!RdZddlmZddlmZddlmZddlmZddlZddlZddlZddl Z ddl Z ddl Z ddl Z ddl mZddl mZdd lmZdd lmZdd lmZdd lmZdd lmZddlmZddlmZddl m!Z!ddl m"Z"ddl m#Z#ddl m$Z$ddl m%Z%ddl&m'Z'ddl(m)Z)ddl*m+Z+ddl*mZddl*m,Z,ddl*m-Z-ddl*m.Z.ddl/m0Z0ddl1m2Z2ddl1m3Z3ddl4Z4ejjddZ6ejjd dZ7ejjd!dZ8d"Z9d#Z:e;Z<Gd$d%e=Z>Gd&d'e#j~Z@Gd(d)e#j~ZAd*ZBd+ZCGd,d-e#j~ZDGd.d/e#j~ZEGd0d1e#j~ZFGd2d3e#j~ZGd4ZHd5ZId6ZJd7ZKd8ZLd9ZMd:ZNd;ZO djd<ZPd=ZQd>ZRd?ZSd@ZTdAZUe jdBZWe jdCZXe jdDZYdEZZe jdFZ[dGZ\dHZ]dIZ^dJZ_dKZ`dLZaGdMdNe;ZbGdOdPebZcGdQdRe;ZddSZedTZfGdUdVebZgdWZhGdXdYebZiGdZd[ejZkGd\d]ebZld^Zmd_Znd`ZodaZpdbZqdcZrdkddZsdeZtdfZudgZvdhZwdiZxy)lzm  t ,d 3M4L4LMm)- &  ZZ??#  %%r+c|js |jr|j|jk(S|j|jk(Sr6)rLrN)selfothers r, IsSameSecretz_SecretVolume.IsSameSecretsA U00   5#6#6 66   u00 00r+r6)r&r'r(r)r2 classmethodr]rar*r+r,rKrK~s+  J% &* %%21r+rKceZdZdZdZy) _SecretEnvVaraConfiguration for a single env var that's pulled from a secret. Attributes: name: (str) the name of the secret in the resource key: (str) the secret version to use mapped_secret: (str) if set, the path of the secret from the other project that this secret will pull from. For example 'projects/123/secrets/foo'. If not set, will pull from the secret called 'name' in the current project. r0rHrLNr1r*r+r,rdrds  +%r+rdcPeZdZdZdZedZd dZdZdZ dZ dZ d Z d Z y ) SettingsaGSettings for local development environments. Attributes: service_name: Name of the kuberntes service. image: Docker image tag. credential: Credential setting for either service account or application default credential. context: Path to directory to use as the current working directory for the docker build. builder: The builder specification or None. local_port: Local port to which to forward the service connection. env_vars: Container environment variables. env_vars_secrets: Container environment variables where the values come from Secret Manager. volumes_secrets: Volumes where the values come from secret manager. renamed_secrets: internal map of secrets that don't correspond to k8s naming conventions. cloudsql_instances: Cloud SQL instances. memory: Memory limit. cpu: CPU limit. namespace: Kubernetes namespace to run in. readiness_probe: If true, create readiness probe. allow_secret_manager: If true, allow fetching secrets from secret manager ) service_nameimage credentialcontextbuilder local_portenv_varsenv_vars_secretsvolumes_secretsr[cloudsql_instancesmemorycpu namespacereadiness_probeallow_secret_managerc ~tjjtj}|j ddj ddj }d}tj|}||gtjjtjd|iigit S)z5The settings you get with no args or other overrides._- Dockerfile dockerfileN) rlrqrkrirhrnrorpr[rv) osrIbasenamerGetCWDreplacelowerrDockerfileBuilderabspath_FLAG_UNSPECIFIED)r:dir_namerhdockerfile_arg_defaultrls r,DefaultszSettings.Defaultssww /H##C-55c3?EEGL)((4JKG  /!.  