feat: Policy Tag Manager v1 API service #143

yoshi-automation · 2021-04-16T09:42:55Z

This PR was generated using Autosynth. 🌈

Synth log will be available here:
https://source.cloud.google.com/results/invocations/66f60b07-ee57-4ede-ad34-95f8878b9b6d/targets

To automatically regenerate this PR, check this box. (May take up to 24 hours.)

PiperOrigin-RevId: 368757092
Source-Link: googleapis/googleapis@b1c23ed
PiperOrigin-RevId: 368733958
Source-Link: googleapis/googleapis@bd72b41
PiperOrigin-RevId: 368687296
Source-Link: googleapis/googleapis@91eee3d
PiperOrigin-RevId: 368533270
Source-Link: googleapis/googleapis@9a9e296
PiperOrigin-RevId: 366869955
Source-Link: googleapis/googleapis@fa7915f
PiperOrigin-RevId: 366838867
Source-Link: googleapis/googleapis@d78dc2e
PiperOrigin-RevId: 366826395
Source-Link: googleapis/googleapis@2490be3
PiperOrigin-RevId: 365844681
Source-Link: googleapis/googleapis@d6642a0
PiperOrigin-RevId: 365836845
Source-Link: googleapis/googleapis@8586c62
PiperOrigin-RevId: 365620142
Source-Link: googleapis/googleapis@a1ab4d4
PiperOrigin-RevId: 364894175
Source-Link: googleapis/googleapis@15c5e21

autosynth cannot find the source of changes triggered by earlier changes in this repository, or by version upgrades to tools such as linters.

@alexander-fenster

Committer: @alexander-fenster PiperOrigin-RevId: 364894175 Source-Author: Google APIs <noreply@google.com> Source-Date: Wed Mar 24 14:41:06 2021 -0700 Source-Repo: googleapis/googleapis Source-Sha: 15c5e21948ff6fbe41f91bdf04f6252f91a12d59 Source-Link: googleapis/googleapis@15c5e21

…eldEnumValue API feat: adding fully_qualified_name in lookup and search feat: added DATAPROC_METASTORE integrated system along with new entry types: DATABASE and SERVICE docs: Documentation improvements PiperOrigin-RevId: 365620142 Source-Author: Google APIs <noreply@google.com> Source-Date: Mon Mar 29 11:20:23 2021 -0700 Source-Repo: googleapis/googleapis Source-Sha: a1ab4d44db02d59ff58810c6d4182d84e4b9abaa Source-Link: googleapis/googleapis@a1ab4d4

…cisco. PiperOrigin-RevId: 365836845 Source-Author: Google APIs <noreply@google.com> Source-Date: Tue Mar 30 10:09:43 2021 -0700 Source-Repo: googleapis/googleapis Source-Sha: 8586c62be9ba602c65d727485c828ed53ce11960 Source-Link: googleapis/googleapis@8586c62

@aohren

Committer: @aohren PiperOrigin-RevId: 365844681 Source-Author: Google APIs <noreply@google.com> Source-Date: Tue Mar 30 10:39:42 2021 -0700 Source-Repo: googleapis/googleapis Source-Sha: d6642a0d79ab1500f342e6d2a65b3d44a97841bc Source-Link: googleapis/googleapis@d6642a0

PiperOrigin-RevId: 366826395 Source-Author: Google APIs <noreply@google.com> Source-Date: Mon Apr 5 10:39:44 2021 -0700 Source-Repo: googleapis/googleapis Source-Sha: 2490be32f08cccc870862ea86920f58325795c89 Source-Link: googleapis/googleapis@2490be3

PiperOrigin-RevId: 366838867 Source-Author: Google APIs <noreply@google.com> Source-Date: Mon Apr 5 11:33:06 2021 -0700 Source-Repo: googleapis/googleapis Source-Sha: d78dc2e0cb627d3e48e910abf4b991264affcb56 Source-Link: googleapis/googleapis@d78dc2e

PiperOrigin-RevId: 366869955 Source-Author: Google APIs <noreply@google.com> Source-Date: Mon Apr 5 14:05:01 2021 -0700 Source-Repo: googleapis/googleapis Source-Sha: fa7915f8d43926de5effb815129a274579fa84df Source-Link: googleapis/googleapis@fa7915f

@gleeper

Committer: @gleeper PiperOrigin-RevId: 368533270 Source-Author: Google APIs <noreply@google.com> Source-Date: Wed Apr 14 16:39:41 2021 -0700 Source-Repo: googleapis/googleapis Source-Sha: 9a9e29627a715077cd8e33c0d2bd549437039bd0 Source-Link: googleapis/googleapis@9a9e296

