From 2a5fc0890c0043cc5c74274c433775781ede2e83 Mon Sep 17 00:00:00 2001 From: Ricardo Ferraz Leal <56277891+ricleal-fugue@users.noreply.github.com> Date: Thu, 25 Mar 2021 10:14:57 -0400 Subject: [PATCH] [RM-5211] Google Environment support (#31) * createGoogleEnvironment * updateEnvironment * Added info for google environments * Addressed Matt comments * replaced in the output tables ROLE with ROLE_ARN * update google env service-account-email * bumped the version --- VERSION | 2 +- client/audit_log/audit_log_client.go | 75 ++++ .../list_audit_log_events_parameters.go | 327 ++++++++++++++++++ .../list_audit_log_events_responses.go | 225 ++++++++++++ client/events/list_events_responses.go | 2 +- client/fugue_client.go | 5 + cmd/createAwsEnvironment.go | 17 + cmd/createAzureEnvironment.go | 2 + cmd/createGoogleEnvironment.go | 105 ++++++ cmd/getEnvironment.go | 7 +- cmd/google.go | 14 + cmd/updateEnvironment.go | 47 ++- models/audit_log_event.go | 210 +++++++++++ models/audit_log_event_identity.go | 52 +++ models/audit_log_event_request_context.go | 61 ++++ models/audit_log_events.go | 83 +++++ models/create_custom_rule_input.go | 7 +- models/custom_rule.go | 7 +- models/event.go | 2 +- models/provider_options_azure.go | 2 +- models/provider_options_google.go | 5 +- .../provider_options_google_update_input.go | 43 +++ models/provider_options_update_input.go | 25 ++ models/rule_waiver.go | 2 +- models/update_environment_input.go | 7 +- 25 files changed, 1306 insertions(+), 28 deletions(-) create mode 100644 client/audit_log/audit_log_client.go create mode 100644 client/audit_log/list_audit_log_events_parameters.go create mode 100644 client/audit_log/list_audit_log_events_responses.go create mode 100644 cmd/createGoogleEnvironment.go create mode 100644 cmd/google.go create mode 100644 models/audit_log_event.go create mode 100644 models/audit_log_event_identity.go create mode 100644 models/audit_log_event_request_context.go create mode 100644 models/audit_log_events.go create mode 100644 models/provider_options_google_update_input.go diff --git a/VERSION b/VERSION index ac454c6..54d1a4f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.12.0 +0.13.0 diff --git a/client/audit_log/audit_log_client.go b/client/audit_log/audit_log_client.go new file mode 100644 index 0000000..06f0568 --- /dev/null +++ b/client/audit_log/audit_log_client.go @@ -0,0 +1,75 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package audit_log + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "fmt" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" +) + +// New creates a new audit log API client. +func New(transport runtime.ClientTransport, formats strfmt.Registry) ClientService { + return &Client{transport: transport, formats: formats} +} + +/* +Client for audit log API +*/ +type Client struct { + transport runtime.ClientTransport + formats strfmt.Registry +} + +// ClientService is the interface for Client methods +type ClientService interface { + ListAuditLogEvents(params *ListAuditLogEventsParams, authInfo runtime.ClientAuthInfoWriter) (*ListAuditLogEventsOK, error) + + SetTransport(transport runtime.ClientTransport) +} + +/* + ListAuditLogEvents lists audit log events + + Lists audit log events. +*/ +func (a *Client) ListAuditLogEvents(params *ListAuditLogEventsParams, authInfo runtime.ClientAuthInfoWriter) (*ListAuditLogEventsOK, error) { + // TODO: Validate the params before sending + if params == nil { + params = NewListAuditLogEventsParams() + } + + result, err := a.transport.Submit(&runtime.ClientOperation{ + ID: "listAuditLogEvents", + Method: "GET", + PathPattern: "/audit_log/events", + ProducesMediaTypes: []string{"application/json"}, + ConsumesMediaTypes: []string{"application/json"}, + Schemes: []string{"https"}, + Params: params, + Reader: &ListAuditLogEventsReader{formats: a.formats}, + AuthInfo: authInfo, + Context: params.Context, + Client: params.HTTPClient, + }) + if err != nil { + return nil, err + } + success, ok := result.(*ListAuditLogEventsOK) + if ok { + return success, nil + } + // unexpected success response + // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue + msg := fmt.Sprintf("unexpected success response for listAuditLogEvents: API contract not enforced by server. Client expected to get an error, but got: %T", result) + panic(msg) +} + +// SetTransport changes the transport on the client +func (a *Client) SetTransport(transport runtime.ClientTransport) { + a.transport = transport +} diff --git a/client/audit_log/list_audit_log_events_parameters.go b/client/audit_log/list_audit_log_events_parameters.go new file mode 100644 index 0000000..e0a04f5 --- /dev/null +++ b/client/audit_log/list_audit_log_events_parameters.go @@ -0,0 +1,327 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package audit_log + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "net/http" + "time" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + cr "github.com/go-openapi/runtime/client" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" +) + +// NewListAuditLogEventsParams creates a new ListAuditLogEventsParams object +// with the default values initialized. +func NewListAuditLogEventsParams() *ListAuditLogEventsParams { + var ( + maxItemsDefault = int64(100) + orderDirectionDefault = string("desc") + ) + return &ListAuditLogEventsParams{ + MaxItems: &maxItemsDefault, + OrderDirection: &orderDirectionDefault, + + timeout: cr.DefaultTimeout, + } +} + +// NewListAuditLogEventsParamsWithTimeout creates a new ListAuditLogEventsParams object +// with the default values initialized, and the ability to set a timeout on a request +func NewListAuditLogEventsParamsWithTimeout(timeout time.Duration) *ListAuditLogEventsParams { + var ( + maxItemsDefault = int64(100) + orderDirectionDefault = string("desc") + ) + return &ListAuditLogEventsParams{ + MaxItems: &maxItemsDefault, + OrderDirection: &orderDirectionDefault, + + timeout: timeout, + } +} + +// NewListAuditLogEventsParamsWithContext