r+c , |j|}d|jji} |jjjj \}i}|jjtjd}tj|djD cic]\}} || j!}}} |jj#r|j$jtjd} |j'tj| djD cic]\}} || j!c} }i} i} |j(D],} | j*r| j*j,rtjd| j*j.sS| j*j.j}|j|d}|sRt1j2|s=|}|j4j|d}|st7|\}}||j4|<t9| j*j.j:||| | j<| j<| | j</|j't?|j@|jB| | |jjjjD}|rtG||d <|jH}|r||d <|j'|jK|i}|jjjjLD]U}|jNr|jN||j<)tjd jQ|jg}|jRD]|}|j|vr.tjd jQ|j|jUtVjY|||j||j4~||d <|jZdi|S#t $rtjdwxYwcc} }wcc} }w)a1Overrides settings with service.yaml and returns a new Settings object. Args: yaml_path: Filename to read. is_alpha: boolean set to true if alpha features should be used. Returns: New Settings object. Raises: _ParseError: Input does not look like a service.yaml rhz0knative Service must have exactly one container.Tz+env_vars from config_maps are not supportedN)rHr0rLr/rjrizGCould not process volume "{}". Only volumes from secrets are supported.z5Container referenced volume "{}" which was not found.rpr*)._ParseServiceYamlmetadatar0spectemplate containers ValueErrorrError annotationsrTr SECRETS_ANNOTATIONrParseAnnotationrOFormatAnnotationItem IsFullObjecttemplate_annotationsupdateenv valueFromconfigMapKeyRef secretKeyRefrrUr[rVrdrHvalue_MergedEnvVarsrnroserviceAccountNamer.ri_ResourceRequestsvolumessecretformat volumeMountsrRrKr]r)r_ yaml_pathis_alphaknative_service replacements containerrZaliaseskvtemplate_aliases new_env_varsnew_env_vars_secretsvarrNrLservice_account_name image_nameall_volsvolreferenced_volss r,WithServiceYamlzSettings.WithServiceYamls$,,Y7O 0055LQ#((1166AAky N))----r3G$33GTBHHJJDAq 1 ! ! ##J,,.(==AA  / /5/>/N/N0&&+eg0.0.tq! " #0. L}}  == ( (  !NO O ]] ' ' 2277+(,,[$?-w'='=k'J'M..22=$GK+@+O(k=4?d""=1+8--,,00),+ sxx ( "% SXX'(t}}d&;&;\+ -.+//88==PP#8#$%l< J(l7..y9:H##,,1199  ZZ ==CVCHH=MO O : O%%  ! ((.sxx(8: :  & &sHSXX,>'+';'; => &'6L"# 4<< ', ''Y Q   O PPQs,Q(*R >R (Rc tj|}tj|tj }t j |t}|S#tjtjf$r twxYwr6) r load_path messages_utilDictToMessageWithErrorCheckRUN_MESSAGES_MODULEService k8s_servicer DecodeErrorr$)r_r yaml_dictmessagers r,rzSettings._ParseServiceYamlRst..+i99 (002g#++G5HIo  JJ 11 2 Ms AA.Bc|jr|jjsiSi}|jjjD]?}|jdk(r|j|d<|jdk(s1|j|d<A|S)Nrsrr) resourceslimitsadditionalPropertiesrHr)r_rretprops r,rzSettings._ResourceRequests\sy   i&9&9&@&@ i C##**?? U ZZE X  H @ Jr+c tjj|}t |jj}tj|dd}|j|S#tj$r t wxYw)zOverrides settings with app.yaml and returns a new Settings object. Args: yaml_path: Filename to read. Returns: New Settings object. Raises: ParseError: Input does not look like an app.yaml TFrltrustdevmode)rl) app_engine_yaml_parsingServiceYamlInfoFromFilerrr$r@parsedr?rBuildpackBuilderr)r_rservice_config builder_urlrls r, WithAppYamlzSettings.WithAppYamlgs}.