PiperOrigin-RevId: 368687296 Source-Author: Google APIs <noreply@google.com> Source-Date: Thu Apr 15 11:56:51 2021 -0700 Source-Repo: googleapis/googleapis Source-Sha: 91eee3d039fbdbadee008393504900287bbc6f43 Source-Link: googleapis/googleapis@91eee3d

@miraleung

Committer: @miraleung PiperOrigin-RevId: 368733958 Source-Author: Google APIs <noreply@google.com> Source-Date: Thu Apr 15 15:50:23 2021 -0700 Source-Repo: googleapis/googleapis Source-Sha: bd72b4133563262bdb3abbb8e2512a470d4a10f9 Source-Link: googleapis/googleapis@bd72b41

…the NamedCurve enum is replaced by the EcKeyType message. PiperOrigin-RevId: 368757092 Source-Author: Google APIs <noreply@google.com> Source-Date: Thu Apr 15 18:21:21 2021 -0700 Source-Repo: googleapis/googleapis Source-Sha: b1c23ed98caaae6b5d0cf75649afc803bda141f3 Source-Link: googleapis/googleapis@b1c23ed

tswast · 2021-04-20T17:34:26Z

____________________ test_set_iam_policy_from_dict_foreign _____________________

    def test_set_iam_policy_from_dict_foreign():
        client = DataCatalogClient(credentials=credentials.AnonymousCredentials(),)
        # Mock the actual call within the gRPC stub, and fake the request.
        with mock.patch.object(type(client.transport.set_iam_policy), "__call__") as call:
            # Designate an appropriate return value for the call.
            call.return_value = gi_policy.Policy()

            response = client.set_iam_policy(
                request={
                    "resource": "resource_value",
>                   "policy_": gi_policy.Policy(version=774),
                }
            )

tests/unit/gapic/datacatalog_v1/test_data_catalog.py:6855:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <google.cloud.datacatalog_v1.services.data_catalog.client.DataCatalogClient object at 0x7fe40efd3240>
request = {'policy_': version: 774
, 'resource': 'resource_value'}

    def set_iam_policy(
        self,
        request: iam_policy.SetIamPolicyRequest = None,
        *,
        resource: str = None,
        retry: retries.Retry = gapic_v1.method.DEFAULT,
        timeout: float = None,
        metadata: Sequence[Tuple[str, str]] = (),
    ) -> gi_policy.Policy:
        r"""Sets the access control policy for a resource. Replaces any
        existing policy. Supported resources are:

        -  Tag templates.
        -  Entries.
        -  Entry groups. Note, this method cannot be used to manage
           policies for BigQuery, Pub/Sub and any external Google Cloud
           Platform resources synced to Data Catalog.

        Callers must have following Google IAM permission

        -  ``datacatalog.tagTemplates.setIamPolicy`` to set policies on
           tag templates.
        -  ``datacatalog.entries.setIamPolicy`` to set policies on
           entries.
        -  ``datacatalog.entryGroups.setIamPolicy`` to set policies on
           entry groups.

        Args:
            request (google.iam.v1.iam_policy_pb2.SetIamPolicyRequest):
                The request object. Request message for `SetIamPolicy`
                method.
            resource (str):
                REQUIRED: The resource for which the
                policy is being specified. See the
                operation documentation for the
                appropriate value for this field.

                This corresponds to the ``resource`` field
                on the ``request`` instance; if ``request`` is provided, this
                should not be set.

            retry (google.api_core.retry.Retry): Designation of what errors, if any,
                should be retried.
            timeout (float): The timeout for this request.
            metadata (Sequence[Tuple[str, str]]): Strings which should be
                sent along with the request as metadata.

        Returns:
            google.iam.v1.policy_pb2.Policy:
                Defines an Identity and Access Management (IAM) policy. It is used to
                   specify access control policies for Cloud Platform
                   resources.

                   A Policy is a collection of bindings. A binding binds
                   one or more members to a single role. Members can be
                   user accounts, service accounts, Google groups, and
                   domains (such as G Suite). A role is a named list of
                   permissions (defined by IAM or configured by users).
                   A binding can optionally specify a condition, which
                   is a logic expression that further constrains the
                   role binding based on attributes about the request
                   and/or target resource.

