DdZddlmZddlmZddlmZddlmZddlmZddlm Z ddl mZddl m Z dd l m Z dd l mZdd lmZdd lmZdd lmZddlmZddlmZddlmZej2ej4j6Gddej8Zy)zRevoke a certificate.)absolute_import)division)unicode_literals)base)certificate_utils) request_utils) exceptions)flags) resource_args)concept_parsers)presentation_specs)log) resources) console_io)timesc6eZdZdZedZedZdZy)RevokeagRevoke a certificate. Revokes the given certificate for the given reason. ## EXAMPLES To revoke the 'frontend-server-tls' certificate due to key compromise: $ {command} \ --certificate=frontend-server-tls \ --issuer-pool=my-pool --issuer-location=us-west1 \ --reason=key_compromise To revoke the a certificate with the serial number '7dc1d9186372de2e1f4824abb1c4c9e5e43cbb40' due to a newer one being issued: $ {command} \ --serial-number=7dc1d9186372de2e1f4824abb1c4c9e5e43cbb40 \ --issuer-pool=my-pool --issuer-location=us-west1 \ --reason=superseded c |jddd}tjddj|t j t jdtjdd d d d d | t jd tjddddgj|tj|y)NTzThe certificate identifier.)mutexrequiredhelp--serial-numberz%The serial number of the certificate.)r --certificate certificatezThe certificate to revoke.)z issuer-poolissuer-locationproject)flag_name_overridesgroup --issuer-poolzIssuing CA poolrz1The issuing CA pool of the certificate to revoke.F)r) add_grouprArgument AddToParserr ConceptParserr ResourcePresentationSpecr CreateCertResourceSpecCreateCaPoolResourceSpecr AddRevocationReasonFlag)parserid_groups ,lib/surface/privateca/certificates/revoke.pyArgsz Revoke.Args<sT(E H MM Gk(!!33   0 0 ? (!#%!   33   2 2!#4  @  #({6 !!&)c|jjj}|r|S|jdst j dd|jj j}|st j ddd}|jdrNtjj|j||j|j|jdS|jd rKtj||j}tjj|j| St j d d gd )zHGets the certificate resource to be revoked based on the specified args. issuer_poolr zZThe issuing CA pool is required if a full resource name is not provided for --certificate.zyThe issuer flag is not fully specified. Please add the --issuer-location flag or specify the issuer's full resource name.z1privateca.projects.locations.caPools.certificatesr) projectsId locationsId caPoolsId) collectionparams serial_number)r3rrzPTo revoke a Certificate, please provide either its resource ID or serial number.)CONCEPTSrParse IsSpecifiedr RequiredArgumentExceptionr/rREGISTRYr0r1r2rGetCertificateBySerialNumr5nameOneOfArgumentsRequiredException)argscert_ref issuer_refcert_collection_namers r+ParseCertificateResourcezRevoke.ParseCertificateResource\s`}}((..0H o   M *  0 0 - **002J   0 0  O  &    % %   )&11'33%// & (%?? d((k   % %   ';&  4 4 +,  r-c 0tj|}tjdj |j ds t jjdytj|j}tjd}tjd}|jj|j!|j |j#|t%j&}t)j*|j,j.}t jjd j |j0t)j2|t(j4 y) Nz(You are about to revoke Certificate [{}]T)messagedefaultzAborted by user.v1) api_version)reason requestId)r<revokeCertificateRequestzRevoked certificate [{}] at {}.)tzinfo)rrBrPromptContinueformat RelativeNamerstatusPrintr ParseRevocationChoiceToEnumrHprivateca_baseGetClientInstanceGetMessagesModule'projects_locations_caPools_certificates:PrivatecaProjectsLocationsCaPoolsCertificatesRevokeRequestRevokeCertificateRequestrGenerateRequestIdr ParseDateTimerevocationDetailsrevocationTimer<FormatDateTimeLOCAL)selfr>r?rHclientmessagesr revoke_times r+Runz Revoke.RunsC..t4H  $ $:AA  ! ! #     jj)*  . .t{{ ;F  - -$ ?F//DAH@@GGKK&&(%-%F%F)H)H)J&G& L K%%%%44KJJ)00     U[[ A r-N)__name__ __module__ __qualname____doc__ staticmethodr,rBrbr-r+rr$s5,**>77r"r-rN)rf __future__rrr googlecloudsdk.api_lib.privatecarrRrrgooglecloudsdk.callioper $googlecloudsdk.command_lib.privatecar r (googlecloudsdk.command_lib.util.conceptsr r googlecloudsdk.corerrgooglecloudsdk.core.consolergooglecloudsdk.core.utilr ReleaseTracks ReleaseTrackGA SilentCommandrrhr-r+rusw&'C>:(.6>DG#)2*D%%(()ST  S*Sr-