>>GG n))>)>)F)FGK''48G <<< (( :: Ms A**Bci}dD]#}|j|st||||<%|jdrt|d<n*|jdrt |j |d<|j }|jr)tjj|j}||d<t|ddrd |d <n|jd rt|j|d <n}|jd r$tj|j |d <nHt!|jtjr$ |j|d <|d j#|t|dd r |j.}nt|dixsi}|j1t|dixsi\}}|j3t5|j.|j6||t9|j:||d<|j<di|S#tj$$r4t&j(j+d tt,|d <YwxYw)z?Overrides settings with args and returns a new Settings object.) rmrrrsrtrurqrirhrvapplication_default_credentialrjservice_accountr/rkno_skaffold_fileFNrlr}r|zCNo Dockerfile detected. Using GCP buildpacks to build the containerrn env_vars_filerrpr*)IsKnownAndSpecifiedgetattr IsSpecifiedr4r.rrksourcer~rIr_BuilderFromArgrlrrr} isinstanceValidateInvalidLocationErrorrstatusPrintrBrn _GetSecretsrrro_MergeSecretVolumesrpr)r_argsr override_argrknew_envsnew_env_secretsnew_sec_volumess r,WithArgszSettings.WithArgs}s5L    ! !, /%,T<%@ \"  89#F#Hl<  + ,#8##$%l< llG {{ ,g%Lt'/ $l9 ! !) ,"1$,,"? Y  # #L 1"*"<"<#( Y dllH$>$> ? ,&*llL #  # , ,W 5 tZ&h39rh'+'7'7i$*(,$O_t}}d&;&;X& ()': o'/L"# 4<< ', ''%.. , JJ  K L&5*',L # ,s#HAI%$I%cvi}i}i}|jD]\}}|jd}t|dk7r$tjdj ||\}} d} |j drV|} | |vrJ|jjdddddzttjz}||| <nI|| }nCtj|s.||jvr|} |j|}nt|\}} |j d rit j"j|\} } | |vrt%|| |g| } | || <n|| } | jj't)| | ut+|| | ||<|t-|j/fS) N:z:, got {} projects/rx.ry/rQrGre)rOsplitlenrrr startswithrrstruuiduuid1rrUr[rVr~rIrKrRrFrdlistvalues)r_ secrets_argsrnrrrHrpartsrNversionrLrMfilenamevolumes r,rzSettings._GetSecretssHGG#))+ Vll3e Uq @@FvP P"k7m    ,#  '!))#s3BQ7#=$**,  $/'-  .+%%k2 $.. .%-,,[9+'<['I $+}  !ww}}S1 H W $ #%) +& !''* :&& KG(CD%'H O,R T'..*+ ++r+ct|jtjr%|jj |j i}|j t|j|d<|jdi|S)zCValidate and compute settings after all user inputs have been read.rir*) rrlrrrrkri_DefaultImageNamerhr)r_rs r,BuildzSettings.Buildsd$,, : :; llDLL)L zz/0A0ABl7 4<< ', ''r+N)F)r&r'r(r)r2rbrrrrrrrrr*r+r,rgrgsJ2 C% ,a(F ),;(z.,`(r+rgc\|j}|j}t|j|}|r$tjdj ||j D]\}}||vr||=|||<|j D]\}}||vr||=|||<||dS)zDAdd the new env vars (both values and secrets) to the existing ones.z{} cannot be secret and literal)rnro)copyset intersectionrrrrO)rnrorr conflictsnew_envval new_secrets r,rrs]]_(%**,,,,-AB)   <CCIN OO #((*lgs"" 7 #HW+.335oj#X : #&Z 64D EEr+c.|Dcic]}|j|}}|D]}|j|vr|||j<!||j}|j|r|jDcic]}|j|}}|jDcic]}|j|}}|j |t |j |jdd|||j<t |j Scc}wcc}wcc}w)zACombine the secret volumes from existing source with new volumes.N)rMrarOrIrrr) cur_volsnew_volsrvol_mapnew_volcur_volr\ cur_items new_itemss r,rrs,4 5HSS^^S H' 5g($+gg  !**+g   g &18?TYY_ ?18?TYY_ ?# 0 0 23 a'.""# gnn  6@?sD,D Dcd|tjjk(}tj }t |ddxst jj}t |dd}tj||}|r. |j||tjjk(}|j!