GetProtectedResourcesSummary]. + + Attributes: + name (str): + Required. The resource name of the + [CryptoKey][google.cloud.kms.v1.CryptoKey]. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class ProtectedResourcesSummary(proto.Message): + r"""Aggregate information about the resources protected by a + Cloud KMS key in the same Cloud organization as the key. + + Attributes: + name (str): + The full name of the + ProtectedResourcesSummary resource. Example: + projects/test-project/locations/us/keyRings/test-keyring/cryptoKeys/test-key/protectedResourcesSummary + resource_count (int): + The total number of protected resources in + the same Cloud organization as the key. + project_count (int): + The number of distinct Cloud projects in the + same Cloud organization as the key that have + resources protected by the key. + resource_types (MutableMapping[str, int]): + The number of resources protected by the key + grouped by resource type. + cloud_products (MutableMapping[str, int]): + The number of resources protected by the key + grouped by Cloud product. + locations (MutableMapping[str, int]): + The number of resources protected by the key + grouped by region. + """ + + name: str = proto.Field( + proto.STRING, + number=5, + ) + resource_count: int = proto.Field( + proto.INT64, + number=1, + ) + project_count: int = proto.Field( + proto.INT32, + number=2, + ) + resource_types: MutableMapping[str, int] = proto.MapField( + proto.STRING, + proto.INT64, + number=3, + ) + cloud_products: MutableMapping[str, int] = proto.MapField( + proto.STRING, + proto.INT64, + number=6, + ) + locations: MutableMapping[str, int] = proto.MapField( + proto.STRING, + proto.INT64, + number=4, + ) + + +class SearchProtectedResourcesRequest(proto.Message): + r"""Request message for + [KeyTrackingService.SearchProtectedResources][google.cloud.kms.inventory.v1.KeyTrackingService.SearchProtectedResources]. + + Attributes: + scope (str): + Required. Resource name of the organization. + Example: organizations/123 + crypto_key (str): + Required. The resource name of the + [CryptoKey][google.cloud.kms.v1.CryptoKey]. + page_size (int): + The maximum number of resources to return. + The service may return fewer than this value. If + unspecified, at most 500 resources will be + returned. The maximum value is 500; values above + 500 will be coerced to 500. + page_token (str): + A page token, received from a previous + [KeyTrackingService.SearchProtectedResources][google.cloud.kms.inventory.v1.KeyTrackingService.SearchProtectedResources] + call. Provide this to retrieve the subsequent page. + + When paginating, all other parameters provided to + [KeyTrackingService.SearchProtectedResources][google.cloud.kms.inventory.v1.KeyTrackingService.SearchProtectedResources] + must match the call that provided the page token. + resource_types (MutableSequence[str]): + Optional. A list of resource types that this request + searches for. If empty, it will search all the `trackable + resource + types `__. + + Regular expressions are also supported. For example: + + - ``compute.googleapis.com.*`` snapshots resources whose + type starts with ``compute.googleapis.com``. + - ``.*Image`` snapshots resources whose type ends with + ``Image``. + - ``.*Image.*`` snapshots resources whose type contains + ``Image``. + + See `RE2 `__ for + all supported regular expression syntax. If the regular + expression does not match any supported resource type, an + INVALID_ARGUMENT error will be returned. + """ + + scope: str = proto.Field( + proto.STRING, + number=2, + ) + crypto_key: str = proto.Field( + proto.STRING, + number=1, + ) + page_size: int = proto.Field( + proto.INT32, + number=3, + ) + page_token: str = proto.Field( + proto.STRING, + number=4, + ) + resource_types: MutableSequence[str] = proto.RepeatedField( + proto.STRING, + number=5, + ) + + +class SearchProtectedResourcesResponse(proto.Message): + r"""Response message for + [KeyTrackingService.SearchProtectedResources][google.cloud.kms.inventory.v1.KeyTrackingService.SearchProtectedResources]. + + Attributes: + protected_resources (MutableSequence[google.cloud.kms_inventory_v1.types.ProtectedResource]): + Protected resources for this page. + next_page_token (str): + A token that can be sent as ``page_token`` to retrieve the + next page. If this field is omitted, there are no subsequent + pages. + """ + + @property + def raw_page(self): + return self + + protected_resources: MutableSequence['ProtectedResource'] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message='ProtectedResource', + ) + next_page_token: str = proto.Field( + proto.STRING, + number=2, + ) + + +class ProtectedResource(proto.Message): + r"""Metadata about a resource protected by a Cloud KMS key. + + Attributes: + name (str): + The full resource name of the resource. Example: + ``//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1``. + project (str): + Format: ``projects/{PROJECT_NUMBER}``. + project_id (str): + The ID of the project that owns the resource. + cloud_product (str): + The Cloud product that owns the resource. Example: + ``compute`` + resource_type (str): + Example: ``compute.googleapis.com/Disk`` + location (str): + Location can be ``global``, regional like ``us-east1``, or + zonal like ``us-west1-b``. + labels (MutableMapping[str, str]): + A key-value pair of the resource's labels + (v1) to their values. + crypto_key_version (str): + The name of the Cloud KMS + `CryptoKeyVersion `__ + used to protect this resource via CMEK. This field is empty + if the Google Cloud product owning the resource does not + provide key version data to Asset Inventory. If there are + multiple key versions protecting the resource, then this is + same value as the first element of crypto_key_versions. + crypto_key_versions (MutableSequence[str]): + The names of the Cloud KMS + `CryptoKeyVersion `__ + used to protect this resource via CMEK. This field is empty + if the Google Cloud product owning the resource does not + provide key versions data to Asset Inventory. The first + element of this field is stored in crypto_key_version. + create_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. The time at which this resource + was created. The granularity is in seconds. + Timestamp.nanos will always be 0. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + project: str = proto.Field( + proto.STRING, + number=2, + ) + project_id: str = proto.Field( + proto.STRING, + number=9, + ) + cloud_product: str = proto.Field( + proto.STRING, + number=8, + ) + resource_type: str = proto.Field( + proto.STRING, + number=3, + ) + location: str = proto.Field( + proto.STRING, + number=4, + ) + labels: MutableMapping[str, str] = proto.MapField( + proto.STRING, + proto.STRING, + number=5, + ) + crypto_key_version: str = proto.Field( + proto.STRING, + number=6, + ) + crypto_key_versions: MutableSequence[str] = proto.RepeatedField( + proto.STRING, + number=10, + ) + create_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=7, + message=timestamp_pb2.Timestamp, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/mypy.ini b/owl-bot-staging/google-cloud-kms-inventory/v1/mypy.ini new file mode 100644 index 000000000000..574c5aed394b --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/mypy.ini @@ -0,0 +1,3 @@ +[mypy] +python_version = 3.7 +namespace_packages = True diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/noxfile.py b/owl-bot-staging/google-cloud-kms-inventory/v1/noxfile.py new file mode 100644 index 000000000000..88b170fff151 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/noxfile.py @@ -0,0 +1,184 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +import pathlib +import shutil +import subprocess +import sys + + +import nox # type: ignore + +ALL_PYTHON = [ + "3.7", + "3.8", + "3.9", + "3.10", + "3.11", +] + +CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() + +LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" +PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") + +BLACK_VERSION = "black==22.3.0" +BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] +DEFAULT_PYTHON_VERSION = "3.11" + +nox.sessions = [ + "unit", + "cover", + "mypy", + "check_lower_bounds" + # exclude update_lower_bounds from default + "docs", + "blacken", + "lint", + "lint_setup_py", +] + +@nox.session(python=ALL_PYTHON) +def unit(session): + """Run the unit test suite.""" + + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + session.install('-e', '.') + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/kms_inventory_v1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def cover(session): + """Run the final coverage report. + This outputs the coverage report aggregating coverage from the unit + test runs (not system test runs), and then erases coverage data. + """ + session.install("coverage", "pytest-cov") + session.run("coverage", "report", "--show-missing", "--fail-under=100") + + session.run("coverage", "erase") + + +@nox.session(python=ALL_PYTHON) +def mypy(session): + """Run the type checker.""" + session.install( + 'mypy', + 'types-requests', + 'types-protobuf' + ) + session.install('.') + session.run( + 'mypy', + '--explicit-package-bases', + 'google', + ) + + +@nox.session +def update_lower_bounds(session): + """Update lower bounds in constraints.txt to match setup.py""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'update', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + + +@nox.session +def check_lower_bounds(session): + """Check lower bounds in setup.py are reflected in constraints file""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'check', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def docs(session): + """Build the docs for this library.""" + + session.install("-e", ".") + session.install("sphinx==4.0.1", "alabaster", "recommonmark") + + shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) + session.run( + "sphinx-build", + "-W", # warnings as errors + "-T", # show full traceback on exception + "-N", # no colors + "-b", + "html", + "-d", + os.path.join("docs", "_build", "doctrees", ""), + os.path.join("docs", ""), + os.path.join("docs", "_build", "html", ""), + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint(session): + """Run linters. + + Returns a failure if the linters find linting errors or sufficiently + serious code quality issues. + """ + session.install("flake8", BLACK_VERSION) + session.run( + "black", + "--check", + *BLACK_PATHS, + ) + session.run("flake8", "google", "tests", "samples") + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def blacken(session): + """Run black. Format code to uniform standard.""" + session.install(BLACK_VERSION) + session.run( + "black", + *BLACK_PATHS, + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint_setup_py(session): + """Verify that setup.py is valid (including RST check).""" + session.install("docutils", "pygments") + session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_dashboard_service_list_crypto_keys_async.py b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_dashboard_service_list_crypto_keys_async.py new file mode 100644 index 000000000000..335b409babb4 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_dashboard_service_list_crypto_keys_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListCryptoKeys +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-kms-inventory + + +# [START kmsinventory_v1_generated_KeyDashboardService_ListCryptoKeys_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import kms_inventory_v1 + + +async def sample_list_crypto_keys(): + # Create a client + client = kms_inventory_v1.KeyDashboardServiceAsyncClient() + + # Initialize request argument(s) + request = kms_inventory_v1.ListCryptoKeysRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_crypto_keys(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END kmsinventory_v1_generated_KeyDashboardService_ListCryptoKeys_async] diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_dashboard_service_list_crypto_keys_sync.py b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_dashboard_service_list_crypto_keys_sync.py new file mode 100644 index 000000000000..826c7435c164 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_dashboard_service_list_crypto_keys_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListCryptoKeys +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-kms-inventory + + +# [START kmsinventory_v1_generated_KeyDashboardService_ListCryptoKeys_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import kms_inventory_v1 + + +def sample_list_crypto_keys(): + # Create a client + client = kms_inventory_v1.KeyDashboardServiceClient() + + # Initialize request argument(s) + request = kms_inventory_v1.ListCryptoKeysRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_crypto_keys(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END kmsinventory_v1_generated_KeyDashboardService_ListCryptoKeys_sync] diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_get_protected_resources_summary_async.py b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_get_protected_resources_summary_async.py new file mode 100644 index 000000000000..1a29563b6c6d --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_get_protected_resources_summary_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetProtectedResourcesSummary +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-kms-inventory + + +# [START kmsinventory_v1_generated_KeyTrackingService_GetProtectedResourcesSummary_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import kms_inventory_v1 + + +async def sample_get_protected_resources_summary(): + # Create a client + client = kms_inventory_v1.KeyTrackingServiceAsyncClient() + + # Initialize request argument(s) + request = kms_inventory_v1.GetProtectedResourcesSummaryRequest( + name="name_value", + ) + + # Make the request + response = await client.get_protected_resources_summary(request=request) + + # Handle the response + print(response) + +# [END kmsinventory_v1_generated_KeyTrackingService_GetProtectedResourcesSummary_async] diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_get_protected_resources_summary_sync.py b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_get_protected_resources_summary_sync.py new file mode 100644 index 000000000000..e0ea91fae944 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_get_protected_resources_summary_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetProtectedResourcesSummary +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-kms-inventory + + +# [START kmsinventory_v1_generated_KeyTrackingService_GetProtectedResourcesSummary_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import kms_inventory_v1 + + +def sample_get_protected_resources_summary(): + # Create a client + client = kms_inventory_v1.KeyTrackingServiceClient() + + # Initialize request argument(s) + request = kms_inventory_v1.GetProtectedResourcesSummaryRequest( + name="name_value", + ) + + # Make the request + response = client.get_protected_resources_summary(request=request) + + # Handle the response + print(response) + +# [END kmsinventory_v1_generated_KeyTrackingService_GetProtectedResourcesSummary_sync] diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_search_protected_resources_async.py b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_search_protected_resources_async.py new file mode 100644 index 000000000000..48d64cb8dfa7 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_search_protected_resources_async.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for SearchProtectedResources +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-kms-inventory + + +# [START kmsinventory_v1_generated_KeyTrackingService_SearchProtectedResources_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import kms_inventory_v1 + + +async def sample_search_protected_resources(): + # Create a client + client = kms_inventory_v1.KeyTrackingServiceAsyncClient() + + # Initialize request argument(s) + request = kms_inventory_v1.SearchProtectedResourcesRequest( + scope="scope_value", + crypto_key="crypto_key_value", + ) + + # Make the request + page_result = client.search_protected_resources(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END kmsinventory_v1_generated_KeyTrackingService_SearchProtectedResources_async] diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_search_protected_resources_sync.py b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_search_protected_resources_sync.py new file mode 100644 index 000000000000..5bd6f68211d5 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/kmsinventory_v1_generated_key_tracking_service_search_protected_resources_sync.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for SearchProtectedResources +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-kms-inventory + + +# [START kmsinventory_v1_generated_KeyTrackingService_SearchProtectedResources_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import kms_inventory_v1 + + +def sample_search_protected_resources(): + # Create a client + client = kms_inventory_v1.KeyTrackingServiceClient() + + # Initialize request argument(s) + request = kms_inventory_v1.SearchProtectedResourcesRequest( + scope="scope_value", + crypto_key="crypto_key_value", + ) + + # Make the request + page_result = client.search_protected_resources(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END kmsinventory_v1_generated_KeyTrackingService_SearchProtectedResources_sync] diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/snippet_metadata_google.cloud.kms.inventory.v1.json b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/snippet_metadata_google.cloud.kms.inventory.v1.json new file mode 100644 index 000000000000..b884eb2a257b --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/samples/generated_samples/snippet_metadata_google.cloud.kms.inventory.v1.json @@ -0,0 +1,506 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.kms.inventory.v1", + "version": "v1" + } + ], + "language": "PYTHON", + "name": "google-cloud-kms-inventory", + "version": "0.1.0" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.kms_inventory_v1.KeyDashboardServiceAsyncClient", + "shortName": "KeyDashboardServiceAsyncClient" + }, + "fullName": "google.cloud.kms_inventory_v1.KeyDashboardServiceAsyncClient.list_crypto_keys", + "method": { + "fullName": "google.cloud.kms.inventory.v1.KeyDashboardService.ListCryptoKeys", + "service": { + "fullName": "google.cloud.kms.inventory.v1.KeyDashboardService", + "shortName": "KeyDashboardService" + }, + "shortName": "ListCryptoKeys" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.kms_inventory_v1.types.ListCryptoKeysRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.kms_inventory_v1.services.key_dashboard_service.pagers.ListCryptoKeysAsyncPager", + "shortName": "list_crypto_keys" + }, + "description": "Sample for ListCryptoKeys", + "file": "kmsinventory_v1_generated_key_dashboard_service_list_crypto_keys_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "kmsinventory_v1_generated_KeyDashboardService_ListCryptoKeys_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "kmsinventory_v1_generated_key_dashboard_service_list_crypto_keys_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.kms_inventory_v1.KeyDashboardServiceClient", + "shortName": "KeyDashboardServiceClient" + }, + "fullName": "google.cloud.kms_inventory_v1.KeyDashboardServiceClient.list_crypto_keys", + "method": { + "fullName": "google.cloud.kms.inventory.v1.KeyDashboardService.ListCryptoKeys", + "service": { + "fullName": "google.cloud.kms.inventory.v1.KeyDashboardService", + "shortName": "KeyDashboardService" + }, + "shortName": "ListCryptoKeys" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.kms_inventory_v1.types.ListCryptoKeysRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.kms_inventory_v1.services.key_dashboard_service.pagers.ListCryptoKeysPager", + "shortName": "list_crypto_keys" + }, + "description": "Sample for ListCryptoKeys", + "file": "kmsinventory_v1_generated_key_dashboard_service_list_crypto_keys_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "kmsinventory_v1_generated_KeyDashboardService_ListCryptoKeys_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "kmsinventory_v1_generated_key_dashboard_service_list_crypto_keys_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.kms_inventory_v1.KeyTrackingServiceAsyncClient", + "shortName": "KeyTrackingServiceAsyncClient" + }, + "fullName": "google.cloud.kms_inventory_v1.KeyTrackingServiceAsyncClient.get_protected_resources_summary", + "method": { + "fullName": "google.cloud.kms.inventory.v1.KeyTrackingService.GetProtectedResourcesSummary", + "service": { + "fullName": "google.cloud.kms.inventory.v1.KeyTrackingService", + "shortName": "KeyTrackingService" + }, + "shortName": "GetProtectedResourcesSummary" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.kms_inventory_v1.types.GetProtectedResourcesSummaryRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.kms_inventory_v1.types.ProtectedResourcesSummary", + "shortName": "get_protected_resources_summary" + }, + "description": "Sample for GetProtectedResourcesSummary", + "file": "kmsinventory_v1_generated_key_tracking_service_get_protected_resources_summary_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "kmsinventory_v1_generated_KeyTrackingService_GetProtectedResourcesSummary_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "kmsinventory_v1_generated_key_tracking_service_get_protected_resources_summary_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.kms_inventory_v1.KeyTrackingServiceClient", + "shortName": "KeyTrackingServiceClient" + }, + "fullName": "google.cloud.kms_inventory_v1.KeyTrackingServiceClient.get_protected_resources_summary", + "method": { + "fullName": "google.cloud.kms.inventory.v1.KeyTrackingService.GetProtectedResourcesSummary", + "service": { + "fullName": "google.cloud.kms.inventory.v1.KeyTrackingService", + "shortName": "KeyTrackingService" + }, + "shortName": "GetProtectedResourcesSummary" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.kms_inventory_v1.types.GetProtectedResourcesSummaryRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.kms_inventory_v1.types.ProtectedResourcesSummary", + "shortName": "get_protected_resources_summary" + }, + "description": "Sample for GetProtectedResourcesSummary", + "file": "kmsinventory_v1_generated_key_tracking_service_get_protected_resources_summary_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "kmsinventory_v1_generated_KeyTrackingService_GetProtectedResourcesSummary_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "kmsinventory_v1_generated_key_tracking_service_get_protected_resources_summary_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.kms_inventory_v1.KeyTrackingServiceAsyncClient", + "shortName": "KeyTrackingServiceAsyncClient" + }, + "fullName": "google.cloud.kms_inventory_v1.KeyTrackingServiceAsyncClient.search_protected_resources", + "method": { + "fullName": "google.cloud.kms.inventory.v1.KeyTrackingService.SearchProtectedResources", + "service": { + "fullName": "google.cloud.kms.inventory.v1.KeyTrackingService", + "shortName": "KeyTrackingService" + }, + "shortName": "SearchProtectedResources" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.kms_inventory_v1.types.SearchProtectedResourcesRequest" + }, + { + "name": "scope", + "type": "str" + }, + { + "name": "crypto_key", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.kms_inventory_v1.services.key_tracking_service.pagers.SearchProtectedResourcesAsyncPager", + "shortName": "search_protected_resources" + }, + "description": "Sample for SearchProtectedResources", + "file": "kmsinventory_v1_generated_key_tracking_service_search_protected_resources_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "kmsinventory_v1_generated_KeyTrackingService_SearchProtectedResources_async", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "kmsinventory_v1_generated_key_tracking_service_search_protected_resources_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.kms_inventory_v1.KeyTrackingServiceClient", + "shortName": "KeyTrackingServiceClient" + }, + "fullName": "google.cloud.kms_inventory_v1.KeyTrackingServiceClient.search_protected_resources", + "method": { + "fullName": "google.cloud.kms.inventory.v1.KeyTrackingService.SearchProtectedResources", + "service": { + "fullName": "google.cloud.kms.inventory.v1.KeyTrackingService", + "shortName": "KeyTrackingService" + }, + "shortName": "SearchProtectedResources" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.kms_inventory_v1.types.SearchProtectedResourcesRequest" + }, + { + "name": "scope", + "type": "str" + }, + { + "name": "crypto_key", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.kms_inventory_v1.services.key_tracking_service.pagers.SearchProtectedResourcesPager", + "shortName": "search_protected_resources" + }, + "description": "Sample for SearchProtectedResources", + "file": "kmsinventory_v1_generated_key_tracking_service_search_protected_resources_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "kmsinventory_v1_generated_KeyTrackingService_SearchProtectedResources_sync", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "kmsinventory_v1_generated_key_tracking_service_search_protected_resources_sync.py" + } + ] +} diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/scripts/fixup_kms_inventory_v1_keywords.py b/owl-bot-staging/google-cloud-kms-inventory/v1/scripts/fixup_kms_inventory_v1_keywords.py new file mode 100644 index 000000000000..977f42422094 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/scripts/fixup_kms_inventory_v1_keywords.py @@ -0,0 +1,178 @@ +#! /usr/bin/env python3 +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import argparse +import os +import libcst as cst +import pathlib +import sys +from typing import (Any, Callable, Dict, List, Sequence, Tuple) + + +def partition( + predicate: Callable[[Any], bool], + iterator: Sequence[Any] +) -> Tuple[List[Any], List[Any]]: + """A stable, out-of-place partition.""" + results = ([], []) + + for i in iterator: + results[int(predicate(i))].append(i) + + # Returns trueList, falseList + return results[1], results[0] + + +class kms_inventoryCallTransformer(cst.CSTTransformer): + CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') + METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { + 'get_protected_resources_summary': ('name', ), + 'list_crypto_keys': ('parent', 'page_size', 'page_token', ), + 'search_protected_resources': ('scope', 'crypto_key', 'page_size', 'page_token', 'resource_types', ), + } + + def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: + try: + key = original.func.attr.value + kword_params = self.METHOD_TO_PARAMS[key] + except (AttributeError, KeyError): + # Either not a method from the API or too convoluted to be sure. + return updated + + # If the existing code is valid, keyword args come after positional args. + # Therefore, all positional args must map to the first parameters. + args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) + if any(k.keyword.value == "request" for k in kwargs): + # We've already fixed this file, don't fix it again. + return updated + + kwargs, ctrl_kwargs = partition( + lambda a: a.keyword.value not in self.CTRL_PARAMS, + kwargs + ) + + args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] + ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) + for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) + + request_arg = cst.Arg( + value=cst.Dict([ + cst.DictElement( + cst.SimpleString("'{}'".format(name)), +cst.Element(value=arg.value) + ) + # Note: the args + kwargs looks silly, but keep in mind that + # the control parameters had to be stripped out, and that + # those could have been passed positionally or by keyword. + for name, arg in zip(kword_params, args + kwargs)]), + keyword=cst.Name("request") + ) + + return updated.with_changes( + args=[request_arg] + ctrl_kwargs + ) + + +def fix_files( + in_dir: pathlib.Path, + out_dir: pathlib.Path, + *, + transformer=kms_inventoryCallTransformer(), +): + """Duplicate the input dir to the output dir, fixing file method calls. + + Preconditions: + * in_dir is a real directory + * out_dir is a real, empty directory + """ + pyfile_gen = ( + pathlib.Path(os.path.join(root, f)) + for root, _, files in os.walk(in_dir) + for f in files if os.path.splitext(f)[1] == ".py" + ) + + for fpath in pyfile_gen: + with open(fpath, 'r') as f: + src = f.read() + + # Parse the code and insert method call fixes. + tree = cst.parse_module(src) + updated = tree.visit(transformer) + + # Create the path and directory structure for the new file. + updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) + updated_path.parent.mkdir(parents=True, exist_ok=True) + + # Generate the updated source file at the corresponding path. + with open(updated_path, 'w') as f: + f.write(updated.code) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description="""Fix up source that uses the kms_inventory client library. + +The existing sources are NOT overwritten but are copied to output_dir with changes made. + +Note: This tool operates at a best-effort level at converting positional + parameters in client method calls to keyword based parameters. + Cases where it WILL FAIL include + A) * or ** expansion in a method call. + B) Calls via function or method alias (includes free function calls) + C) Indirect or dispatched calls (e.g. the method is looked up dynamically) + + These all constitute false negatives. The tool will also detect false + positives when an API method shares a name with another method. +""") + parser.add_argument( + '-d', + '--input-directory', + required=True, + dest='input_dir', + help='the input directory to walk for python files to fix up', + ) + parser.add_argument( + '-o', + '--output-directory', + required=True, + dest='output_dir', + help='the directory to output files fixed via un-flattening', + ) + args = parser.parse_args() + input_dir = pathlib.Path(args.input_dir) + output_dir = pathlib.Path(args.output_dir) + if not input_dir.is_dir(): + print( + f"input directory '{input_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if not output_dir.is_dir(): + print( + f"output directory '{output_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if os.listdir(output_dir): + print( + f"output directory '{output_dir}' is not empty", + file=sys.stderr, + ) + sys.exit(-1) + + fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/setup.py b/owl-bot-staging/google-cloud-kms-inventory/v1/setup.py new file mode 100644 index 000000000000..ac157a8fff87 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/setup.py @@ -0,0 +1,91 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import io +import os + +import setuptools # type: ignore + +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = 'google-cloud-kms-inventory' + + +description = "Google Cloud Kms Inventory API client library" + +version = {} +with open(os.path.join(package_root, 'google/cloud/kms_inventory/gapic_version.py')) as fp: + exec(fp.read(), version) +version = version["__version__"] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.34.0, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*,!=2.8.*,!=2.9.*,!=2.10.*", + "proto-plus >= 1.22.0, <2.0.0dev", + "proto-plus >= 1.22.2, <2.0.0dev; python_version>='3.11'", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", + "google-cloud-kms >= 2.3.0, <3.0.0dev", +] +url = "https://github.com/googleapis/python-kms-inventory" + +package_root = os.path.abspath(os.path.dirname(__file__)) + +readme_filename = os.path.join(package_root, "README.rst") +with io.open(readme_filename, encoding="utf-8") as readme_file: + readme = readme_file.read() + +packages = [ + package + for package in setuptools.PEP420PackageFinder.find() + if package.startswith("google") +] + +namespaces = ["google", "google.cloud"] + +setuptools.setup( + name=name, + version=version, + description=description, + long_description=readme, + author="Google LLC", + author_email="googleapis-packages@google.com", + license="Apache 2.0", + url=url, + classifiers=[ + release_status, + "Intended Audience :: Developers", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Operating System :: OS Independent", + "Topic :: Internet", + ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + namespace_packages=namespaces, + install_requires=dependencies, + include_package_data=True, + zip_safe=False, +) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.10.txt b/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.10.txt new file mode 100644 index 000000000000..4d25e0a49cd4 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.10.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +google-cloud-kms diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.11.txt b/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.11.txt new file mode 100644 index 000000000000..4d25e0a49cd4 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.11.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +google-cloud-kms diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.12.txt b/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.12.txt new file mode 100644 index 000000000000..4d25e0a49cd4 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.12.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +google-cloud-kms diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.7.txt b/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.7.txt new file mode 100644 index 000000000000..3236382ab45c --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.7.txt @@ -0,0 +1,10 @@ +# This constraints file is used to check that lower bounds +# are correct in setup.py +# List all library dependencies and extras in this file. +# Pin the version to the lower bound. +# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", +# Then this file should have google-cloud-foo==1.14.0 +google-api-core==1.34.0 +proto-plus==1.22.0 +protobuf==3.19.5 +google-cloud-kms==2.3.0 diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.8.txt b/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.8.txt new file mode 100644 index 000000000000..4d25e0a49cd4 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.8.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +google-cloud-kms diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.9.txt b/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.9.txt new file mode 100644 index 000000000000..4d25e0a49cd4 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/testing/constraints-3.9.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +google-cloud-kms diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/tests/__init__.py b/owl-bot-staging/google-cloud-kms-inventory/v1/tests/__init__.py new file mode 100644 index 000000000000..1b4db446eb8d --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/tests/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/__init__.py b/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/__init__.py new file mode 100644 index 000000000000..1b4db446eb8d --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/__init__.py b/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/__init__.py new file mode 100644 index 000000000000..1b4db446eb8d --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/kms_inventory_v1/__init__.py b/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/kms_inventory_v1/__init__.py new file mode 100644 index 000000000000..1b4db446eb8d --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/kms_inventory_v1/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/kms_inventory_v1/test_key_dashboard_service.py b/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/kms_inventory_v1/test_key_dashboard_service.py new file mode 100644 index 000000000000..180ef2c46e52 --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/kms_inventory_v1/test_key_dashboard_service.py @@ -0,0 +1,1961 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +from collections.abc import Iterable +from google.protobuf import json_format +import json +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers +from requests import Response +from requests import Request, PreparedRequest +from requests.sessions import Session +from google.protobuf import json_format + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.kms_inventory_v1.services.key_dashboard_service import KeyDashboardServiceAsyncClient +from google.cloud.kms_inventory_v1.services.key_dashboard_service import KeyDashboardServiceClient +from google.cloud.kms_inventory_v1.services.key_dashboard_service import pagers +from google.cloud.kms_inventory_v1.services.key_dashboard_service import transports +from google.cloud.kms_inventory_v1.types import key_dashboard_service +from google.cloud.kms_v1.types import resources +from google.oauth2 import service_account +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert KeyDashboardServiceClient._get_default_mtls_endpoint(None) is None + assert KeyDashboardServiceClient._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert KeyDashboardServiceClient._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert KeyDashboardServiceClient._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert KeyDashboardServiceClient._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert KeyDashboardServiceClient._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (KeyDashboardServiceClient, "grpc"), + (KeyDashboardServiceAsyncClient, "grpc_asyncio"), + (KeyDashboardServiceClient, "rest"), +]) +def test_key_dashboard_service_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'kmsinventory.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else + 'https://kmsinventory.googleapis.com' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.KeyDashboardServiceGrpcTransport, "grpc"), + (transports.KeyDashboardServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (transports.KeyDashboardServiceRestTransport, "rest"), +]) +def test_key_dashboard_service_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (KeyDashboardServiceClient, "grpc"), + (KeyDashboardServiceAsyncClient, "grpc_asyncio"), + (KeyDashboardServiceClient, "rest"), +]) +def test_key_dashboard_service_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'kmsinventory.