creates a new ListAuditLogEventsParams object +// with the default values initialized, and the ability to set a context for a request +func NewListAuditLogEventsParamsWithContext(ctx context.Context) *ListAuditLogEventsParams { + var ( + maxItemsDefault = int64(100) + orderDirectionDefault = string("desc") + ) + return &ListAuditLogEventsParams{ + MaxItems: &maxItemsDefault, + OrderDirection: &orderDirectionDefault, + + Context: ctx, + } +} + +// NewListAuditLogEventsParamsWithHTTPClient creates a new ListAuditLogEventsParams object +// with the default values initialized, and the ability to set a custom HTTPClient for a request +func NewListAuditLogEventsParamsWithHTTPClient(client *http.Client) *ListAuditLogEventsParams { + var ( + maxItemsDefault = int64(100) + orderDirectionDefault = string("desc") + ) + return &ListAuditLogEventsParams{ + MaxItems: &maxItemsDefault, + OrderDirection: &orderDirectionDefault, + HTTPClient: client, + } +} + +/*ListAuditLogEventsParams contains all the parameters to send to the API endpoint +for the list audit log events operation typically these are written to a http.Request +*/ +type ListAuditLogEventsParams struct { + + /*MaxItems + Maximum number of items to return. + + */ + MaxItems *int64 + /*NextToken + If set can be used to retrieve the next page of records. + + */ + NextToken *string + /*OrderDirection + Direction to sort the items in. + + */ + OrderDirection *string + /*RangeFrom + Earliest timestamp to include in results. format: ISO 8601 + + */ + RangeFrom *strfmt.DateTime + /*RangeTo + Latest timestamp to include in results. format: ISO 8601 + + */ + RangeTo *strfmt.DateTime + /*SubjectKind + The kind or type of entity to filter on. + + */ + SubjectKind *string + + timeout time.Duration + Context context.Context + HTTPClient *http.Client +} + +// WithTimeout adds the timeout to the list audit log events params +func (o *ListAuditLogEventsParams) WithTimeout(timeout time.Duration) *ListAuditLogEventsParams { + o.SetTimeout(timeout) + return o +} + +// SetTimeout adds the timeout to the list audit log events params +func (o *ListAuditLogEventsParams) SetTimeout(timeout time.Duration) { + o.timeout = timeout +} + +// WithContext adds the context to the list audit log events params +func (o *ListAuditLogEventsParams) WithContext(ctx context.Context) *ListAuditLogEventsParams { + o.SetContext(ctx) + return o +} + +// SetContext adds the context to the list audit log events params +func (o *ListAuditLogEventsParams) SetContext(ctx context.Context) { + o.Context = ctx +} + +// WithHTTPClient adds the HTTPClient to the list audit log events params +func (o *ListAuditLogEventsParams) WithHTTPClient(client *http.Client) *ListAuditLogEventsParams { + o.SetHTTPClient(client) + return o +} + +// SetHTTPClient adds the HTTPClient to the list audit log events params +func (o *ListAuditLogEventsParams) SetHTTPClient(client *http.Client) { + o.HTTPClient = client +} + +// WithMaxItems adds the maxItems to the list audit log events params +func (o *ListAuditLogEventsParams) WithMaxItems(maxItems *int64) *ListAuditLogEventsParams { + o.SetMaxItems(maxItems) + return o +} + +// SetMaxItems adds the maxItems to the list audit log events params +func (o *ListAuditLogEventsParams) SetMaxItems(maxItems *int64) { + o.MaxItems = maxItems +} + +// WithNextToken adds the nextToken to the list audit log events params +func (o *ListAuditLogEventsParams) WithNextToken(nextToken *string) *ListAuditLogEventsParams { + o.SetNextToken(nextToken) + return o +} + +// SetNextToken adds the nextToken to the list audit log events params +func (o *ListAuditLogEventsParams) SetNextToken(nextToken *string) { + o.NextToken = nextToken +} + +// WithOrderDirection adds the orderDirection to the list audit log events params +func (o *ListAuditLogEventsParams) WithOrderDirection(orderDirection *string) *ListAuditLogEventsParams { + o.SetOrderDirection(orderDirection) + return o +} + +// SetOrderDirection adds the orderDirection to the list audit log events params +func (o *ListAuditLogEventsParams) SetOrderDirection(orderDirection *string) { + o.OrderDirection = orderDirection +} + +// WithRangeFrom adds the rangeFrom to the list audit log events params +func (o *ListAuditLogEventsParams) WithRangeFrom(rangeFrom *strfmt.DateTime) *ListAuditLogEventsParams { + o.SetRangeFrom(rangeFrom) + return o +} + +// SetRangeFrom adds the rangeFrom to the list audit log events params +func (o *ListAuditLogEventsParams) SetRangeFrom(rangeFrom *strfmt.DateTime) { + o.RangeFrom = rangeFrom +} + +// WithRangeTo adds the rangeTo to the list audit log events params +func (o *ListAuditLogEventsParams) WithRangeTo(rangeTo *strfmt.DateTime) *ListAuditLogEventsParams { + o.SetRangeTo(rangeTo) + return o +} + +// SetRangeTo adds the rangeTo to the list audit log events params +func (o *ListAuditLogEventsParams) SetRangeTo(rangeTo *strfmt.DateTime) { + o.RangeTo = rangeTo +} + +// WithSubjectKind adds the subjectKind to the list audit log events params +func (o *ListAuditLogEventsParams) WithSubjectKind(subjectKind *string) *ListAuditLogEventsParams { + o.SetSubjectKind(subjectKind) + return o +} + +// SetSubjectKind adds the subjectKind to the list audit log events params +func (o *ListAuditLogEventsParams) SetSubjectKind(subjectKind *string) { + o.SubjectKind = subjectKind +} + +// WriteToRequest writes these params to a swagger request +func (o *ListAuditLogEventsParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { + + if err := r.SetTimeout(o.timeout); err != nil { + return err + } + var res []error + + if o.MaxItems != nil { + + // query param max_items + var qrMaxItems int64 + if o.MaxItems != nil { + qrMaxItems = *o.MaxItems + } + qMaxItems := swag.FormatInt64(qrMaxItems) + if qMaxItems != "" { + if err := r.SetQueryParam("max_items", qMaxItems); err != nil { + return err + } + } + + } + + if o.NextToken != nil { + + // query param next_token + var qrNextToken string + if o.NextToken != nil { + qrNextToken = *o.NextToken + } + qNextToken := qrNextToken + if qNextToken != "" { + if err := r.SetQueryParam("next_token", qNextToken); err != nil { + return err + } + } + + } + + if o.OrderDirection != nil { + + // query param order_direction + var qrOrderDirection string + if o.OrderDirection != nil { + qrOrderDirection = *o.OrderDirection + } + qOrderDirection := qrOrderDirection + if qOrderDirection != "" { + if err := r.SetQueryParam("order_direction", qOrderDirection); err != nil { + return err + } + } + + } + + if o.RangeFrom != nil { + + // query param range_from + var qrRangeFrom strfmt.DateTime + if o.RangeFrom != nil { + qrRangeFrom = *o.RangeFrom + } + qRangeFrom := qrRangeFrom.String() + if qRangeFrom != "" { + if err := r.SetQueryParam("range_from", qRangeFrom); err != nil { + return err + } + } + + } + + if o.RangeTo != nil { + + // query param range_to + var qrRangeTo strfmt.DateTime + if o.RangeTo != nil { + qrRangeTo = *o.RangeTo + } + qRangeTo := qrRangeTo.String() + if qRangeTo != "" { + if err := r.SetQueryParam("range_to", qRangeTo); err != nil { + return err + } + } + + } + + if o.SubjectKind != nil { + + // query param subject_kind + var qrSubjectKind string + if o.SubjectKind != nil { + qrSubjectKind = *o.SubjectKind + } + qSubjectKind := qrSubjectKind + if qSubjectKind != "" { + if err := r.SetQueryParam("subject_kind", qSubjectKind); err != nil { + return err + } + } + + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/client/audit_log/list_audit_log_events_responses.go b/client/audit_log/list_audit_log_events_responses.go new file mode 100644 index 0000000..df66e5a --- /dev/null +++ b/client/audit_log/list_audit_log_events_responses.go @@ -0,0 +1,225 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package audit_log + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "fmt" + "io" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" + + "github.com/fugue/fugue-client/models" +) + +// ListAuditLogEventsReader is a Reader for the ListAuditLogEvents structure. +type ListAuditLogEventsReader struct { + formats strfmt.Registry +} + +// ReadResponse reads a server response into the received o. +func (o *ListAuditLogEventsReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { + switch response.Code() { + case 200: + result := NewListAuditLogEventsOK() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return result, nil + case 400: + result := NewListAuditLogEventsBadRequest() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + case 401: + result := NewListAuditLogEventsUnauthorized() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + case 403: + result := NewListAuditLogEventsForbidden() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + case 500: + result := NewListAuditLogEventsInternalServerError() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + + default: + return nil, runtime.NewAPIError("unknown error", response, response.Code()) + } +} + +// NewListAuditLogEventsOK creates a ListAuditLogEventsOK with default headers values +func NewListAuditLogEventsOK() *ListAuditLogEventsOK { + return &ListAuditLogEventsOK{} +} + +/*ListAuditLogEventsOK handles this case with default header values. + +List of audit log events. +*/ +type ListAuditLogEventsOK struct { + Payload *models.AuditLogEvents +} + +func (o *ListAuditLogEventsOK) Error() string { + return fmt.Sprintf("[GET /audit_log/events][%d] listAuditLogEventsOK %+v", 200, o.Payload) +} + +func (o *ListAuditLogEventsOK) GetPayload() *models.AuditLogEvents { + return o.Payload +} + +func (o *ListAuditLogEventsOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.AuditLogEvents) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewListAuditLogEventsBadRequest creates a ListAuditLogEventsBadRequest with default headers values +func NewListAuditLogEventsBadRequest() *ListAuditLogEventsBadRequest { + return &ListAuditLogEventsBadRequest{} +} + +/*ListAuditLogEventsBadRequest handles this case with default header values. + +Bad request error. +*/ +type ListAuditLogEventsBadRequest struct { + Payload *models.BadRequestError +} + +func (o *ListAuditLogEventsBadRequest) Error() string { + return fmt.Sprintf("[GET /audit_log/events][%d] listAuditLogEventsBadRequest %+v", 400, o.Payload) +} + +func (o *ListAuditLogEventsBadRequest) GetPayload() *models.BadRequestError { + return o.Payload +} + +func (o *ListAuditLogEventsBadRequest) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.BadRequestError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewListAuditLogEventsUnauthorized creates a ListAuditLogEventsUnauthorized with default headers values +func NewListAuditLogEventsUnauthorized() *ListAuditLogEventsUnauthorized { + return &ListAuditLogEventsUnauthorized{} +} + +/*ListAuditLogEventsUnauthorized handles this case with default header values. + +Authentication error. +*/ +type ListAuditLogEventsUnauthorized struct { + Payload *models.AuthenticationError +} + +func (o *ListAuditLogEventsUnauthorized) Error() string { + return fmt.Sprintf("[GET /audit_log/events][%d] listAuditLogEventsUnauthorized %+v", 401, o.Payload) +} + +func (o *ListAuditLogEventsUnauthorized) GetPayload() *models.AuthenticationError { + return o.Payload +} + +func (o *ListAuditLogEventsUnauthorized) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.AuthenticationError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewListAuditLogEventsForbidden creates a ListAuditLogEventsForbidden with default headers values +func NewListAuditLogEventsForbidden() *ListAuditLogEventsForbidden { + return &ListAuditLogEventsForbidden{} +} + +/*ListAuditLogEventsForbidden handles this case with default header values. + +Authorization error. +*/ +type ListAuditLogEventsForbidden struct { + Payload *models.AuthorizationError +} + +func (o *ListAuditLogEventsForbidden) Error() string { + return fmt.Sprintf("[GET /audit_log/events][%d] listAuditLogEventsForbidden %+v", 403, o.Payload) +} + +func (o *ListAuditLogEventsForbidden) GetPayload() *models.AuthorizationError { + return o.Payload +} + +func (o *ListAuditLogEventsForbidden) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.AuthorizationError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewListAuditLogEventsInternalServerError creates a ListAuditLogEventsInternalServerError with default headers values +func NewListAuditLogEventsInternalServerError() *ListAuditLogEventsInternalServerError { + return &ListAuditLogEventsInternalServerError{} +} + +/*ListAuditLogEventsInternalServerError handles this case with default header values. + +Internal server error. +*/ +type ListAuditLogEventsInternalServerError struct { + Payload *models.InternalServerError +} + +func (o *ListAuditLogEventsInternalServerError) Error() string { + return fmt.Sprintf("[GET /audit_log/events][%d] listAuditLogEventsInternalServerError %+v", 500, o.Payload) +} + +func (o *ListAuditLogEventsInternalServerError) GetPayload() *models.InternalServerError { + return o.Payload +} + +func (o *ListAuditLogEventsInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.InternalServerError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} diff --git a/client/events/list_events_responses.go b/client/events/list_events_responses.go index 4912109..549b898 100644 --- a/client/events/list_events_responses.go +++ b/client/events/list_events_responses.go @@ -72,7 +72,7 @@ func NewListEventsOK() *ListEventsOK { /*ListEventsOK handles this case with default header values. -List of drift and remediation events. +List of drift, remediation, and compliance events. */ type ListEventsOK struct { Payload *models.Events diff --git a/client/fugue_client.go b/client/fugue_client.go index f69c70a..d4250db 100644 --- a/client/fugue_client.go +++ b/client/fugue_client.go @@ -10,6 +10,7 @@ import ( httptransport "github.com/go-openapi/runtime/client" "github.com/go-openapi/strfmt" + "github.com/fugue/fugue-client/client/audit_log" "github.com/fugue/fugue-client/client/custom_rules" "github.com/fugue/fugue-client/client/environments" "github.com/fugue/fugue-client/client/events" @@ -64,6 +65,7 @@ func New(transport runtime.ClientTransport, formats strfmt.Registry) *Fugue { cli := new(Fugue) cli.Transport = transport + cli.AuditLog = audit_log.New(transport, formats) cli.CustomRules = custom_rules.New(transport, formats) cli.Environments = environments.New(transport, formats) cli.Events = events.New(transport, formats) @@ -118,6 +120,8 @@ func (cfg *TransportConfig) WithSchemes(schemes []string) *TransportConfig { // Fugue is a client for fugue type Fugue struct { + AuditLog audit_log.ClientService + CustomRules custom_rules.ClientService Environments environments.ClientService @@ -144,6 +148,7 @@ type Fugue struct { // SetTransport changes the transport on the client and all its subresources func (c *Fugue) SetTransport(transport runtime.ClientTransport) { c.Transport = transport + c.AuditLog.SetTransport(transport) c.CustomRules.SetTransport(transport) c.Environments.SetTransport(transport) c.Events.SetTransport(transport) diff --git a/cmd/createAwsEnvironment.go b/cmd/createAwsEnvironment.go index d38d17d..37bbb32 100644 --- a/cmd/createAwsEnvironment.go +++ b/cmd/createAwsEnvironment.go @@ -121,6 +121,23 @@ func NewCreateAwsEnvironmentCommand() *cobra.Command { Item{"REMEDIATION", env.Remediation}, } + switch env.Provider { + case "aws": + items = append(items, Item{"ROLE_ARN", env.ProviderOptions.Aws.RoleArn}) + if env.ProviderOptions.Aws.Region != "" { + items = append(items, Item{"REGION", env.ProviderOptions.Aws.Region}) + } else if len(env.ProviderOptions.Aws.Regions) > 0 { + items = append(items, Item{"REGIONS", strings.Join(env.ProviderOptions.Aws.Regions, ",")}) + } + case "aws_govcloud": + items = append(items, Item{"ROLE_ARN", env.ProviderOptions.AwsGovcloud.RoleArn}) + if env.ProviderOptions.Aws.Region != "" { + items = append(items, Item{"REGION", env.ProviderOptions.AwsGovcloud.Region}) + } else if len(env.ProviderOptions.Aws.Regions) > 0 { + items = append(items, Item{"REGIONS", strings.Join(env.ProviderOptions.AwsGovcloud.Regions, ",")}) + } + } + table, err := format.Table(format.TableOpts{ Rows: items, Columns: []string{"Attribute", "Value"}, diff --git a/cmd/createAzureEnvironment.go b/cmd/createAzureEnvironment.go index e362b7d..6ad246c 100644 --- a/cmd/createAzureEnvironment.go +++ b/cmd/createAzureEnvironment.go @@ -79,6 +79,8 @@ func NewCreateAzureEnvironmentCommand() *cobra.Command { Item{"COMPLIANCE_FAMILIES", families}, Item{"DRIFT", env.Drift}, Item{"REMEDIATION", env.Remediation}, + Item{"SUBSCRIPTION_ID", env.ProviderOptions.Azure.SubscriptionID}, + Item{"APPLICATION_ID", env.ProviderOptions.Azure.ApplicationID}, } table, err := format.Table(format.TableOpts{ diff --git a/cmd/createGoogleEnvironment.go b/cmd/createGoogleEnvironment.go new file mode 100644 index 0000000..02a0cac --- /dev/null +++ b/cmd/createGoogleEnvironment.go @@ -0,0 +1,105 @@ +package cmd + +import ( + "fmt" + "strings" + + "github.com/fugue/fugue-client/client/environments" + "github.com/fugue/fugue-client/format" + "github.com/fugue/fugue-client/models" + "github.com/spf13/cobra" +) + +type createGoogleEnvironmentOptions struct { + Name string + ServiceAccountEmail string + ProjectID string + ScanInterval int64 + ComplianceFamilies []string +} + +// NewCreateGoogleEnvironmentCommand returns a command that creates an environment +func NewCreateGoogleEnvironmentCommand() *cobra.Command { + + var opts createGoogleEnvironmentOptions + + cmd := &cobra.Command{ + Use: "environment", + Short: "Create an Google environment", + Aliases: []string{"env"}, + Run: func(cmd *cobra.Command, args []string) { + + client, auth := getClient() + + scanScheduleEnabled := opts.ScanInterval != 0 + var scanIntervalPtr *int64 + if scanScheduleEnabled { + scanIntervalPtr = &opts.ScanInterval + } + + params := environments.NewCreateEnvironmentParams() + params.Environment = &models.CreateEnvironmentInput{ + ComplianceFamilies: opts.ComplianceFamilies, + Name: opts.Name, + Provider: "google", + ScanInterval: scanIntervalPtr, + SurveyResourceTypes: []string{}, + RemediateResourceTypes: []string{}, + ScanScheduleEnabled: &scanScheduleEnabled, + + ProviderOptions: &models.ProviderOptions{ + Google: &models.ProviderOptionsGoogle{ + ServiceAccountEmail: opts.ServiceAccountEmail, + ProjectID: opts.ProjectID, + }, + }, + } + + resp, err := client.Environments.CreateEnvironment(params, auth) + CheckErr(err) + env := resp.Payload + + families := strings.Join(env.ComplianceFamilies, ",") + + items := []interface{}{ + Item{"ENVIRONMENT_ID", env.ID}, + Item{"NAME", env.Name}, + Item{"PROVIDER", env.Provider}, + Item{"SCAN_INTERVAL", env.ScanInterval}, + Item{"LAST_SCAN_AT", format.Unix(env.LastScanAt)}, + Item{"NEXT_SCAN_AT", format.Unix(env.NextScanAt)}, + Item{"SCAN_STATUS", env.ScanStatus}, + Item{"COMPLIANCE_FAMILIES", families}, + Item{"PROJECT_ID", env.ProviderOptions.Google.ProjectID}, + Item{"SERVICE_ACCOUNT_EMAIL", env.ProviderOptions.Google.ServiceAccountEmail}, + } + + table, err := format.Table(format.TableOpts{ + Rows: items, + Columns: []string{"Attribute", "Value"}, + ShowHeader: true, + }) + CheckErr(err) + + for _, tableRow := range table { + fmt.Println(tableRow) + } + }, + } + + cmd.Flags().StringVar(&opts.Name, "name", "", "Environment name") + cmd.Flags().StringVar(&opts.ServiceAccountEmail, "email", "", "Google Service Account Email") + cmd.Flags().StringVar(&opts.ProjectID, "project-id", "", "Google Project ID (if not given, the project_id is extracted from the service acccount email)") + + cmd.Flags().Int64Var(&opts.ScanInterval, "scan-interval", 86400, "Scan interval (seconds)") + cmd.Flags().StringSliceVar(&opts.ComplianceFamilies, "compliance-families", []string{}, "Compliance families") + + cmd.MarkFlagRequired("name") + cmd.MarkFlagRequired("email") + + return cmd +} + +func init() { + googleCmd.AddCommand(NewCreateGoogleEnvironmentCommand()) +} diff --git a/cmd/getEnvironment.go b/cmd/getEnvironment.go index 2636a45..bdb3f15 100644 --- a/cmd/getEnvironment.go +++ b/cmd/getEnvironment.go @@ -83,14 +83,14 @@ func NewGetEnvironmentCommand() *cobra.Command { switch env.Provider { case "aws": - items = append(items, Item{"ROLE", env.ProviderOptions.Aws.RoleArn}) + items = append(items, Item{"ROLE_ARN", env.ProviderOptions.Aws.RoleArn}) if env.ProviderOptions.Aws.Region != "" { items = append(items, Item{"REGION", env.ProviderOptions.Aws.Region}) } else if len(env.ProviderOptions.Aws.Regions) > 0 { items = append(items, Item{"REGIONS", strings.Join(env.ProviderOptions.Aws.Regions, ",")}) } case "aws_govcloud": - items = append(items, Item{"ROLE", env.ProviderOptions.AwsGovcloud.RoleArn}) + items = append(items, Item{"ROLE_ARN", env.ProviderOptions.AwsGovcloud.RoleArn}) if env.ProviderOptions.AwsGovcloud.Region != "" { items = append(items, Item{"REGION", env.ProviderOptions.AwsGovcloud.Region}) } else if len(env.ProviderOptions.AwsGovcloud.Regions) > 0 { @@ -99,6 +99,9 @@ func NewGetEnvironmentCommand() *cobra.Command { case "azure": items = append(items, Item{"SUBSCRIPTION_ID", env.ProviderOptions.Azure.SubscriptionID}) items = append(items, Item{"APPLICATION_ID", env.ProviderOptions.Azure.ApplicationID}) + case "google": + items = append(items, Item{"PROJECT_ID", env.ProviderOptions.Google.ProjectID}) + items = append(items, Item{"SERVICE_ACCOUNT_EMAIL", env.ProviderOptions.Google.ServiceAccountEmail}) } table, err := format.Table(format.TableOpts{ diff --git a/cmd/google.go b/cmd/google.go new file mode 100644 index 0000000..b6d4ba3 --- /dev/null +++ b/cmd/google.go @@ -0,0 +1,14 @@ +package cmd + +import ( + "github.com/spf13/cobra" +) + +var googleCmd = &cobra.Command{ + Use: "google", + Short: "Google subcommands", +} + +func init() { + createCmd.AddCommand(googleCmd) +} diff --git a/cmd/updateEnvironment.go b/cmd/updateEnvironment.go index 0be8980..b04ffb8 100644 --- a/cmd/updateEnvironment.go +++ b/cmd/updateEnvironment.go @@ -4,9 +4,11 @@ import ( "fmt" "strings" + "github.com/fugue/fugue-client/client" "github.com/fugue/fugue-client/client/environments" "github.com/fugue/fugue-client/format" "github.com/fugue/fugue-client/models" + "github.com/go-openapi/runtime" "github.com/spf13/cobra" "github.com/spf13/pflag" ) @@ -21,6 +23,22 @@ type updateEnvironmentOptions struct { Remediation bool ScanScheduleEnabled bool Regions []string + ServiceAccountEmail string +} + +func getEnvironmentToUpdate(client *client.Fugue, auth runtime.ClientAuthInfoWriter, environmentID string) *models.EnvironmentWithSummary { + paramsGet := environments.NewGetEnvironmentParams() + paramsGet.EnvironmentID = environmentID + resp, err := client.Environments.GetEnvironment(paramsGet, auth) + if err != nil { + switch respError := err.(type) { + case *environments.GetEnvironmentNotFound: + Fatal(respError.Payload.Message, DefaultErrorExitCode) + default: + CheckErr(err) + } + } + return resp.Payload } // NewUpdateEnvironmentCommand returns a command that updates an environment @@ -43,18 +61,7 @@ func NewUpdateEnvironmentCommand() *cobra.Command { if len(opts.Regions) > 0 { // trying to update the regions. See if this environment has regions already - paramsGet := environments.NewGetEnvironmentParams() - paramsGet.EnvironmentID = params.EnvironmentID - resp, err := client.Environments.GetEnvironment(paramsGet, auth) - if err != nil { - switch respError := err.