|}|j#}|S#t$rU|r8 |j|}n=#t$rtjd|zwxYwtjd|zYwxYw)zHLayer the defaults, service.yaml/app.yaml values, and cmdline overrides.rNrz4%r is unreadable as a service.yaml or app.yaml file.z(%r is unreadable as a service.yaml file.)r ReleaseTrackALPHArgrrr~rIcurdirrChooseExistingServiceYamlrr$rrrrr)r release_trackservice_config_may_be_app_yamlsettings context_dirservice_config_arg yaml_files r,AssembleSettingsr"s3$1D4E4E4K4K#K    (h-?+t%5t<..{>+,jc5 88M3 '#..-. OOS512 -  )+78 99r+ctj|dt}t|j D]2\}}|j |d|j |jdid4y)zAdd environment variables from secrets to a container. Args: container: (dict) Container to edit. env_vars_secrets: (dict) Key value environment variable pairs. Values are dict with key/name keys in them. r=r)r)r0rH)r0rN)rr.rr?rOrRr0rH)rrorDrHrs r,_AddSecretEnvironmentVariablesrHsd $ $Yd K(+1134jc5 OO  yy 5r+c:t|}dj||}t|}t|r|st d|z|S|sRt |}t d||d}dj|}tj||rt|d|zd |S) zCreates a service account for local development. Args: service_account_email: Email of the service account. Returns: The resource name of the service account. z,projects/{project}/serviceAccounts/{account})raccountz9%s cannot be created because it is a service account namez,Serverless Local Development Service AccountzoThe project editor role allows the service account to create, delete, and modify most resources in the project.zAdd project editor role to {}?r prompt_stringzserviceAccount:z roles/editor) _GetServiceAccountProjectr_ServiceAccountExists_IsReservedServiceAccountNamer_GetServiceAccountId_CreateAccountrPromptContinue _AddBinding)service_account_email project_idrexists account_idpermission_msgrLs r,CreateDevelopmentServiceAccountrYs))>?*GNN"7O9 !!5 6&"#89  &(=> ??"! %&;[^@]+)@(?P[^\.]+).iam.gserviceaccount.comz=(?P[^\.]+).google.com@appspot.gserviceaccount.comz=(?P\d+)-compute@developer.gserviceaccount.comc tj|}|r|jdStj|}|r|jdStj|}|rt |jdSt |dz)zGet the project id from a service account email. Args: service_account_email: (str) Email address of service account. Returns: The project id of the project to which the service account belongs. rrUproject_number' is not a valid service account address)_PROJECT_SERVICE_ACCOUNT_RErAgroup_APPENGINE_SERVICE_ACCOUNT_COMPUTE_SERVICE_ACCOUNT_ProjectNumberToIdrrTmatchers r,rMrM3s ( - -.C D' == ## & , ,-B C' == && $ * *+@ A' gmm,<= >>(<= >>r+z&(?P[^@]+)@.*\.gserviceaccount\.comcntj|}|st|dz|jdS)Nr\id)_SERVICE_ACCOUNT_RErArr^rbs r,rPrPOs?  % %&; <'  *>? @@ t r+ctjdd}tj|}|jj |}t j|jS)zCoverts project number to project id. Args: project_number: (str) The project number as a string. Returns: The project id. r!r ) projectId) r GetClientInstanceCRM_MESSAGE_MODULE&CloudresourcemanagerProjectsGetRequestprojectsr!r/ ensure_textrh)r[resource_managerreqrs r,raraWs\++,BDIAA B #  % % ) )# .' ** ++r+cZtj|xstj|Sr6)r_rAr`)rTs r,rOrOgs, $ * *+@ A @ " ( ()> ?Ar+ctjdd} tj|}|jj |y#t j$rYywxYw)zTests if service account email. Args: service_account_name: (str) Service account resource name. Returns: True if the service account exists. rr r/TF)r riIAM_MESSAGE_MODULE$IamProjectsServiceAccountsGetRequestprojects_serviceAccountsr!apitools_exceptionsHttpNotFoundError)rr requests r,rNrNlsc  " "5$ /' EE !F#G $$((1   . . s1A A A c$tjdd} tj|}tj ||}|j j tjd|z|y#tj$rYywxYw)zCreate an account if it does not already exist. Args: display_name: (str) Display name. account_id: (str) User account id. project: (str) Project name. rr ) displayName) accountIdserviceAccountr)r0createServiceAccountRequestN) r rirrServiceAccountCreateServiceAccountRequestrtCreate'IamProjectsServiceAccountsCreateRequestruHttpConflictError) display_namerWrr service_account_msgrws r,rQrQs  " "5$ /'  ,;; <" <<-@=BG $$++BBw&G C MN  . .  sA A99BBctjdd}|jjtj |}t j|||smt jtj|||tj|tj|}|jj|yy)zsAdds a binding. Args: project: (str) Project name. account: (str) User account. role: (str) Role. r!r )resource)policy)rsetIamPolicyRequestN) r rirl GetIamPolicyrj/CloudresourcemanagerProjectsGetIamPolicyRequestrBindingInPolicyAddBindingToIamPolicyBinding/CloudresourcemanagerProjectsSetIamPolicyRequestSetIamPolicyRequest SetIamPolicy)rrJrole crm_clientrros r,rSrSs%%&  $ $,$!r+rceZdZdZdZy) SecretInfoz%Information about a generated secret.c`d|_d|jjddzdz|_y)Nzlocal-development-credential/etc/ryrxz'/local_development_service_account.json)rNrrIrs r,rzSecretInfo.__init__s15D4++33C==:;DIr+N)r&r'r(r)rr*r+r,rrs -J%d&:&:&*&7&7&<&< >?r+c|dtk(rytj|dt}|j ddddy) zAdd volume mount to continer. This method will not modify the CloudSql proxy container. Args: container: (dict) Container yaml as a dict. r0Nrr)r /cloudsqlTr0rWreadOnly)_CLOUD_PROXY_CONTAINER_NAMErr.rrR)r_r volume_mountss r,rz&CloudSqlProxyGenerator.ModifyContainerMsI77 ++$$8M r+N)r&r'r(r)rrrr*r+r,rr9sL$ ?r+rceZdZdZy)SecretsNotAllowedErrorzEError thrown when the deploy is not allowed to access secret manager.Nr%r*r+r,rr`sMr+rc,eZdZdZefdZdZdZdZy)SecretsGeneratorz3Generate kubernetes secrets for referenced secrets.cJtjjjj |_||_||_i|_tjt}|jD]9\}}||j|jfj|j ;|D]}|jsC||j"|jfjt$j&j(R|jD]6} ||j"|jfj| j 8|jD]6\\} } } t+j,| t/| | |j| <8||_||_y)N)r0versionsrL)rrr rr!r"rhsecret_volumes all_secrets collections defaultdictrrOr0rLaddrHrNrSpecialVersion MOUNT_ALLrSecretManagerSecret frozensetrtrv) r_rh env_secretsrrtrvsecrets_builderrxrr\rNrLrs r,rzSecretsGenerator.__init__hsh #))..66::>vzzJ)! \\++V-A-ABCGG  * * 4 4 6LLD 6--!//1 225#dhh-! !3B2G2G2I.$mh&-&A&AX&%''d{#3J DN 4Dr+c|jsgS|jturg}|jjD]>\}}|jr|j |j.|j |@d}dj |}tjr=tj||r&tjjdd|_|jr|jtur tdtj|j t#|jj%|j&S)NzThis config references secrets stored in secret manager. Continuing will fetch the secret values and download the secrets to your local machine.z)Fetch secrets from secret manager for {}?rKzRYou can skip this message in the future by passing the flag --allow-secret-managerTzConfig requires secrets but access to secret manager was not allowed. Replace secrets with environment variables or allow secret manager with --allow-secret-manager to proceed.)rrvrrOrLrRrr CanPromptrRrrrrr BuildSecretsr"rrrt)r_ requestedrHsec secrets_msgrLs r,rzSecretsGenerator.CreateConfigss2    i   $55i&&,,.(#s      3,, -   3  / :k 6 <  PPr+c|dd|jk7ry|jsytj|dt}|jD].}t ||j |j|j0y)Nrr0r) rhrrr.r_AddSecretVolumeByNamerNr0rO)r_r5rrs r,rz!SecretsGenerator.ModifyDeploymentst*f%):)::    %%j&M&*,G%%Wf&8&8&++#\\+&r+c|ddj|jk7ry|jsytj|dt }|jD]#}t ||j|j%y)Nr0z {}-containerr) rrhrrr.r_AddVolumeMountr0rM)r_rrrs r,rz SecretsGenerator.ModifyContainersjN11$2C2CDD     $ $Y0A4 HF%%ffkk6+<+<=&r+N) r&r'r(r)rrrrrr*r+r,rres!;%6 5BPB +>r+rz1.16cbtdtzdgdddj|zd|zgddd gd S) Nz!gcr.io/cloudsql-docker/gce-proxy:z/cloud_sql_proxyz-dir=/cloudsqlz -instances=,z-credential_file=rr)r0rW)r0ricommandrr)r_CLOUD_SQL_PROXY_VERSIONjoin) instances secret_paths r,rrsP)25MM$% MCHHY,??  + "   r+zY apiVersion: v1 kind: Secret metadata: name: local-development-credential type: Opaque ctjjtjj t |dz}tjtjd|}tjj|rtj|Sdj||}tj|ddt!j"dd }|j$}|j'||j)|j(j*j,  }|j.j1|}tj2||j4t7j8|j4S) zCreate a service account key. Args: service_account_name: Name of service acccount. Returns: The contents of the generated private key file as a string. z.jsonLOCAL_CREDENTIAL_PATHaCreating a user-managed service account key for {service_account_name}. This service account key will be the default credential pointed to by GOOGLE_APPLICATION_CREDENTIALS in the local development environment. The user is responsible for the storage,rotation, and deletion of this key. A copy of this key will be stored at {local_key_path}. Only use service accounts from a test project. Do not use service accounts from a production project.)rlocal_key_pathz Continue?T)rrL cancel_on_norr )privateKeyType)r0createServiceAccountKeyRequest)r~rIrrPathsglobal_config_dir _Utf8ToBase64rGetEncodedValueenvironrVrReadFileContentsrrrRr riMESSAGES_MODULE+IamProjectsServiceAccountsKeysCreateRequestCreateServiceAccountKeyRequestPrivateKeyTypeValueValuesEnumTYPE_GOOGLE_CREDENTIALS_FILEprojects_serviceAccounts_keysrWriteFileContentsprivateKeyDatar/rm)rdefault_credential_pathcredential_file_path warning_msgr message_modulecreate_key_requestrHs r,rrscGGLL lln&&()G35"11"**2I2IKWW^^()  ! !"6 77?AG*>$8AGA: 4I  " "5$ /'**.