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else + 'https://kmsinventory.googleapis.com' + ) + + +def test_key_dashboard_service_client_get_transport_class(): + transport = KeyDashboardServiceClient.get_transport_class() + available_transports = [ + transports.KeyDashboardServiceGrpcTransport, + transports.KeyDashboardServiceRestTransport, + ] + assert transport in available_transports + + transport = KeyDashboardServiceClient.get_transport_class("grpc") + assert transport == transports.KeyDashboardServiceGrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (KeyDashboardServiceClient, transports.KeyDashboardServiceGrpcTransport, "grpc"), + (KeyDashboardServiceAsyncClient, transports.KeyDashboardServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (KeyDashboardServiceClient, transports.KeyDashboardServiceRestTransport, "rest"), +]) +@mock.patch.object(KeyDashboardServiceClient, "DEFAULT_ENDPOINT", modify_default_endpoint(KeyDashboardServiceClient)) +@mock.patch.object(KeyDashboardServiceAsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(KeyDashboardServiceAsyncClient)) +def test_key_dashboard_service_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(KeyDashboardServiceClient, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(KeyDashboardServiceClient, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (KeyDashboardServiceClient, transports.KeyDashboardServiceGrpcTransport, "grpc", "true"), + (KeyDashboardServiceAsyncClient, transports.KeyDashboardServiceGrpcAsyncIOTransport, "grpc_asyncio", "true"), + (KeyDashboardServiceClient, transports.KeyDashboardServiceGrpcTransport, "grpc", "false"), + (KeyDashboardServiceAsyncClient, transports.KeyDashboardServiceGrpcAsyncIOTransport, "grpc_asyncio", "false"), + (KeyDashboardServiceClient, transports.KeyDashboardServiceRestTransport, "rest", "true"), + (KeyDashboardServiceClient, transports.KeyDashboardServiceRestTransport, "rest", "false"), +]) +@mock.patch.object(KeyDashboardServiceClient, "DEFAULT_ENDPOINT", modify_default_endpoint(KeyDashboardServiceClient)) +@mock.patch.object(KeyDashboardServiceAsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(KeyDashboardServiceAsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_key_dashboard_service_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + KeyDashboardServiceClient, KeyDashboardServiceAsyncClient +]) +@mock.patch.object(KeyDashboardServiceClient, "DEFAULT_ENDPOINT", modify_default_endpoint(KeyDashboardServiceClient)) +@mock.patch.object(KeyDashboardServiceAsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(KeyDashboardServiceAsyncClient)) +def test_key_dashboard_service_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (KeyDashboardServiceClient, transports.KeyDashboardServiceGrpcTransport, "grpc"), + (KeyDashboardServiceAsyncClient, transports.KeyDashboardServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (KeyDashboardServiceClient, transports.KeyDashboardServiceRestTransport, "rest"), +]) +def test_key_dashboard_service_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (KeyDashboardServiceClient, transports.KeyDashboardServiceGrpcTransport, "grpc", grpc_helpers), + (KeyDashboardServiceAsyncClient, transports.KeyDashboardServiceGrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), + (KeyDashboardServiceClient, transports.KeyDashboardServiceRestTransport, "rest", None), +]) +def test_key_dashboard_service_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_key_dashboard_service_client_client_options_from_dict(): + with mock.patch('google.cloud.kms_inventory_v1.services.key_dashboard_service.transports.KeyDashboardServiceGrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = KeyDashboardServiceClient( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (KeyDashboardServiceClient, transports.KeyDashboardServiceGrpcTransport, "grpc", grpc_helpers), + (KeyDashboardServiceAsyncClient, transports.KeyDashboardServiceGrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_key_dashboard_service_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "kmsinventory.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="kmsinventory.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + key_dashboard_service.ListCryptoKeysRequest, + dict, +]) +def test_list_crypto_keys(request_type, transport: str = 'grpc'): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_crypto_keys), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = key_dashboard_service.ListCryptoKeysResponse( + next_page_token='next_page_token_value', + ) + response = client.list_crypto_keys(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == key_dashboard_service.ListCryptoKeysRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListCryptoKeysPager) + assert response.next_page_token == 'next_page_token_value' + + +def test_list_crypto_keys_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_crypto_keys), + '__call__') as call: + client.list_crypto_keys() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == key_dashboard_service.ListCryptoKeysRequest() + +@pytest.mark.asyncio +async def test_list_crypto_keys_async(transport: str = 'grpc_asyncio', request_type=key_dashboard_service.ListCryptoKeysRequest): + client = KeyDashboardServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_crypto_keys), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(key_dashboard_service.ListCryptoKeysResponse( + next_page_token='next_page_token_value', + )) + response = await client.list_crypto_keys(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == key_dashboard_service.ListCryptoKeysRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListCryptoKeysAsyncPager) + assert response.next_page_token == 'next_page_token_value' + + +@pytest.mark.asyncio +async def test_list_crypto_keys_async_from_dict(): + await test_list_crypto_keys_async(request_type=dict) + + +def test_list_crypto_keys_field_headers(): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = key_dashboard_service.ListCryptoKeysRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_crypto_keys), + '__call__') as call: + call.return_value = key_dashboard_service.ListCryptoKeysResponse() + client.list_crypto_keys(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_crypto_keys_field_headers_async(): + client = KeyDashboardServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = key_dashboard_service.ListCryptoKeysRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_crypto_keys), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(key_dashboard_service.ListCryptoKeysResponse()) + await client.list_crypto_keys(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_crypto_keys_flattened(): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_crypto_keys), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = key_dashboard_service.ListCryptoKeysResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_crypto_keys( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_crypto_keys_flattened_error(): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_crypto_keys( + key_dashboard_service.ListCryptoKeysRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_crypto_keys_flattened_async(): + client = KeyDashboardServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_crypto_keys), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = key_dashboard_service.ListCryptoKeysResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(key_dashboard_service.ListCryptoKeysResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_crypto_keys( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_crypto_keys_flattened_error_async(): + client = KeyDashboardServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_crypto_keys( + key_dashboard_service.ListCryptoKeysRequest(), + parent='parent_value', + ) + + +def test_list_crypto_keys_pager(transport_name: str = "grpc"): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_crypto_keys), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + resources.CryptoKey(), + resources.CryptoKey(), + ], + next_page_token='abc', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[], + next_page_token='def', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + ], + next_page_token='ghi', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + resources.CryptoKey(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_crypto_keys(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.CryptoKey) + for i in results) +def test_list_crypto_keys_pages(transport_name: str = "grpc"): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_crypto_keys), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + resources.CryptoKey(), + resources.CryptoKey(), + ], + next_page_token='abc', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[], + next_page_token='def', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + ], + next_page_token='ghi', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + resources.CryptoKey(), + ], + ), + RuntimeError, + ) + pages = list(client.list_crypto_keys(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_crypto_keys_async_pager(): + client = KeyDashboardServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_crypto_keys), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + resources.CryptoKey(), + resources.CryptoKey(), + ], + next_page_token='abc', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[], + next_page_token='def', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + ], + next_page_token='ghi', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + resources.CryptoKey(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_crypto_keys(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.CryptoKey) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_crypto_keys_async_pages(): + client = KeyDashboardServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_crypto_keys), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + resources.CryptoKey(), + resources.CryptoKey(), + ], + next_page_token='abc', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[], + next_page_token='def', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + ], + next_page_token='ghi', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + resources.CryptoKey(), + ], + ), + RuntimeError, + ) + pages = [] + # Workaround issue in python 3.9 related to code coverage by adding `# pragma: no branch` + # See https://github.com/googleapis/gapic-generator-python/pull/1174#issuecomment-1025132372 + async for page_ in ( # pragma: no branch + await client.list_crypto_keys(request={}) + ).pages: + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + + +@pytest.mark.parametrize("request_type", [ + key_dashboard_service.ListCryptoKeysRequest, + dict, +]) +def test_list_crypto_keys_rest(request_type): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = key_dashboard_service.ListCryptoKeysResponse( + next_page_token='next_page_token_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + pb_return_value = key_dashboard_service.ListCryptoKeysResponse.pb(return_value) + json_return_value = json_format.MessageToJson(pb_return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.list_crypto_keys(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListCryptoKeysPager) + assert response.next_page_token == 'next_page_token_value' + + +def test_list_crypto_keys_rest_required_fields(request_type=key_dashboard_service.ListCryptoKeysRequest): + transport_class = transports.KeyDashboardServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + including_default_value_fields=False, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_crypto_keys._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["parent"] = 'parent_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_crypto_keys._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("page_size", "page_token", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = key_dashboard_service.ListCryptoKeysResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + pb_return_value = key_dashboard_service.ListCryptoKeysResponse.pb(return_value) + json_return_value = json_format.MessageToJson(pb_return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.list_crypto_keys(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_list_crypto_keys_rest_unset_required_fields(): + transport = transports.KeyDashboardServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.list_crypto_keys._get_unset_required_fields({}) + assert set(unset_fields) == (set(("pageSize", "pageToken", )) & set(("parent", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_list_crypto_keys_rest_interceptors(null_interceptor): + transport = transports.KeyDashboardServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.KeyDashboardServiceRestInterceptor(), + ) + client = KeyDashboardServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.KeyDashboardServiceRestInterceptor, "post_list_crypto_keys") as post, \ + mock.patch.object(transports.KeyDashboardServiceRestInterceptor, "pre_list_crypto_keys") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = key_dashboard_service.ListCryptoKeysRequest.pb(key_dashboard_service.ListCryptoKeysRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = key_dashboard_service.ListCryptoKeysResponse.to_json(key_dashboard_service.ListCryptoKeysResponse()) + + request = key_dashboard_service.ListCryptoKeysRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = key_dashboard_service.ListCryptoKeysResponse() + + client.list_crypto_keys(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_list_crypto_keys_rest_bad_request(transport: str = 'rest', request_type=key_dashboard_service.ListCryptoKeysRequest): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.list_crypto_keys(request) + + +def test_list_crypto_keys_rest_flattened(): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = key_dashboard_service.ListCryptoKeysResponse() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + pb_return_value = key_dashboard_service.ListCryptoKeysResponse.pb(return_value) + json_return_value = json_format.MessageToJson(pb_return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.list_crypto_keys(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{parent=projects/*}/cryptoKeys" % client.transport._host, args[1]) + + +def test_list_crypto_keys_rest_flattened_error(transport: str = 'rest'): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_crypto_keys( + key_dashboard_service.ListCryptoKeysRequest(), + parent='parent_value', + ) + + +def test_list_crypto_keys_rest_pager(transport: str = 'rest'): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # TODO(kbandes): remove this mock unless there's a good reason for it. + #with mock.patch.object(path_template, 'transcode') as transcode: + # Set the response as a series of pages + response = ( + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + resources.CryptoKey(), + resources.CryptoKey(), + ], + next_page_token='abc', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[], + next_page_token='def', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + ], + next_page_token='ghi', + ), + key_dashboard_service.ListCryptoKeysResponse( + crypto_keys=[ + resources.CryptoKey(), + resources.CryptoKey(), + ], + ), + ) + # Two responses for two calls + response = response + response + + # Wrap the values into proper Response objs + response = tuple(key_dashboard_service.ListCryptoKeysResponse.to_json(x) for x in response) + return_values = tuple(Response() for i in response) + for return_val, response_val in zip(return_values, response): + return_val._content = response_val.encode('UTF-8') + return_val.status_code = 200 + req.side_effect = return_values + + sample_request = {'parent': 'projects/sample1'} + + pager = client.list_crypto_keys(request=sample_request) + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.CryptoKey) + for i in results) + + pages = list(client.list_crypto_keys(request=sample_request).