File: //snap/google-cloud-cli/current/lib/surface/privateca/certificates/list.py
# -*- coding: utf-8 -*- #
# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""List certificates within a project."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from apitools.base.py import list_pager
from googlecloudsdk.api_lib.privateca import base as privateca_base
from googlecloudsdk.api_lib.privateca import resource_utils
from googlecloudsdk.api_lib.util import common_args
from googlecloudsdk.calliope import base
from googlecloudsdk.calliope.concepts import deps
from googlecloudsdk.command_lib.privateca import filter_rewrite
from googlecloudsdk.command_lib.privateca import resource_args
from googlecloudsdk.command_lib.privateca import response_utils
from googlecloudsdk.command_lib.privateca import text_utils
from googlecloudsdk.command_lib.util.concepts import concept_parsers
from googlecloudsdk.command_lib.util.concepts import presentation_specs
from googlecloudsdk.core import log
from googlecloudsdk.core.resource import resource_projection_spec
_DETAILED_HELP = {
'EXAMPLES':
"""\
To list all Certificates issued by a given Certificate Authority, run:
$ {command} --issuer=my-ca --location=us-west1
To list all Certificates issued by all Certificate Authorities in a
location, run:
$ {command} --location=us-west1
You can omit the `--location` flag in both of the above examples if
you've already set the ``privateca/location'' property. For example:
$ {top_command} config set privateca/location us-west1
+
# The following is equivalent to the first example above.
$ {command} --issuer=my-ca
+
# The following is equivalent to the second example above.
$ {command}
"""
}
@base.ReleaseTracks(base.ReleaseTrack.GA)
class List(base.ListCommand):
r"""List certificates within a project.
List certificates within a project. Note that listing certificates accross
locations is not supported.
## EXAMPLES
To list all Certificates issued by a given CA pool, run:
$ {command} --issuer-pool=my-pool --location=us-west1
To list all Certificates issued by all CA pools in a location, run:
$ {command} --location=us-west1
To list all Certificates issued directly under a CA, run:
$ {command} --issuer-pool=my-pool --location=us-west1 \
--filter="issuer_certificate_authority='projects/1234567890/locations/us-west1/caPools/my-pool/certificateAuthorities/my-ca'"
You can omit the `--location` flag in both of the above examples if you've
already set the ``privateca/location'' property. For example:
$ {top_command} config set privateca/location us-west1
+
# The following is equivalent to the first example above.
$ {command} --issuer-pool=my-pool
+
# The following is equivalent to the second example above.
$ {command}
"""
@staticmethod
def Args(parser):
concept_parsers.ConceptParser([
presentation_specs.ResourcePresentationSpec(
'--issuer-pool',
resource_args.CreateCaPoolResourceSpec(
'CA_POOL',
pool_id_fallthroughs=[
deps.Fallthrough(
function=lambda: '-',
hint=('defaults to all CA pools in the '
'given location'),
active=False,
plural=False)
]), 'The issuing CA pool. If this is omitted, '
'Certificates issued by all CA pools in the given '
'location will be listed.',
required=True),
]).AddToParser(parser)
base.PAGE_SIZE_FLAG.SetDefault(parser, 100)
parser.display_info.AddFormat("""
table(
name.basename(),
name.scope().segment(-3):label=CA_POOL,
name.scope().segment(-5):label=LOCATION,
revocation_details.yesno(yes="REVOKED", no="ACTIVE"):label=REVOCATION_STATUS,
certificate_description.subject_description.not_before_time():label=NOT_BEFORE,
certificate_description.subject_description.not_after_time():label=NOT_AFTER)
""")
parser.display_info.AddTransforms({
'not_before_time': text_utils.TransformNotBeforeTime,
'not_after_time': text_utils.TransformNotAfterTime
})
parser.display_info.AddUriFunc(
resource_utils.MakeGetUriFunc(
'privateca.projects.locations.caPools.certificates'))
def Run(self, args):
client = privateca_base.GetClientInstance(api_version='v1')
messages = privateca_base.GetMessagesModule(api_version='v1')
display_info = args.GetDisplayInfo()
defaults = resource_projection_spec.ProjectionSpec(
symbols=display_info.transforms, aliases=display_info.aliases)
client_filter, server_filter = filter_rewrite.BackendFilterRewrite(
).Rewrite(
args.filter, defaults=defaults)
log.info('original_filter=%r, client_filter=%r, server_filter=%r',
args.filter, client_filter, server_filter)
# Overwrite client filter used by gcloud.
args.filter = client_filter
parent = args.CONCEPTS.issuer_pool.Parse()
request = messages.PrivatecaProjectsLocationsCaPoolsCertificatesListRequest(
parent=parent.RelativeName(),
orderBy=common_args.ParseSortByArg(args.sort_by),
filter=server_filter)
return list_pager.YieldFromList(
client.projects_locations_caPools_certificates,
request,
field='certificates',
limit=args.limit,
batch_size_attribute='pageSize',
batch_size=args.page_size,
get_field_func=response_utils.GetFieldAndLogUnreachable)