@@#)7 ) )+JJ,,-I-I * KAL --445GH#.0B0BC ++ ,,r+cXtjt}dt|i|d<|S)zCreate a kubernetes yaml spec for a secret. Args: key: (str) The private key as a JSON string. Returns: Dictionary representing yaml dictionary. z&local_development_service_account.jsondata)rr+_SECRET_TEMPLATEr )rH yaml_configs r,rrs1 *++. c0B+f r+c t|||y)N)rN volume_name)r)rrNs r,rr s ;KAr+c Ntfd|Dry|xsgDcgc]-}tj|j|j/}}|j t jtjtj||ycc}w)a'Add a secret volume to a list of volumes. Args: volumes: (list[dict]) List of volume specifications. secret_name: (str) Name of the secret. volume_name: (str) Name of the volume to add. items: (list[_SecretPath]) Optional list of SecretPaths to map on the filesystem. c3.K|] }|dk(ywr0Nr*).0rrs r, z)_AddSecretVolumeByName../s=W6; &WNrG)rSrO)r0r) anyr KeyToPathrHrIrRr MessageToDictVolumeSecretVolumeSource)rrNrrOsecpath items_lsts ` r,rr%s =W== krk!'## ',,#G!  ..##  $ $(;;( <; % <=> s2B"c Ft||d|jddzy)zAdd a secret volume mount. Args: mounts: (list[dict]) List of volume mount dictionaries. secret_name: (str) Name of the secret. rryrx) mount_namerMN)rr)rrNs r,rr=s' ;..sC88:r+ctfd|Drytj|d}|jt j |y)Nc3.K|] }|dk(ywr"r*)r#rXr.s r,r$z"_AddVolumeMount..Ks9&uV} $&r%Tr)r&r VolumeMountrRrr()rr.rMrXs ` r,rrJsG9&99  ) ) d * <%----e45r+cDdd|Dvr|jd|dyy)a6Adds a environmental variable that points to the secret file. Add a environment varible where GOOGLE_APPLICATION_CREDENTIALS is the name and the path to the secret file is the value. Args: envs: (list[dict]) List of dictionaries with a name entry and value entry. path: (str) Path to secret. GOOGLE_APPLICATION_CREDENTIALSc3&K|] }|d ywr"r*)r#rs r,r$z#_AddSecretEnvVar..\s-JTcc&kTsr>N)rR)rrIs r,rrRs*&-JT-JJKK9DIJKr+cxtjtjtj|S)z*Encode a utf-8 string as a base 64 string.)r/rmbase64 b64encode ensure_binary)ss r,r r `s' ))#*;*;A*>? @@r+c|jddj}ttj}|ddt |z |z}d}||k7r|}||fS)Nrxr)rrrrrr)r0new_nameumappeds r,rVrVesa \\#s # ) ) +( $**,! msSV| $q (( &  F 6 r+)NNNFr6)yr) __future__rrrrr6rrr~os.pathr@rapitools.base.pyrrrugooglecloudsdk.api_lib.appr rgooglecloudsdk.api_lib.runr r rgooglecloudsdk.api_lib.utilr rrgooglecloudsdk.calliopergooglecloudsdk.command_lib.authrgooglecloudsdk.command_lib.coderrrrrgooglecloudsdk.command_lib.iamrgooglecloudsdk.command_lib.runrgooglecloudsdk.corerrrrgooglecloudsdk.core.consolergooglecloudsdk.core.utilrrr/GetMessagesModulerrrjrrBrBobjectr TypeErrorr$ DataObjectr.r4r@rDrFrKrdrgrrrrrr,r-r1r7r9r;rFrHrYcompiler]r_r`rMrfrPrarOrNrQrSrrrrrrrrrrrrrrrrrrrrrr rVr*r+r,rRsC&%'   ,>N9=,A(5426373:&*#*$2-* +T++E48+T++,BDI,d,,UD98+ H6)6J11 **?*?  F ,*''*1J))*1Z +J)) +x(z$$x(v F6 &<"# * '#$$( $"&&+ (V  9&*%T)bjj@B (RZZDF &2::DF>2!bjj!JK , A & ,*.!&!H%!/%!P<< 2.---<0$0$NZ-- [>*[>|"  .-b  A >0 :6 KA r+