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.KeyDashboardServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.KeyDashboardServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = KeyDashboardServiceClient( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.KeyDashboardServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = KeyDashboardServiceClient( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = KeyDashboardServiceClient( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.KeyDashboardServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = KeyDashboardServiceClient( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.KeyDashboardServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = KeyDashboardServiceClient(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.KeyDashboardServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.KeyDashboardServiceGrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.KeyDashboardServiceGrpcTransport, + transports.KeyDashboardServiceGrpcAsyncIOTransport, + transports.KeyDashboardServiceRestTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "rest", +]) +def test_transport_kind(transport_name): + transport = KeyDashboardServiceClient.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.KeyDashboardServiceGrpcTransport, + ) + +def test_key_dashboard_service_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.KeyDashboardServiceTransport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_key_dashboard_service_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.kms_inventory_v1.services.key_dashboard_service.transports.KeyDashboardServiceTransport.__init__') as Transport: + Transport.return_value = None + transport = transports.KeyDashboardServiceTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'list_crypto_keys', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_key_dashboard_service_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.kms_inventory_v1.services.key_dashboard_service.transports.KeyDashboardServiceTransport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.KeyDashboardServiceTransport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_key_dashboard_service_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.kms_inventory_v1.services.key_dashboard_service.transports.KeyDashboardServiceTransport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.KeyDashboardServiceTransport() + adc.assert_called_once() + + +def test_key_dashboard_service_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + KeyDashboardServiceClient() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.KeyDashboardServiceGrpcTransport, + transports.KeyDashboardServiceGrpcAsyncIOTransport, + ], +) +def test_key_dashboard_service_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.KeyDashboardServiceGrpcTransport, + transports.KeyDashboardServiceGrpcAsyncIOTransport, + transports.KeyDashboardServiceRestTransport, + ], +) +def test_key_dashboard_service_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.KeyDashboardServiceGrpcTransport, grpc_helpers), + (transports.KeyDashboardServiceGrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_key_dashboard_service_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "kmsinventory.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="kmsinventory.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.KeyDashboardServiceGrpcTransport, transports.KeyDashboardServiceGrpcAsyncIOTransport]) +def test_key_dashboard_service_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + +def test_key_dashboard_service_http_transport_client_cert_source_for_mtls(): + cred = ga_credentials.AnonymousCredentials() + with mock.patch("google.auth.transport.requests.AuthorizedSession.configure_mtls_channel") as mock_configure_mtls_channel: + transports.KeyDashboardServiceRestTransport ( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + mock_configure_mtls_channel.assert_called_once_with(client_cert_source_callback) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", + "rest", +]) +def test_key_dashboard_service_host_no_port(transport_name): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='kmsinventory.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'kmsinventory.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else 'https://kmsinventory.googleapis.com' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", + "rest", +]) +def test_key_dashboard_service_host_with_port(transport_name): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='kmsinventory.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'kmsinventory.googleapis.com:8000' + if transport_name in ['grpc', 'grpc_asyncio'] + else 'https://kmsinventory.googleapis.com:8000' + ) + +@pytest.mark.parametrize("transport_name", [ + "rest", +]) +def test_key_dashboard_service_client_transport_session_collision(transport_name): + creds1 = ga_credentials.AnonymousCredentials() + creds2 = ga_credentials.AnonymousCredentials() + client1 = KeyDashboardServiceClient( + credentials=creds1, + transport=transport_name, + ) + client2 = KeyDashboardServiceClient( + credentials=creds2, + transport=transport_name, + ) + session1 = client1.transport.list_crypto_keys._session + session2 = client2.transport.list_crypto_keys._session + assert session1 != session2 +def test_key_dashboard_service_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.KeyDashboardServiceGrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_key_dashboard_service_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.KeyDashboardServiceGrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.KeyDashboardServiceGrpcTransport, transports.KeyDashboardServiceGrpcAsyncIOTransport]) +def test_key_dashboard_service_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.KeyDashboardServiceGrpcTransport, transports.KeyDashboardServiceGrpcAsyncIOTransport]) +def test_key_dashboard_service_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_crypto_key_path(): + project = "squid" + location = "clam" + key_ring = "whelk" + crypto_key = "octopus" + expected = "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}".format(project=project, location=location, key_ring=key_ring, crypto_key=crypto_key, ) + actual = KeyDashboardServiceClient.crypto_key_path(project, location, key_ring, crypto_key) + assert expected == actual + + +def test_parse_crypto_key_path(): + expected = { + "project": "oyster", + "location": "nudibranch", + "key_ring": "cuttlefish", + "crypto_key": "mussel", + } + path = KeyDashboardServiceClient.crypto_key_path(**expected) + + # Check that the path construction is reversible. + actual = KeyDashboardServiceClient.parse_crypto_key_path(path) + assert expected == actual + +def test_crypto_key_version_path(): + project = "winkle" + location = "nautilus" + key_ring = "scallop" + crypto_key = "abalone" + crypto_key_version = "squid" + expected = "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}".format(project=project, location=location, key_ring=key_ring, crypto_key=crypto_key, crypto_key_version=crypto_key_version, ) + actual = KeyDashboardServiceClient.crypto_key_version_path(project, location, key_ring, crypto_key, crypto_key_version) + assert expected == actual + + +def test_parse_crypto_key_version_path(): + expected = { + "project": "clam", + "location": "whelk", + "key_ring": "octopus", + "crypto_key": "oyster", + "crypto_key_version": "nudibranch", + } + path = KeyDashboardServiceClient.crypto_key_version_path(**expected) + + # Check that the path construction is reversible. + actual = KeyDashboardServiceClient.parse_crypto_key_version_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "cuttlefish" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = KeyDashboardServiceClient.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "mussel", + } + path = KeyDashboardServiceClient.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = KeyDashboardServiceClient.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "winkle" + expected = "folders/{folder}".format(folder=folder, ) + actual = KeyDashboardServiceClient.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nautilus", + } + path = KeyDashboardServiceClient.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = KeyDashboardServiceClient.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "scallop" + expected = "organizations/{organization}".format(organization=organization, ) + actual = KeyDashboardServiceClient.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "abalone", + } + path = KeyDashboardServiceClient.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = KeyDashboardServiceClient.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "squid" + expected = "projects/{project}".format(project=project, ) + actual = KeyDashboardServiceClient.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "clam", + } + path = KeyDashboardServiceClient.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = KeyDashboardServiceClient.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "whelk" + location = "octopus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = KeyDashboardServiceClient.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "oyster", + "location": "nudibranch", + } + path = KeyDashboardServiceClient.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = KeyDashboardServiceClient.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.KeyDashboardServiceTransport, '_prep_wrapped_messages') as prep: + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.KeyDashboardServiceTransport, '_prep_wrapped_messages') as prep: + transport_class = KeyDashboardServiceClient.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = KeyDashboardServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "rest": "_session", + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'rest', + 'grpc', + ] + for transport in transports: + client = KeyDashboardServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (KeyDashboardServiceClient, transports.KeyDashboardServiceGrpcTransport), + (KeyDashboardServiceAsyncClient, transports.KeyDashboardServiceGrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/kms_inventory_v1/test_key_tracking_service.py b/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/kms_inventory_v1/test_key_tracking_service.py new file mode 100644 index 000000000000..6d27d6f5ba9c --- /dev/null +++ b/owl-bot-staging/google-cloud-kms-inventory/v1/tests/unit/gapic/kms_inventory_v1/test_key_tracking_service.py @@ -0,0 +1,2479 @@ +# -*- coding: utf-8 -*- +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +from collections.abc import Iterable +from google.protobuf import json_format +import json +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers +from requests import Response +from requests import Request, PreparedRequest +from requests.sessions import Session +from google.protobuf import json_format + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.kms_inventory_v1.services.key_tracking_service import KeyTrackingServiceAsyncClient +from google.cloud.kms_inventory_v1.services.key_tracking_service import KeyTrackingServiceClient +from google.cloud.kms_inventory_v1.services.key_tracking_service import pagers +from google.cloud.kms_inventory_v1.services.key_tracking_service import transports +from google.cloud.kms_inventory_v1.types import key_tracking_service +from google.oauth2 import service_account +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert KeyTrackingServiceClient._get_default_mtls_endpoint(None) is None + assert KeyTrackingServiceClient._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert KeyTrackingServiceClient._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert KeyTrackingServiceClient._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert KeyTrackingServiceClient._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert KeyTrackingServiceClient._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (KeyTrackingServiceClient, "grpc"), + (KeyTrackingServiceAsyncClient, "grpc_asyncio"), + (KeyTrackingServiceClient, "rest"), +]) +def test_key_tracking_service_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'kmsinventory.