                   **JSON Example**

                      {
                         "bindings": [
                            {
                               "role":
                               "roles/resourcemanager.organizationAdmin",
                               "members": [ "user:mike@example.com",
                               "group:admins@example.com",
                               "domain:google.com",
                               "serviceAccount:my-project-id@appspot.gserviceaccount.com"
                               ]

                            }, { "role":
                            "roles/resourcemanager.organizationViewer",
                            "members": ["user:eve@example.com"],
                            "condition": { "title": "expirable access",
                            "description": "Does not grant access after
                            Sep 2020", "expression": "request.time <
                            timestamp('2020-10-01T00:00:00.000Z')", } }

                         ]

                      }

                   **YAML Example**

                      bindings: - members: - user:\ mike@example.com -
                      group:\ admins@example.com - domain:google.com -
                      serviceAccount:\ my-project-id@appspot.gserviceaccount.com
                      role: roles/resourcemanager.organizationAdmin -
                      members: - user:\ eve@example.com role:
                      roles/resourcemanager.organizationViewer
                      condition: title: expirable access description:
                      Does not grant access after Sep 2020 expression:
                      request.time <
                      timestamp('2020-10-01T00:00:00.000Z')

                   For a description of IAM and its features, see the
                   [IAM developer's
                   guide](\ https://cloud.google.com/iam/docs).

        """
        # Create or coerce a protobuf request object.
        # Sanity check: If we got a request object, we should *not* have
        # gotten any keyword arguments that map to the request.
        has_flattened_params = any([resource])
        if request is not None and has_flattened_params:
            raise ValueError(
                "If the `request` argument is set, then none of "
                "the individual field arguments should be set."
            )

        if isinstance(request, dict):
            # The request isn't a proto-plus wrapped type,
            # so it must be constructed via keyword expansion.
>           request = iam_policy.SetIamPolicyRequest(**request)
E           ValueError: Protocol message SetIamPolicyRequest has no "policy_" field.

Need to update IAM dependency?

tswast · 2021-04-20T17:47:22Z

Needs synth hack

# Rename `policy_` to `policy` to avoid breaking change in a GA library
# Only replace if a non-alphanumeric (\W) character follows `policy_`
s.replace(["google/**/*.py", "scripts/fixup*.py", "tests/unit/**/*.py"], "policy_(\W)", "policy\g<1>")

from googleapis/python-dataproc#158

tswast · 2021-04-20T19:45:10Z

Second failure:

____________________ test_get_iam_policy_from_dict_foreign _____________________

    def test_get_iam_policy_from_dict_foreign():
        client = DataCatalogClient(credentials=credentials.AnonymousCredentials(),)
        # Mock the actual call within the gRPC stub, and fake the request.
        with mock.patch.object(type(client.transport.get_iam_policy), "__call__") as call:
            # Designate an appropriate return value for the call.
            call.return_value = gi_policy.Policy()

            response = client.get_iam_policy(
                request={
                    "resource": "resource_value",
>                   "options_": gi_options.GetPolicyOptions(requested_policy_version=2598),
                }
            )

tests/unit/gapic/datacatalog_v1/test_data_catalog.py:7078:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <google.cloud.datacatalog_v1.services.data_catalog.client.DataCatalogClient object at 0x7feb30ff6f60>
request = {'options_': requested_policy_version: 2598
, 'resource': 'resource_value'}

    def get_iam_policy(
        self,
        request: iam_policy.GetIamPolicyRequest = None,
        *,
        resource: str = None,
        retry: retries.Retry = gapic_v1.method.DEFAULT,
        timeout: float = None,
        metadata: Sequence[Tuple[str, str]] = (),
    ) -> gi_policy.Policy:
        r"""Gets the access control policy for a resource. A ``NOT_FOUND``
        error is returned if the resource does not exist. An empty
        policy is returned if the resource exists but does not have a
        policy set on it.

        Supported resources are:

        -  Tag templates.
        -  Entries.
        -  Entry groups. Note, this method cannot be used to manage
           policies for BigQuery, Pub/Sub and any external Google Cloud
           Platform resources synced to Data Catalog.

        Callers must have following Google IAM permission

        -  ``datacatalog.tagTemplates.getIamPolicy`` to get policies on
           tag templates.
        -  ``datacatalog.entries.getIamPolicy`` to get policies on
           entries.
        -  ``datacatalog.entryGroups.getIamPolicy`` to get policies on
           entry groups.

        Args:
            request (google.iam.v1.iam_policy_pb2.GetIamPolicyRequest):
                The request object. Request message for `GetIamPolicy`
                method.
            resource (str):
                REQUIRED: The resource for which the
                policy is being requested. See the
                operation documentation for the
                appropriate value for this field.