(type) { - case *environments.GetEnvironmentNotFound: - Fatal(respError.Payload.Message, DefaultErrorExitCode) - default: - CheckErr(err) - } - } - env := resp.Payload + env := getEnvironmentToUpdate(client, auth, params.EnvironmentID) if env.Provider == "aws" && len(env.ProviderOptions.Aws.Regions) > 0 { params.Environment.ProviderOptions = &models.ProviderOptionsUpdateInput{} @@ -65,6 +72,14 @@ func NewUpdateEnvironmentCommand() *cobra.Command { } } + if opts.ServiceAccountEmail != "" { + env := getEnvironmentToUpdate(client, auth, params.EnvironmentID) + if env.Provider == "google" { + params.Environment.ProviderOptions = &models.ProviderOptionsUpdateInput{} + params.Environment.ProviderOptions.Google = &models.ProviderOptionsGoogleUpdateInput{ServiceAccountEmail: opts.ServiceAccountEmail} + } + } + // Using Visit here allows us to process only flags that were set // // Note that the generated Go models have `omitempty` set. This @@ -131,14 +146,14 @@ func NewUpdateEnvironmentCommand() *cobra.Command { switch env.Provider { case "aws": - items = append(items, Item{"ROLE", env.ProviderOptions.Aws.RoleArn}) + items = append(items, Item{"ROLE_ARN", env.ProviderOptions.Aws.RoleArn}) if env.ProviderOptions.Aws.Region != "" { items = append(items, Item{"REGION", env.ProviderOptions.Aws.Region}) } else if len(env.ProviderOptions.Aws.Regions) > 0 { items = append(items, Item{"REGIONS", strings.Join(env.ProviderOptions.Aws.Regions, ",")}) } case "aws_govcloud": - items = append(items, Item{"ROLE", env.ProviderOptions.AwsGovcloud.RoleArn}) + items = append(items, Item{"ROLE_ARN", env.ProviderOptions.AwsGovcloud.RoleArn}) if env.ProviderOptions.Aws.Region != "" { items = append(items, Item{"REGION", env.ProviderOptions.AwsGovcloud.Region}) } else if len(env.ProviderOptions.Aws.Regions) > 0 { @@ -147,6 +162,9 @@ func NewUpdateEnvironmentCommand() *cobra.Command { case "azure": items = append(items, Item{"SUBSCRIPTION_ID", env.ProviderOptions.Azure.SubscriptionID}) items = append(items, Item{"APPLICATION_ID", env.ProviderOptions.Azure.ApplicationID}) + case "google": + items = append(items, Item{"PROJECT_ID", env.ProviderOptions.Google.ProjectID}) + items = append(items, Item{"SERVICE_ACCOUNT_EMAIL", env.ProviderOptions.Google.ServiceAccountEmail}) } table, err := format.Table(format.TableOpts{ @@ -171,6 +189,7 @@ func NewUpdateEnvironmentCommand() *cobra.Command { cmd.Flags().StringSliceVar(&opts.RemediateResourceTypes, "remediate-resource-types", nil, "Remediation resource types") cmd.Flags().StringSliceVar(&opts.SurveyResourceTypes, "survey-resource-types", nil, "Survey resource types") cmd.Flags().StringSliceVar(&opts.Regions, "regions", nil, "AWS regions") + cmd.Flags().StringVar(&opts.ServiceAccountEmail, "service-account-email", "", "Google service account email") return cmd } diff --git a/models/audit_log_event.go b/models/audit_log_event.go new file mode 100644 index 0000000..6cdced9 --- /dev/null +++ b/models/audit_log_event.go @@ -0,0 +1,210 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "strconv" + + "github.com/go-openapi/errors" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" +) + +// AuditLogEvent audit log event +// +// swagger:model AuditLogEvent +type AuditLogEvent struct { + + // action + Action string `json:"action,omitempty"` + + // action type + ActionType string `json:"action_type,omitempty"` + + // error + Error bool `json:"error,omitempty"` + + // event source + EventSource string `json:"event_source,omitempty"` + + // id + ID string `json:"id,omitempty"` + + // identity + Identity *AuditLogEventIdentity `json:"identity,omitempty"` + + // parameters + Parameters map[string]string `json:"parameters,omitempty"` + + // principal + Principal string `json:"principal,omitempty"` + + // request context + RequestContext *AuditLogEventRequestContext `json:"request_context,omitempty"` + + // response code + ResponseCode int64 `json:"response_code,omitempty"` + + // response message + ResponseMessage string `json:"response_message,omitempty"` + + // results + Results []*AuditLogEventResultsItems0 `json:"results"` + + // subject id + SubjectID string `json:"subject_id,omitempty"` + + // subject kind + SubjectKind string `json:"subject_kind,omitempty"` + + // subject name + SubjectName string `json:"subject_name,omitempty"` + + // timestamp + Timestamp string `json:"timestamp,omitempty"` +} + +// Validate validates this audit log event +func (m *AuditLogEvent) Validate(formats strfmt.Registry) error { + var res []error + + if err := m.validateIdentity(formats); err != nil { + res = append(res, err) + } + + if err := m.validateRequestContext(formats); err != nil { + res = append(res, err) + } + + if err := m.validateResults(formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *AuditLogEvent) validateIdentity(formats strfmt.Registry) error { + + if swag.IsZero(m.Identity) { // not required + return nil + } + + if m.Identity != nil { + if err := m.Identity.Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("identity") + } + return err + } + } + + return nil +} + +func (m *AuditLogEvent) validateRequestContext(formats strfmt.Registry) error { + + if swag.IsZero(m.RequestContext) { // not required + return nil + } + + if m.RequestContext != nil { + if err := m.RequestContext.Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("request_context") + } + return err + } + } + + return nil +} + +func (m *AuditLogEvent) validateResults(formats strfmt.Registry) error { + + if swag.IsZero(m.Results) { // not required + return nil + } + + for i := 0; i < len(m.Results); i++ { + if swag.IsZero(m.Results[i]) { // not required + continue + } + + if m.Results[i] != nil { + if err := m.Results[i].Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("results" + "." + strconv.Itoa(i)) + } + return err + } + } + + } + + return nil +} + +// MarshalBinary interface implementation +func (m *AuditLogEvent) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *AuditLogEvent) UnmarshalBinary(b []byte) error { + var res AuditLogEvent + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} + +// AuditLogEventResultsItems0 audit log event results items0 +// +// swagger:model AuditLogEventResultsItems0 +type AuditLogEventResultsItems0 struct { + + // action + Action string `json:"action,omitempty"` + + // entity id + EntityID string `json:"entity_id,omitempty"` + + // entity kind + EntityKind string `json:"entity_kind,omitempty"` + + // entity name + EntityName string `json:"entity_name,omitempty"` +} + +// Validate validates this audit log event results items0 +func (m *AuditLogEventResultsItems0) Validate(formats strfmt.Registry) error { + return nil +} + +// MarshalBinary interface implementation +func (m *AuditLogEventResultsItems0) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *AuditLogEventResultsItems0) UnmarshalBinary(b []byte) error { + var res AuditLogEventResultsItems0 + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/models/audit_log_event_identity.go b/models/audit_log_event_identity.go new file mode 100644 index 0000000..ebb4a49 --- /dev/null +++ b/models/audit_log_event_identity.go @@ -0,0 +1,52 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" +) + +// AuditLogEventIdentity audit log event identity +// +// swagger:model AuditLogEventIdentity +type AuditLogEventIdentity struct { + + // email + Email string `json:"email,omitempty"` + + // name + Name string `json:"name,omitempty"` + + // principal id + PrincipalID string `json:"principal_id,omitempty"` + + // principal kind + PrincipalKind string `json:"principal_kind,omitempty"` +} + +// Validate validates this audit log event identity +func (m *AuditLogEventIdentity) Validate(formats strfmt.Registry) error { + return nil +} + +// MarshalBinary interface implementation +func (m *AuditLogEventIdentity) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *AuditLogEventIdentity) UnmarshalBinary(b []byte) error { + var res AuditLogEventIdentity + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/models/audit_log_event_request_context.go b/models/audit_log_event_request_context.go new file mode 100644 index 0000000..bbbf55b --- /dev/null +++ b/models/audit_log_event_request_context.go @@ -0,0 +1,61 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" +) + +// AuditLogEventRequestContext audit log event request context +// +// swagger:model AuditLogEventRequestContext +type AuditLogEventRequestContext struct { + + // domain + Domain string `json:"domain,omitempty"` + + // method + Method string `json:"method,omitempty"` + + // path + Path string `json:"path,omitempty"` + + // protocol + Protocol string `json:"protocol,omitempty"` + + // source ip + SourceIP string `json:"source_ip,omitempty"` + + // trace id + TraceID string `json:"trace_id,omitempty"` + + // user agent + UserAgent string `json:"user_agent,omitempty"` +} + +// Validate validates this audit log event request context +func (m *AuditLogEventRequestContext) Validate(formats strfmt.Registry) error { + return nil +} + +// MarshalBinary interface implementation +func (m *AuditLogEventRequestContext) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *AuditLogEventRequestContext) UnmarshalBinary(b []byte) error { + var res AuditLogEventRequestContext + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/models/audit_log_events.go b/models/audit_log_events.go new file mode 100644 index 0000000..9b14ca9 --- /dev/null +++ b/models/audit_log_events.go @@ -0,0 +1,83 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "strconv" + + "github.com/go-openapi/errors" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" +) + +// AuditLogEvents Paginated list of audit log events +// +// swagger:model AuditLogEvents +type AuditLogEvents struct { + + // List of audit log events + Items []*AuditLogEvent `json:"items"` + + // If set can be used to retrieve the next page of records. + NextToken string `json:"next_token,omitempty"` +} + +// Validate validates this audit log events +func (m *AuditLogEvents) Validate(formats strfmt.Registry) error { + var res []error + + if err := m.validateItems(formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *AuditLogEvents) validateItems(formats strfmt.Registry) error { + + if swag.IsZero(m.Items) { // not required + return nil + } + + for i := 0; i < len(m.Items); i++ { + if swag.IsZero(m.Items[i]) { // not required + continue + } + + if m.Items[i] != nil { + if err := m.Items[i].Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("items" + "." + strconv.Itoa(i)) + } + return err + } + } + + } + + return nil +} + +// MarshalBinary interface implementation +func (m *AuditLogEvents) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *AuditLogEvents) UnmarshalBinary(b []byte) error { + var res AuditLogEvents + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/models/create_custom_rule_input.go b/models/create_custom_rule_input.go index 9a7e1a4..1944c14 100644 --- a/models/create_custom_rule_input.go +++ b/models/create_custom_rule_input.go @@ -26,7 +26,7 @@ type CreateCustomRuleInput struct { Name string `json:"name,omitempty"` // Provider of the custom rule - // Enum: [AWS AWS_GOVCLOUD AZURE] + // Enum: [AWS AWS_GOVCLOUD AZURE GOOGLE] Provider string `json:"provider,omitempty"` // Resource type to which the custom rule applies @@ -70,7 +70,7 @@ var createCustomRuleInputTypeProviderPropEnum []interface{} func init() { var res []string - if err := json.Unmarshal([]byte(`["AWS","AWS_GOVCLOUD","AZURE"]`), &res); err != nil { + if err := json.Unmarshal([]byte(`["AWS","AWS_GOVCLOUD","AZURE","GOOGLE"]`), &res); err != nil { panic(err) } for _, v := range res { @@ -88,6 +88,9 @@ const ( // CreateCustomRuleInputProviderAZURE captures enum value "AZURE" CreateCustomRuleInputProviderAZURE string = "AZURE" + + // CreateCustomRuleInputProviderGOOGLE captures enum value "GOOGLE" + CreateCustomRuleInputProviderGOOGLE string = "GOOGLE" ) // prop value enum diff --git a/models/custom_rule.go b/models/custom_rule.go index 3cda05a..ecd1506 100644 --- a/models/custom_rule.go +++ b/models/custom_rule.go @@ -41,7 +41,7 @@ type CustomRule struct { Name string `json:"name,omitempty"` // Provider of the custom rule. - // Enum: [AWS AWS_GOVCLOUD AZURE] + // Enum: [AWS AWS_GOVCLOUD AZURE GOOGLE] Provider string `json:"provider,omitempty"` // Resource type to which the custom rule applies. @@ -102,7 +102,7 @@ var customRuleTypeProviderPropEnum []interface{} func init() { var res []string - if err := json.Unmarshal([]byte(`["AWS","AWS_GOVCLOUD","AZURE"]`), &res); err != nil { + if err := json.Unmarshal([]byte(`["AWS","AWS_GOVCLOUD","AZURE","GOOGLE"]`), &res); err != nil { panic(err) } for _, v := range res { @@ -120,6 +120,9 @@ const ( // CustomRuleProviderAZURE captures enum value "AZURE" CustomRuleProviderAZURE string = "AZURE" + + // CustomRuleProviderGOOGLE captures enum value "GOOGLE" + CustomRuleProviderGOOGLE string = "GOOGLE" ) // prop value enum diff --git a/models/event.go b/models/event.go index c2f5992..2eeafa8 100644 --- a/models/event.go +++ b/models/event.go @@ -14,7 +14,7 @@ import ( "github.com/go-openapi/validate" ) -// Event A drift or remediation event. +// Event A drift, remediation or compliance event. // // swagger:model Event type Event struct { diff --git a/models/provider_options_azure.go b/models/provider_options_azure.go index c77c50e..ed13a82 100644 --- a/models/provider_options_azure.go +++ b/models/provider_options_azure.go @@ -10,7 +10,7 @@ import ( "github.com/go-openapi/swag" ) -// ProviderOptionsAzure Provider options for Azire. +// ProviderOptionsAzure Provider options for Azure. // // swagger:model ProviderOptionsAzure type ProviderOptionsAzure struct { diff --git a/models/provider_options_google.go b/models/provider_options_google.go index 5475167..7e4bf57 100644 --- a/models/provider_options_google.go +++ b/models/provider_options_google.go @@ -10,7 +10,7 @@ import ( "github.com/go-openapi/swag" ) -// ProviderOptionsGoogle provider options google +// ProviderOptionsGoogle Provider options for Google. // // swagger:model ProviderOptionsGoogle type ProviderOptionsGoogle struct { @@ -18,6 +18,9 @@ type ProviderOptionsGoogle struct { // creds file CredsFile string `json:"creds_file,omitempty"` + // project id + ProjectID string `json:"project_id,omitempty"` + // service account email ServiceAccountEmail string `json:"service_account_email,omitempty"` } diff --git a/models/provider_options_google_update_input.go b/models/provider_options_google_update_input.go new file mode 100644 index 0000000..b8d09d9 --- /dev/null +++ b/models/provider_options_google_update_input.go @@ -0,0 +1,43 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" +) + +// ProviderOptionsGoogleUpdateInput Mutable provider options for Google. +// +// swagger:model ProviderOptionsGoogleUpdateInput +type ProviderOptionsGoogleUpdateInput struct { + + // The service account email that will be used to scan infrastructure. + ServiceAccountEmail string `json:"service_account_email,omitempty"` +} + +// Validate validates this provider options google update input +func (m *ProviderOptionsGoogleUpdateInput) Validate(formats strfmt.Registry) error { + return nil +} + +// MarshalBinary interface implementation +func (m *ProviderOptionsGoogleUpdateInput) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *ProviderOptionsGoogleUpdateInput) UnmarshalBinary(b []byte) error { + var res ProviderOptionsGoogleUpdateInput + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/models/provider_options_update_input.go b/models/provider_options_update_input.go index 78d67c6..b554395 100644 --- a/models/provider_options_update_input.go +++ b/models/provider_options_update_input.go @@ -24,6 +24,9 @@ type ProviderOptionsUpdateInput struct { // azure Azure *ProviderOptionsAzureUpdateInput `json:"azure,omitempty"` + + // google + Google *ProviderOptionsGoogleUpdateInput `json:"google,omitempty"` } // Validate validates this provider options update input @@ -42,6 +45,10 @@ func (m *ProviderOptionsUpdateInput) Validate(formats strfmt.Registry) error { res = append(res, err) } + if err := m.validateGoogle(formats); err != nil { + res = append(res, err) + } + if len(res) > 0 { return errors.CompositeValidationError(res...) } @@ -102,6 +109,24 @@ func (m *ProviderOptionsUpdateInput) validateAzure(formats strfmt.Registry) erro return nil } +func (m *ProviderOptionsUpdateInput) validateGoogle(formats strfmt.Registry) error { + + if swag.IsZero(m.Google) { // not required + return nil + } + + if m.Google != nil { + if err := m.Google.Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("google") + } + return err + } + } + + return nil +} + // MarshalBinary interface implementation func (m *ProviderOptionsUpdateInput) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/models/rule_waiver.go b/models/rule_waiver.go index 44f94fb..3d4e7b5 100644 --- a/models/rule_waiver.go +++ b/models/rule_waiver.go @@ -56,7 +56,7 @@ type RuleWaiver struct { // Required: true ResourceType *string `json:"resource_type"` - // Mapping of this rule in compliance families and their controls. + // Mapping of this rule in compliance families and their controls which are enabled in a given environment. RuleComplianceMapping interface{} `json:"rule_compliance_mapping,omitempty"` // Description of the rule. diff --git a/models/update_environment_input.go b/models/update_environment_input.go index e88c240..85875cd 100644 --- a/models/update_environment_input.go +++ b/models/update_environment_input.go @@ -29,7 +29,7 @@ type UpdateEnvironmentInput struct { Name string `json:"name,omitempty"` // Name of the cloud service provider for the environment. - // Enum: [aws aws_govcloud azure] + // Enum: [aws aws_govcloud azure google] Provider string `json:"provider,omitempty"` // provider options @@ -78,7 +78,7 @@ var updateEnvironmentInputTypeProviderPropEnum []interface{} func init() { var res []string - if err := json.Unmarshal([]byte(`["aws","aws_govcloud","azure"]`), &res); err != nil { + if err := json.Unmarshal([]byte(`["aws","aws_govcloud","azure","google"]`), &res); err != nil { panic(err) } for _, v := range res { @@ -96,6 +96,9 @@ const ( // UpdateEnvironmentInputProviderAzure captures enum value "azure" UpdateEnvironmentInputProviderAzure string = "azure" + + // UpdateEnvironmentInputProviderGoogle captures enum value "google" + UpdateEnvironmentInputProviderGoogle string = "google" ) // prop value enum