zfdZddlmZddlmZddlmZddlmZddlmZddlm Z Gdd e Z y ) 3API helpers for interacting with platform policies.)absolute_import)division)unicode_literals)encoding) list_pager)apiscDeZdZdZd dZdZdZ d dZdZdZ d d Z y) ClientrNcltj||_tj||_yN)r GetClientInstanceclientGetMessagesModulemessages)self api_versions @lib/googlecloudsdk/api_lib/container/binauthz/platform_policy.py__init__zClient.__init__s&((5DK**;7DMc|jj|}|jjj |S)zDescribes a policy. Args: policy_ref: the resource name of the policy being described. Returns: The policy resource. name)r6BinaryauthorizationProjectsPlatformsPoliciesGetRequestrprojects_platforms_policiesGet)r policy_refget_reqs rDescribezClient.Describe!sA LL M  ;; 2 2 6 6w ??rcZ||_|jjj|S)zUpdates a policy. Args: policy_ref: the resource name of the policy being updated. policy: the contents of the new policy. Returns: The updated policy resource. )rrrReplacePlatformPolicy)rrpolicys rUpdatez Client.Update1s&FK ;; 2 2 H H PPrc tj|jj|jj |d|d|xsdS)a|Lists policies. Args: platform_ref: the resource name of the platform whose policies are being listed. page_size: The number of policies to retrieve in one request (when None, use the default size). limit: int, The maximum number of policies to yield (when None, unlimted). Returns: A list of policies for the given platform. )parentplatformPoliciespageSized)fieldlimitbatch_size_attribute batch_size)r YieldFromListrrr7BinaryauthorizationProjectsPlatformsPoliciesListRequest)r platform_ref page_sizer*s rListz Client.List>sP$  # # // MM N ! '# rc|jj|jj|j |}|j j j|S)zCreates a policy. Args: policy_resource_name: Resource object representing the resource name of the policy to create. policy: The policy to create. Returns: The policy resource. )r%policyIdplatformPolicy)r9BinaryauthorizationProjectsPlatformsPoliciesCreateRequestParent RelativeNameNamerrCreate)rpolicy_resource_namer"requests rr9z Client.CreateZsb OO'..0==?)..0! P # ;; 2 2 9 9' BBrc|jj|}|jjj |S)zDeletes a policy. Args: policy_ref: the resource name of the policy being deleted. Returns: The resource name of the deleted policy. r)r9BinaryauthorizationProjectsPlatformsPoliciesDeleteRequestrrDelete)rrr;s rr>z Client.DeletelsA OO P  ;; 2 2 9 9' BBrc tjd|i|d|jj}|r9|jjj j |j_|jjj|S)aIEvaluate a policy against a Kubernetes resource. Args: policy_ref: the resource name of the policy. resource: the Kubernetes resource in JSON or YAML form. generate_deploy_attestations: whether to sign results or not. Returns: The result of the evaluation in EvaluateGkePolicyResponse form. resource)evaluateGkePolicyRequestr) r DictToMessager>BinaryauthorizationProjectsPlatformsGkePoliciesEvaluateRequestEvaluateGkePolicyRequestAttestationModeValueValuesEnumGENERATE_DEPLOYrAattestationModerprojects_platforms_gke_policiesEvaluate)rrr@generate_deploy_attestationsr;s rrIzClient.Evaluate|s$$H)  TTG$ -- 0 0 O O _ _&&6 ;; 6 6 ? ? HHrr )r(N)F) __name__ __module__ __qualname____doc__rrr#r1r9r>rIrrr r s5;8@ Q   8C$C Irr N) rN __future__rrrapitools.base.pyrr)googlecloudsdk.api_lib.container.binauthzr objectr rOrrrTs,:&'%':{IV{Ir