                This corresponds to the ``resource`` field
                on the ``request`` instance; if ``request`` is provided, this
                should not be set.

            retry (google.api_core.retry.Retry): Designation of what errors, if any,
                should be retried.
            timeout (float): The timeout for this request.
            metadata (Sequence[Tuple[str, str]]): Strings which should be
                sent along with the request as metadata.

        Returns:
            google.iam.v1.policy_pb2.Policy:
                Defines an Identity and Access Management (IAM) policy. It is used to
                   specify access control policies for Cloud Platform
                   resources.

                   A Policy is a collection of bindings. A binding binds
                   one or more members to a single role. Members can be
                   user accounts, service accounts, Google groups, and
                   domains (such as G Suite). A role is a named list of
                   permissions (defined by IAM or configured by users).
                   A binding can optionally specify a condition, which
                   is a logic expression that further constrains the
                   role binding based on attributes about the request
                   and/or target resource.

                   **JSON Example**

                      {
                         "bindings": [
                            {
                               "role":
                               "roles/resourcemanager.organizationAdmin",
                               "members": [ "user:mike@example.com",
                               "group:admins@example.com",
                               "domain:google.com",
                               "serviceAccount:my-project-id@appspot.gserviceaccount.com"
                               ]

                            }, { "role":
                            "roles/resourcemanager.organizationViewer",
                            "members": ["user:eve@example.com"],
                            "condition": { "title": "expirable access",
                            "description": "Does not grant access after
                            Sep 2020", "expression": "request.time <
                            timestamp('2020-10-01T00:00:00.000Z')", } }

                         ]

                      }

                   **YAML Example**

                      bindings: - members: - user:\ mike@example.com -
                      group:\ admins@example.com - domain:google.com -
                      serviceAccount:\ my-project-id@appspot.gserviceaccount.com
                      role: roles/resourcemanager.organizationAdmin -
                      members: - user:\ eve@example.com role:
                      roles/resourcemanager.organizationViewer
                      condition: title: expirable access description:
                      Does not grant access after Sep 2020 expression:
                      request.time <
                      timestamp('2020-10-01T00:00:00.000Z')

                   For a description of IAM and its features, see the
                   [IAM developer's
                   guide](\ https://cloud.google.com/iam/docs).

        """
        # Create or coerce a protobuf request object.
        # Sanity check: If we got a request object, we should *not* have
        # gotten any keyword arguments that map to the request.
        has_flattened_params = any([resource])
        if request is not None and has_flattened_params:
            raise ValueError(
                "If the `request` argument is set, then none of "
                "the individual field arguments should be set."
            )

        if isinstance(request, dict):
            # The request isn't a proto-plus wrapped type,
            # so it must be constructed via keyword expansion.
>           request = iam_policy.GetIamPolicyRequest(**request)
E           ValueError: Protocol message GetIamPolicyRequest has no "options_" field.

Need same hack for options_ as we did for policy_?

yoshi-automation added 12 commits April 16, 2021 02:25

changes without context

c56c9c1

autosynth cannot find the source of changes triggered by earlier changes in this repository, or by version upgrades to tools such as linters.

yoshi-automation requested a review from a team as a code owner April 16, 2021 09:42

yoshi-automation added the context: partial label Apr 16, 2021

product-auto-label bot added the api: datacatalog Issues related to the googleapis/python-datacatalog API. label Apr 16, 2021

google-cla bot added the cla: yes This human has signed the Contributor License Agreement. label Apr 16, 2021

tswast changed the title ~~[CHANGE ME] Re-generated to pick up changes from googleapis.~~ feat: Policy Tag Manager v1 API service Apr 20, 2021

tswast mentioned this pull request Apr 20, 2021

Addition of policy and options to reserved names in #824 results in breaking changes to stable libraries googleapis/gapic-generator-python#835

Closed

revert policy rename

665e14c

shollyman added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 6, 2021

busunkim96 closed this May 10, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: Policy Tag Manager v1 API service #143

feat: Policy Tag Manager v1 API service #143

yoshi-automation commented Apr 16, 2021

tswast commented Apr 20, 2021

tswast commented Apr 20, 2021

tswast commented Apr 20, 2021

feat: Policy Tag Manager v1 API service #143

feat: Policy Tag Manager v1 API service #143

Conversation

yoshi-automation commented Apr 16, 2021

tswast commented Apr 20, 2021

tswast commented Apr 20, 2021

tswast commented Apr 20, 2021