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else + 'https://kmsinventory.googleapis.com' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.KeyTrackingServiceGrpcTransport, "grpc"), + (transports.KeyTrackingServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (transports.KeyTrackingServiceRestTransport, "rest"), +]) +def test_key_tracking_service_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (KeyTrackingServiceClient, "grpc"), + (KeyTrackingServiceAsyncClient, "grpc_asyncio"), + (KeyTrackingServiceClient, "rest"), +]) +def test_key_tracking_service_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'kmsinventory.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else + 'https://kmsinventory.googleapis.com' + ) + + +def test_key_tracking_service_client_get_transport_class(): + transport = KeyTrackingServiceClient.get_transport_class() + available_transports = [ + transports.KeyTrackingServiceGrpcTransport, + transports.KeyTrackingServiceRestTransport, + ] + assert transport in available_transports + + transport = KeyTrackingServiceClient.get_transport_class("grpc") + assert transport == transports.KeyTrackingServiceGrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (KeyTrackingServiceClient, transports.KeyTrackingServiceGrpcTransport, "grpc"), + (KeyTrackingServiceAsyncClient, transports.KeyTrackingServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (KeyTrackingServiceClient, transports.KeyTrackingServiceRestTransport, "rest"), +]) +@mock.patch.object(KeyTrackingServiceClient, "DEFAULT_ENDPOINT", modify_default_endpoint(KeyTrackingServiceClient)) +@mock.patch.object(KeyTrackingServiceAsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(KeyTrackingServiceAsyncClient)) +def test_key_tracking_service_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(KeyTrackingServiceClient, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(KeyTrackingServiceClient, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (KeyTrackingServiceClient, transports.KeyTrackingServiceGrpcTransport, "grpc", "true"), + (KeyTrackingServiceAsyncClient, transports.KeyTrackingServiceGrpcAsyncIOTransport, "grpc_asyncio", "true"), + (KeyTrackingServiceClient, transports.KeyTrackingServiceGrpcTransport, "grpc", "false"), + (KeyTrackingServiceAsyncClient, transports.KeyTrackingServiceGrpcAsyncIOTransport, "grpc_asyncio", "false"), + (KeyTrackingServiceClient, transports.KeyTrackingServiceRestTransport, "rest", "true"), + (KeyTrackingServiceClient, transports.KeyTrackingServiceRestTransport, "rest", "false"), +]) +@mock.patch.object(KeyTrackingServiceClient, "DEFAULT_ENDPOINT", modify_default_endpoint(KeyTrackingServiceClient)) +@mock.patch.object(KeyTrackingServiceAsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(KeyTrackingServiceAsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_key_tracking_service_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + KeyTrackingServiceClient, KeyTrackingServiceAsyncClient +]) +@mock.patch.object(KeyTrackingServiceClient, "DEFAULT_ENDPOINT", modify_default_endpoint(KeyTrackingServiceClient)) +@mock.patch.object(KeyTrackingServiceAsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(KeyTrackingServiceAsyncClient)) +def test_key_tracking_service_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (KeyTrackingServiceClient, transports.KeyTrackingServiceGrpcTransport, "grpc"), + (KeyTrackingServiceAsyncClient, transports.KeyTrackingServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (KeyTrackingServiceClient, transports.KeyTrackingServiceRestTransport, "rest"), +]) +def test_key_tracking_service_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (KeyTrackingServiceClient, transports.KeyTrackingServiceGrpcTransport, "grpc", grpc_helpers), + (KeyTrackingServiceAsyncClient, transports.KeyTrackingServiceGrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), + (KeyTrackingServiceClient, transports.KeyTrackingServiceRestTransport, "rest", None), +]) +def test_key_tracking_service_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_key_tracking_service_client_client_options_from_dict(): + with mock.patch('google.cloud.kms_inventory_v1.services.key_tracking_service.transports.KeyTrackingServiceGrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = KeyTrackingServiceClient( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (KeyTrackingServiceClient, transports.KeyTrackingServiceGrpcTransport, "grpc", grpc_helpers), + (KeyTrackingServiceAsyncClient, transports.KeyTrackingServiceGrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_key_tracking_service_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "kmsinventory.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="kmsinventory.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + key_tracking_service.GetProtectedResourcesSummaryRequest, + dict, +]) +def test_get_protected_resources_summary(request_type, transport: str = 'grpc'): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_protected_resources_summary), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = key_tracking_service.ProtectedResourcesSummary( + name='name_value', + resource_count=1520, + project_count=1407, + ) + response = client.get_protected_resources_summary(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == key_tracking_service.GetProtectedResourcesSummaryRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, key_tracking_service.ProtectedResourcesSummary) + assert response.name == 'name_value' + assert response.resource_count == 1520 + assert response.project_count == 1407 + + +def test_get_protected_resources_summary_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_protected_resources_summary), + '__call__') as call: + client.get_protected_resources_summary() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == key_tracking_service.GetProtectedResourcesSummaryRequest() + +@pytest.mark.asyncio +async def test_get_protected_resources_summary_async(transport: str = 'grpc_asyncio', request_type=key_tracking_service.GetProtectedResourcesSummaryRequest): + client = KeyTrackingServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_protected_resources_summary), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(key_tracking_service.ProtectedResourcesSummary( + name='name_value', + resource_count=1520, + project_count=1407, + )) + response = await client.get_protected_resources_summary(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == key_tracking_service.GetProtectedResourcesSummaryRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, key_tracking_service.ProtectedResourcesSummary) + assert response.name == 'name_value' + assert response.resource_count == 1520 + assert response.project_count == 1407 + + +@pytest.mark.asyncio +async def test_get_protected_resources_summary_async_from_dict(): + await test_get_protected_resources_summary_async(request_type=dict) + + +def test_get_protected_resources_summary_field_headers(): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = key_tracking_service.GetProtectedResourcesSummaryRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_protected_resources_summary), + '__call__') as call: + call.return_value = key_tracking_service.ProtectedResourcesSummary() + client.get_protected_resources_summary(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_protected_resources_summary_field_headers_async(): + client = KeyTrackingServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = key_tracking_service.GetProtectedResourcesSummaryRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_protected_resources_summary), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(key_tracking_service.ProtectedResourcesSummary()) + await client.get_protected_resources_summary(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_protected_resources_summary_flattened(): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_protected_resources_summary), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = key_tracking_service.ProtectedResourcesSummary() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_protected_resources_summary( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_protected_resources_summary_flattened_error(): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_protected_resources_summary( + key_tracking_service.GetProtectedResourcesSummaryRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_protected_resources_summary_flattened_async(): + client = KeyTrackingServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_protected_resources_summary), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = key_tracking_service.ProtectedResourcesSummary() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(key_tracking_service.ProtectedResourcesSummary()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_protected_resources_summary( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_protected_resources_summary_flattened_error_async(): + client = KeyTrackingServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_protected_resources_summary( + key_tracking_service.GetProtectedResourcesSummaryRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + key_tracking_service.SearchProtectedResourcesRequest, + dict, +]) +def test_search_protected_resources(request_type, transport: str = 'grpc'): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.search_protected_resources), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = key_tracking_service.SearchProtectedResourcesResponse( + next_page_token='next_page_token_value', + ) + response = client.search_protected_resources(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == key_tracking_service.SearchProtectedResourcesRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.SearchProtectedResourcesPager) + assert response.next_page_token == 'next_page_token_value' + + +def test_search_protected_resources_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.search_protected_resources), + '__call__') as call: + client.search_protected_resources() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == key_tracking_service.SearchProtectedResourcesRequest() + +@pytest.mark.asyncio +async def test_search_protected_resources_async(transport: str = 'grpc_asyncio', request_type=key_tracking_service.SearchProtectedResourcesRequest): + client = KeyTrackingServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.search_protected_resources), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(key_tracking_service.SearchProtectedResourcesResponse( + next_page_token='next_page_token_value', + )) + response = await client.search_protected_resources(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == key_tracking_service.SearchProtectedResourcesRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.SearchProtectedResourcesAsyncPager) + assert response.next_page_token == 'next_page_token_value' + + +@pytest.mark.asyncio +async def test_search_protected_resources_async_from_dict(): + await test_search_protected_resources_async(request_type=dict) + + +def test_search_protected_resources_field_headers(): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = key_tracking_service.SearchProtectedResourcesRequest() + + request.scope = 'scope_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.search_protected_resources), + '__call__') as call: + call.return_value = key_tracking_service.SearchProtectedResourcesResponse() + client.search_protected_resources(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'scope=scope_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_search_protected_resources_field_headers_async(): + client = KeyTrackingServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = key_tracking_service.SearchProtectedResourcesRequest() + + request.scope = 'scope_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.search_protected_resources), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(key_tracking_service.SearchProtectedResourcesResponse()) + await client.search_protected_resources(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'scope=scope_value', + ) in kw['metadata'] + + +def test_search_protected_resources_flattened(): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.search_protected_resources), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = key_tracking_service.SearchProtectedResourcesResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.search_protected_resources( + scope='scope_value', + crypto_key='crypto_key_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].scope + mock_val = 'scope_value' + assert arg == mock_val + arg = args[0].crypto_key + mock_val = 'crypto_key_value' + assert arg == mock_val + + +def test_search_protected_resources_flattened_error(): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.search_protected_resources( + key_tracking_service.SearchProtectedResourcesRequest(), + scope='scope_value', + crypto_key='crypto_key_value', + ) + +@pytest.mark.asyncio +async def test_search_protected_resources_flattened_async(): + client = KeyTrackingServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.search_protected_resources), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = key_tracking_service.SearchProtectedResourcesResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(key_tracking_service.SearchProtectedResourcesResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.search_protected_resources( + scope='scope_value', + crypto_key='crypto_key_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].scope + mock_val = 'scope_value' + assert arg == mock_val + arg = args[0].crypto_key + mock_val = 'crypto_key_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_search_protected_resources_flattened_error_async(): + client = KeyTrackingServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.search_protected_resources( + key_tracking_service.SearchProtectedResourcesRequest(), + scope='scope_value', + crypto_key='crypto_key_value', + ) + + +def test_search_protected_resources_pager(transport_name: str = "grpc"): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.search_protected_resources), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + ], + next_page_token='abc', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[], + next_page_token='def', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + ], + next_page_token='ghi', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('scope', ''), + )), + ) + pager = client.search_protected_resources(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, key_tracking_service.ProtectedResource) + for i in results) +def test_search_protected_resources_pages(transport_name: str = "grpc"): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.search_protected_resources), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + ], + next_page_token='abc', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[], + next_page_token='def', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + ], + next_page_token='ghi', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + ], + ), + RuntimeError, + ) + pages = list(client.search_protected_resources(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_search_protected_resources_async_pager(): + client = KeyTrackingServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.search_protected_resources), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + ], + next_page_token='abc', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[], + next_page_token='def', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + ], + next_page_token='ghi', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + ], + ), + RuntimeError, + ) + async_pager = await client.search_protected_resources(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, key_tracking_service.ProtectedResource) + for i in responses) + + +@pytest.mark.asyncio +async def test_search_protected_resources_async_pages(): + client = KeyTrackingServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.search_protected_resources), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + ], + next_page_token='abc', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[], + next_page_token='def', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + ], + next_page_token='ghi', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + ], + ), + RuntimeError, + ) + pages = [] + # Workaround issue in python 3.9 related to code coverage by adding `# pragma: no branch` + # See https://github.com/googleapis/gapic-generator-python/pull/1174#issuecomment-1025132372 + async for page_ in ( # pragma: no branch + await client.search_protected_resources(request={}) + ).pages: + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + + +@pytest.mark.parametrize("request_type", [ + key_tracking_service.GetProtectedResourcesSummaryRequest, + dict, +]) +def test_get_protected_resources_summary_rest(request_type): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/locations/sample2/keyRings/sample3/cryptoKeys/sample4'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = key_tracking_service.ProtectedResourcesSummary( + name='name_value', + resource_count=1520, + project_count=1407, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + pb_return_value = key_tracking_service.ProtectedResourcesSummary.pb(return_value) + json_return_value = json_format.MessageToJson(pb_return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.get_protected_resources_summary(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, key_tracking_service.ProtectedResourcesSummary) + assert response.name == 'name_value' + assert response.resource_count == 1520 + assert response.project_count == 1407 + + +def test_get_protected_resources_summary_rest_required_fields(request_type=key_tracking_service.GetProtectedResourcesSummaryRequest): + transport_class = transports.KeyTrackingServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + including_default_value_fields=False, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_protected_resources_summary._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_protected_resources_summary._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = key_tracking_service.ProtectedResourcesSummary() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + pb_return_value = key_tracking_service.ProtectedResourcesSummary.pb(return_value) + json_return_value = json_format.MessageToJson(pb_return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.get_protected_resources_summary(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_get_protected_resources_summary_rest_unset_required_fields(): + transport = transports.KeyTrackingServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.get_protected_resources_summary._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_get_protected_resources_summary_rest_interceptors(null_interceptor): + transport = transports.KeyTrackingServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.KeyTrackingServiceRestInterceptor(), + ) + client = KeyTrackingServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.KeyTrackingServiceRestInterceptor, "post_get_protected_resources_summary") as post, \ + mock.patch.object(transports.KeyTrackingServiceRestInterceptor, "pre_get_protected_resources_summary") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = key_tracking_service.GetProtectedResourcesSummaryRequest.pb(key_tracking_service.GetProtectedResourcesSummaryRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = key_tracking_service.ProtectedResourcesSummary.to_json(key_tracking_service.ProtectedResourcesSummary()) + + request = key_tracking_service.GetProtectedResourcesSummaryRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = key_tracking_service.ProtectedResourcesSummary() + + client.get_protected_resources_summary(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_get_protected_resources_summary_rest_bad_request(transport: str = 'rest', request_type=key_tracking_service.GetProtectedResourcesSummaryRequest): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/locations/sample2/keyRings/sample3/cryptoKeys/sample4'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.get_protected_resources_summary(request) + + +def test_get_protected_resources_summary_rest_flattened(): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = key_tracking_service.ProtectedResourcesSummary() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/locations/sample2/keyRings/sample3/cryptoKeys/sample4'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + pb_return_value = key_tracking_service.ProtectedResourcesSummary.pb(return_value) + json_return_value = json_format.MessageToJson(pb_return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.get_protected_resources_summary(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/**}/protectedResourcesSummary" % client.transport._host, args[1]) + + +def test_get_protected_resources_summary_rest_flattened_error(transport: str = 'rest'): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_protected_resources_summary( + key_tracking_service.GetProtectedResourcesSummaryRequest(), + name='name_value', + ) + + +def test_get_protected_resources_summary_rest_error(): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + key_tracking_service.SearchProtectedResourcesRequest, + dict, +]) +def test_search_protected_resources_rest(request_type): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'scope': 'organizations/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = key_tracking_service.SearchProtectedResourcesResponse( + next_page_token='next_page_token_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + pb_return_value = key_tracking_service.SearchProtectedResourcesResponse.pb(return_value) + json_return_value = json_format.MessageToJson(pb_return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.search_protected_resources(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.SearchProtectedResourcesPager) + assert response.next_page_token == 'next_page_token_value' + + +def test_search_protected_resources_rest_required_fields(request_type=key_tracking_service.SearchProtectedResourcesRequest): + transport_class = transports.KeyTrackingServiceRestTransport + + request_init = {} + request_init["scope"] = "" + request_init["crypto_key"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + including_default_value_fields=False, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + assert "cryptoKey" not in jsonified_request + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).search_protected_resources._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + assert "cryptoKey" in jsonified_request + assert jsonified_request["cryptoKey"] == request_init["crypto_key"] + + jsonified_request["scope"] = 'scope_value' + jsonified_request["cryptoKey"] = 'crypto_key_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).search_protected_resources._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("crypto_key", "page_size", "page_token", "resource_types", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "scope" in jsonified_request + assert jsonified_request["scope"] == 'scope_value' + assert "cryptoKey" in jsonified_request + assert jsonified_request["cryptoKey"] == 'crypto_key_value' + + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = key_tracking_service.SearchProtectedResourcesResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + pb_return_value = key_tracking_service.SearchProtectedResourcesResponse.pb(return_value) + json_return_value = json_format.MessageToJson(pb_return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.search_protected_resources(request) + + expected_params = [ + ( + "cryptoKey", + "", + ), + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_search_protected_resources_rest_unset_required_fields(): + transport = transports.KeyTrackingServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.search_protected_resources._get_unset_required_fields({}) + assert set(unset_fields) == (set(("cryptoKey", "pageSize", "pageToken", "resourceTypes", )) & set(("scope", "cryptoKey", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_search_protected_resources_rest_interceptors(null_interceptor): + transport = transports.KeyTrackingServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.KeyTrackingServiceRestInterceptor(), + ) + client = KeyTrackingServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.KeyTrackingServiceRestInterceptor, "post_search_protected_resources") as post, \ + mock.patch.object(transports.KeyTrackingServiceRestInterceptor, "pre_search_protected_resources") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = key_tracking_service.SearchProtectedResourcesRequest.pb(key_tracking_service.SearchProtectedResourcesRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = key_tracking_service.SearchProtectedResourcesResponse.to_json(key_tracking_service.SearchProtectedResourcesResponse()) + + request = key_tracking_service.SearchProtectedResourcesRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = key_tracking_service.SearchProtectedResourcesResponse() + + client.search_protected_resources(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_search_protected_resources_rest_bad_request(transport: str = 'rest', request_type=key_tracking_service.SearchProtectedResourcesRequest): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'scope': 'organizations/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.search_protected_resources(request) + + +def test_search_protected_resources_rest_flattened(): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = key_tracking_service.SearchProtectedResourcesResponse() + + # get arguments that satisfy an http rule for this method + sample_request = {'scope': 'organizations/sample1'} + + # get truthy value for each flattened field + mock_args = dict( + scope='scope_value', + crypto_key='crypto_key_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + pb_return_value = key_tracking_service.SearchProtectedResourcesResponse.pb(return_value) + json_return_value = json_format.MessageToJson(pb_return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.search_protected_resources(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{scope=organizations/*}/protectedResources:search" % client.transport._host, args[1]) + + +def test_search_protected_resources_rest_flattened_error(transport: str = 'rest'): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.search_protected_resources( + key_tracking_service.SearchProtectedResourcesRequest(), + scope='scope_value', + crypto_key='crypto_key_value', + ) + + +def test_search_protected_resources_rest_pager(transport: str = 'rest'): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # TODO(kbandes): remove this mock unless there's a good reason for it. + #with mock.patch.object(path_template, 'transcode') as transcode: + # Set the response as a series of pages + response = ( + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + ], + next_page_token='abc', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[], + next_page_token='def', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + ], + next_page_token='ghi', + ), + key_tracking_service.SearchProtectedResourcesResponse( + protected_resources=[ + key_tracking_service.ProtectedResource(), + key_tracking_service.ProtectedResource(), + ], + ), + ) + # Two responses for two calls + response = response + response + + # Wrap the values into proper Response objs + response = tuple(key_tracking_service.SearchProtectedResourcesResponse.to_json(x) for x in response) + return_values = tuple(Response() for i in response) + for return_val, response_val in zip(return_values, response): + return_val._content = response_val.encode('UTF-8') + return_val.status_code = 200 + req.side_effect = return_values + + sample_request = {'scope': 'organizations/sample1'} + + pager = client.search_protected_resources(request=sample_request) + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, key_tracking_service.ProtectedResource) + for i in results) + + pages = list(client.search_protected_resources(request=sample_request).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.KeyTrackingServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.KeyTrackingServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = KeyTrackingServiceClient( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.KeyTrackingServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = KeyTrackingServiceClient( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = KeyTrackingServiceClient( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.KeyTrackingServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = KeyTrackingServiceClient( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.KeyTrackingServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = KeyTrackingServiceClient(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.KeyTrackingServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.KeyTrackingServiceGrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.KeyTrackingServiceGrpcTransport, + transports.KeyTrackingServiceGrpcAsyncIOTransport, + transports.KeyTrackingServiceRestTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "rest", +]) +def test_transport_kind(transport_name): + transport = KeyTrackingServiceClient.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.KeyTrackingServiceGrpcTransport, + ) + +def test_key_tracking_service_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.KeyTrackingServiceTransport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_key_tracking_service_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.kms_inventory_v1.services.key_tracking_service.transports.KeyTrackingServiceTransport.__init__') as Transport: + Transport.return_value = None + transport = transports.KeyTrackingServiceTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_protected_resources_summary', + 'search_protected_resources', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_key_tracking_service_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.kms_inventory_v1.services.key_tracking_service.transports.KeyTrackingServiceTransport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.KeyTrackingServiceTransport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_key_tracking_service_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.kms_inventory_v1.services.key_tracking_service.transports.KeyTrackingServiceTransport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.KeyTrackingServiceTransport() + adc.assert_called_once() + + +def test_key_tracking_service_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + KeyTrackingServiceClient() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.KeyTrackingServiceGrpcTransport, + transports.KeyTrackingServiceGrpcAsyncIOTransport, + ], +) +def test_key_tracking_service_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.KeyTrackingServiceGrpcTransport, + transports.KeyTrackingServiceGrpcAsyncIOTransport, + transports.KeyTrackingServiceRestTransport, + ], +) +def test_key_tracking_service_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.KeyTrackingServiceGrpcTransport, grpc_helpers), + (transports.KeyTrackingServiceGrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_key_tracking_service_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "kmsinventory.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="kmsinventory.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.KeyTrackingServiceGrpcTransport, transports.KeyTrackingServiceGrpcAsyncIOTransport]) +def test_key_tracking_service_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + +def test_key_tracking_service_http_transport_client_cert_source_for_mtls(): + cred = ga_credentials.AnonymousCredentials() + with mock.patch("google.auth.transport.requests.AuthorizedSession.configure_mtls_channel") as mock_configure_mtls_channel: + transports.KeyTrackingServiceRestTransport ( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + mock_configure_mtls_channel.assert_called_once_with(client_cert_source_callback) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", + "rest", +]) +def test_key_tracking_service_host_no_port(transport_name): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='kmsinventory.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'kmsinventory.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else 'https://kmsinventory.googleapis.com' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", + "rest", +]) +def test_key_tracking_service_host_with_port(transport_name): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='kmsinventory.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'kmsinventory.googleapis.com:8000' + if transport_name in ['grpc', 'grpc_asyncio'] + else 'https://kmsinventory.googleapis.com:8000' + ) + +@pytest.mark.parametrize("transport_name", [ + "rest", +]) +def test_key_tracking_service_client_transport_session_collision(transport_name): + creds1 = ga_credentials.AnonymousCredentials() + creds2 = ga_credentials.AnonymousCredentials() + client1 = KeyTrackingServiceClient( + credentials=creds1, + transport=transport_name, + ) + client2 = KeyTrackingServiceClient( + credentials=creds2, + transport=transport_name, + ) + session1 = client1.transport.get_protected_resources_summary._session + session2 = client2.transport.get_protected_resources_summary._session + assert session1 != session2 + session1 = client1.transport.search_protected_resources._session + session2 = client2.transport.search_protected_resources._session + assert session1 != session2 +def test_key_tracking_service_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.KeyTrackingServiceGrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_key_tracking_service_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.KeyTrackingServiceGrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.KeyTrackingServiceGrpcTransport, transports.KeyTrackingServiceGrpcAsyncIOTransport]) +def test_key_tracking_service_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.KeyTrackingServiceGrpcTransport, transports.KeyTrackingServiceGrpcAsyncIOTransport]) +def test_key_tracking_service_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_asset_path(): + expected = "*".format() + actual = KeyTrackingServiceClient.asset_path() + assert expected == actual + + +def test_parse_asset_path(): + expected = { + } + path = KeyTrackingServiceClient.asset_path(**expected) + + # Check that the path construction is reversible. + actual = KeyTrackingServiceClient.parse_asset_path(path) + assert expected == actual + +def test_crypto_key_version_path(): + project = "squid" + location = "clam" + key_ring = "whelk" + crypto_key = "octopus" + crypto_key_version = "oyster" + expected = "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}".format(project=project, location=location, key_ring=key_ring, crypto_key=crypto_key, crypto_key_version=crypto_key_version, ) + actual = KeyTrackingServiceClient.crypto_key_version_path(project, location, key_ring, crypto_key, crypto_key_version) + assert expected == actual + + +def test_parse_crypto_key_version_path(): + expected = { + "project": "nudibranch", + "location": "cuttlefish", + "key_ring": "mussel", + "crypto_key": "winkle", + "crypto_key_version": "nautilus", + } + path = KeyTrackingServiceClient.crypto_key_version_path(**expected) + + # Check that the path construction is reversible. + actual = KeyTrackingServiceClient.parse_crypto_key_version_path(path) + assert expected == actual + +def test_protected_resources_summary_path(): + project = "scallop" + location = "abalone" + key_ring = "squid" + crypto_key = "clam" + expected = "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/protectedResourcesSummary".format(project=project, location=location, key_ring=key_ring, crypto_key=crypto_key, ) + actual = KeyTrackingServiceClient.protected_resources_summary_path(project, location, key_ring, crypto_key) + assert expected == actual + + +def test_parse_protected_resources_summary_path(): + expected = { + "project": "whelk", + "location": "octopus", + "key_ring": "oyster", + "crypto_key": "nudibranch", + } + path = KeyTrackingServiceClient.protected_resources_summary_path(**expected) + + # Check that the path construction is reversible. + actual = KeyTrackingServiceClient.parse_protected_resources_summary_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "cuttlefish" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = KeyTrackingServiceClient.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "mussel", + } + path = KeyTrackingServiceClient.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = KeyTrackingServiceClient.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "winkle" + expected = "folders/{folder}".format(folder=folder, ) + actual = KeyTrackingServiceClient.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nautilus", + } + path = KeyTrackingServiceClient.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = KeyTrackingServiceClient.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "scallop" + expected = "organizations/{organization}".format(organization=organization, ) + actual = KeyTrackingServiceClient.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "abalone", + } + path = KeyTrackingServiceClient.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = KeyTrackingServiceClient.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "squid" + expected = "projects/{project}".format(project=project, ) + actual = KeyTrackingServiceClient.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "clam", + } + path = KeyTrackingServiceClient.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = KeyTrackingServiceClient.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "whelk" + location = "octopus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = KeyTrackingServiceClient.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "oyster", + "location": "nudibranch", + } + path = KeyTrackingServiceClient.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = KeyTrackingServiceClient.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.KeyTrackingServiceTransport, '_prep_wrapped_messages') as prep: + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.KeyTrackingServiceTransport, '_prep_wrapped_messages') as prep: + transport_class = KeyTrackingServiceClient.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = KeyTrackingServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "rest": "_session", + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'rest', + 'grpc', + ] + for transport in transports: + client = KeyTrackingServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (KeyTrackingServiceClient, transports.KeyTrackingServiceGrpcTransport), + (KeyTrackingServiceAsyncClient, transports.KeyTrackingServiceGrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + )