diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index 58fcbeee..c701359f 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -13,5 +13,5 @@ # limitations under the License. docker: image: gcr.io/cloud-devrel-public-resources/owlbot-python:latest - digest: sha256:c8878270182edaab99f2927969d4f700c3af265accd472c3425deedff2b7fd93 -# created: 2022-07-14T01:58:16.015625351Z + digest: sha256:c6c965a4bf40c19011b11f87dbc801a66d3a23fbc6704102be064ef31c51f1c3 +# created: 2022-08-09T15:58:56.463048506Z diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index b46d7305..7092a139 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -10,7 +10,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - name: Setup Python - uses: actions/setup-python@v3 + uses: actions/setup-python@v4 with: python-version: "3.10" - name: Install nox @@ -26,7 +26,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - name: Setup Python - uses: actions/setup-python@v3 + uses: actions/setup-python@v4 with: python-version: "3.10" - name: Install nox diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index f512a496..d2aee5b7 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -10,7 +10,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - name: Setup Python - uses: actions/setup-python@v3 + uses: actions/setup-python@v4 with: python-version: "3.10" - name: Install nox diff --git a/.github/workflows/unittest.yml b/.github/workflows/unittest.yml index 5531b014..87ade4d5 100644 --- a/.github/workflows/unittest.yml +++ b/.github/workflows/unittest.yml @@ -13,7 +13,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - name: Setup Python - uses: actions/setup-python@v3 + uses: actions/setup-python@v4 with: python-version: ${{ matrix.python }} - name: Install nox @@ -39,7 +39,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - name: Setup Python - uses: actions/setup-python@v3 + uses: actions/setup-python@v4 with: python-version: "3.10" - name: Install coverage diff --git a/CHANGELOG.md b/CHANGELOG.md index e47d8292..00e205a6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,20 @@ [1]: https://pypi.org/project/google-cloud-securitycenter/#history +## [1.13.0](https://github.com/googleapis/python-securitycenter/compare/v1.12.0...v1.13.0) (2022-08-12) + + +### Features + +* Added container field to findings attributes ([#353](https://github.com/googleapis/python-securitycenter/issues/353)) ([027a423](https://github.com/googleapis/python-securitycenter/commit/027a42305267381aa280d2a94665b26b08156f18)) +* Added kubernetes field to findings attribute. This field is populated only when the container is a kubernetes cluster explicitly ([027a423](https://github.com/googleapis/python-securitycenter/commit/027a42305267381aa280d2a94665b26b08156f18)) + + +### Bug Fixes + +* **deps:** allow protobuf < 5.0.0 ([#362](https://github.com/googleapis/python-securitycenter/issues/362)) ([eb521a8](https://github.com/googleapis/python-securitycenter/commit/eb521a8a12b53688420ec5eafcd8892ce1adfd78)) +* **deps:** require proto-plus >= 1.22.0 ([eb521a8](https://github.com/googleapis/python-securitycenter/commit/eb521a8a12b53688420ec5eafcd8892ce1adfd78)) + ## [1.12.0](https://github.com/googleapis/python-securitycenter/compare/v1.11.1...v1.12.0) (2022-07-17) diff --git a/google/cloud/securitycenter/__init__.py b/google/cloud/securitycenter/__init__.py index c92bf1f4..96c9c171 100644 --- a/google/cloud/securitycenter/__init__.py +++ b/google/cloud/securitycenter/__init__.py @@ -26,6 +26,7 @@ from google.cloud.securitycenter_v1.types.compliance import Compliance from google.cloud.securitycenter_v1.types.connection import Connection from google.cloud.securitycenter_v1.types.contact_details import Contact, ContactDetails +from google.cloud.securitycenter_v1.types.container import Container from google.cloud.securitycenter_v1.types.exfiltration import ( ExfilResource, Exfiltration, @@ -36,6 +37,8 @@ from google.cloud.securitycenter_v1.types.folder import Folder from google.cloud.securitycenter_v1.types.iam_binding import IamBinding from google.cloud.securitycenter_v1.types.indicator import Indicator +from google.cloud.securitycenter_v1.types.kubernetes import Kubernetes +from google.cloud.securitycenter_v1.types.label import Label from google.cloud.securitycenter_v1.types.mitre_attack import MitreAttack from google.cloud.securitycenter_v1.types.mute_config import MuteConfig from google.cloud.securitycenter_v1.types.notification_config import NotificationConfig @@ -115,6 +118,7 @@ "Connection", "Contact", "ContactDetails", + "Container", "ExfilResource", "Exfiltration", "ExternalSystem", @@ -123,6 +127,8 @@ "Folder", "IamBinding", "Indicator", + "Kubernetes", + "Label", "MitreAttack", "MuteConfig", "NotificationConfig", diff --git a/google/cloud/securitycenter_v1/__init__.py b/google/cloud/securitycenter_v1/__init__.py index 1c989b55..5ace4aff 100644 --- a/google/cloud/securitycenter_v1/__init__.py +++ b/google/cloud/securitycenter_v1/__init__.py @@ -21,6 +21,7 @@ from .types.compliance import Compliance from .types.connection import Connection from .types.contact_details import Contact, ContactDetails +from .types.container import Container from .types.exfiltration import ExfilResource, Exfiltration from .types.external_system import ExternalSystem from .types.file import File @@ -28,6 +29,8 @@ from .types.folder import Folder from .types.iam_binding import IamBinding from .types.indicator import Indicator +from .types.kubernetes import Kubernetes +from .types.label import Label from .types.mitre_attack import MitreAttack from .types.mute_config import MuteConfig from .types.notification_config import NotificationConfig @@ -96,6 +99,7 @@ "Connection", "Contact", "ContactDetails", + "Container", "CreateBigQueryExportRequest", "CreateFindingRequest", "CreateMuteConfigRequest", @@ -126,6 +130,8 @@ "GroupResult", "IamBinding", "Indicator", + "Kubernetes", + "Label", "ListAssetsRequest", "ListAssetsResponse", "ListBigQueryExportsRequest", diff --git a/google/cloud/securitycenter_v1/services/security_center/async_client.py b/google/cloud/securitycenter_v1/services/security_center/async_client.py index d7d5a114..f435de24 100644 --- a/google/cloud/securitycenter_v1/services/security_center/async_client.py +++ b/google/cloud/securitycenter_v1/services/security_center/async_client.py @@ -45,9 +45,15 @@ bigquery_export, compliance, connection, + container, exfiltration, ) -from google.cloud.securitycenter_v1.types import iam_binding, indicator, mitre_attack +from google.cloud.securitycenter_v1.types import ( + iam_binding, + indicator, + kubernetes, + mitre_attack, +) from google.cloud.securitycenter_v1.types import process, run_asset_discovery_response from google.cloud.securitycenter_v1.types import external_system as gcs_external_system from google.cloud.securitycenter_v1.types import ( diff --git a/google/cloud/securitycenter_v1/services/security_center/client.py b/google/cloud/securitycenter_v1/services/security_center/client.py index ae5eb0bd..9e8575b7 100644 --- a/google/cloud/securitycenter_v1/services/security_center/client.py +++ b/google/cloud/securitycenter_v1/services/security_center/client.py @@ -48,9 +48,15 @@ bigquery_export, compliance, connection, + container, exfiltration, ) -from google.cloud.securitycenter_v1.types import iam_binding, indicator, mitre_attack +from google.cloud.securitycenter_v1.types import ( + iam_binding, + indicator, + kubernetes, + mitre_attack, +) from google.cloud.securitycenter_v1.types import process, run_asset_discovery_response from google.cloud.securitycenter_v1.types import external_system as gcs_external_system from google.cloud.securitycenter_v1.types import ( diff --git a/google/cloud/securitycenter_v1/types/__init__.py b/google/cloud/securitycenter_v1/types/__init__.py index 8303395e..4cf851e8 100644 --- a/google/cloud/securitycenter_v1/types/__init__.py +++ b/google/cloud/securitycenter_v1/types/__init__.py @@ -19,6 +19,7 @@ from .compliance import Compliance from .connection import Connection from .contact_details import Contact, ContactDetails +from .container import Container from .exfiltration import ExfilResource, Exfiltration from .external_system import ExternalSystem from .file import File @@ -26,6 +27,8 @@ from .folder import Folder from .iam_binding import IamBinding from .indicator import Indicator +from .kubernetes import Kubernetes +from .label import Label from .mitre_attack import MitreAttack from .mute_config import MuteConfig from .notification_config import NotificationConfig @@ -92,6 +95,7 @@ "Connection", "Contact", "ContactDetails", + "Container", "ExfilResource", "Exfiltration", "ExternalSystem", @@ -100,6 +104,8 @@ "Folder", "IamBinding", "Indicator", + "Kubernetes", + "Label", "MitreAttack", "MuteConfig", "NotificationConfig", diff --git a/google/cloud/securitycenter_v1/types/container.py b/google/cloud/securitycenter_v1/types/container.py new file mode 100644 index 00000000..d0fee0ce --- /dev/null +++ b/google/cloud/securitycenter_v1/types/container.py @@ -0,0 +1,67 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +from google.cloud.securitycenter_v1.types import label + +__protobuf__ = proto.module( + package="google.cloud.securitycenter.v1", + manifest={ + "Container", + }, +) + + +class Container(proto.Message): + r"""Container associated with the finding. + + Attributes: + name (str): + Container name. + uri (str): + Container image URI provided when configuring + a pod/container. May identify a container image + version using mutable tags. + image_id (str): + Optional container image id, when provided by + the container runtime. Uniquely identifies the + container image launched using a container image + digest. + labels (Sequence[google.cloud.securitycenter_v1.types.Label]): + Container labels, as provided by the + container runtime. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + uri = proto.Field( + proto.STRING, + number=2, + ) + image_id = proto.Field( + proto.STRING, + number=3, + ) + labels = proto.RepeatedField( + proto.MESSAGE, + number=4, + message=label.Label, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/google/cloud/securitycenter_v1/types/finding.py b/google/cloud/securitycenter_v1/types/finding.py index 9793c9e5..47939de9 100644 --- a/google/cloud/securitycenter_v1/types/finding.py +++ b/google/cloud/securitycenter_v1/types/finding.py @@ -17,7 +17,12 @@ from google.protobuf import timestamp_pb2 # type: ignore import proto # type: ignore -from google.cloud.securitycenter_v1.types import compliance, connection, contact_details +from google.cloud.securitycenter_v1.types import ( + compliance, + connection, + contact_details, + container, +) from google.cloud.securitycenter_v1.types import exfiltration as gcs_exfiltration from google.cloud.securitycenter_v1.types import mitre_attack as gcs_mitre_attack from google.cloud.securitycenter_v1.types import security_marks as gcs_security_marks @@ -25,6 +30,7 @@ from google.cloud.securitycenter_v1.types import access as gcs_access from google.cloud.securitycenter_v1.types import external_system, iam_binding from google.cloud.securitycenter_v1.types import indicator as gcs_indicator +from google.cloud.securitycenter_v1.types import kubernetes as gcs_kubernetes from google.cloud.securitycenter_v1.types import process __protobuf__ = proto.module( @@ -188,6 +194,13 @@ class Finding(proto.Message): Finding. next_steps (str): Next steps associate to the finding. + containers (Sequence[google.cloud.securitycenter_v1.types.Container]): + Containers associated with the finding. + containers provides information for both + Kubernetes and non-Kubernetes containers. + kubernetes (google.cloud.securitycenter_v1.types.Kubernetes): + Kubernetes resources associated with the + finding. """ class State(proto.Enum): @@ -359,6 +372,16 @@ class FindingClass(proto.Enum): proto.STRING, number=40, ) + containers = proto.RepeatedField( + proto.MESSAGE, + number=42, + message=container.Container, + ) + kubernetes = proto.Field( + proto.MESSAGE, + number=43, + message=gcs_kubernetes.Kubernetes, + ) __all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/google/cloud/securitycenter_v1/types/kubernetes.py b/google/cloud/securitycenter_v1/types/kubernetes.py new file mode 100644 index 00000000..bda87b63 --- /dev/null +++ b/google/cloud/securitycenter_v1/types/kubernetes.py @@ -0,0 +1,312 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +from google.cloud.securitycenter_v1.types import container, label + +__protobuf__ = proto.module( + package="google.cloud.securitycenter.v1", + manifest={ + "Kubernetes", + }, +) + + +class Kubernetes(proto.Message): + r"""Kubernetes related attributes. + + Attributes: + pods (Sequence[google.cloud.securitycenter_v1.types.Kubernetes.Pod]): + Kubernetes Pods associated with the finding. + This field will contain Pod records for each + container that is owned by a Pod. + nodes (Sequence[google.cloud.securitycenter_v1.types.Kubernetes.Node]): + Provides Kubernetes Node information. + node_pools (Sequence[google.cloud.securitycenter_v1.types.Kubernetes.NodePool]): + GKE Node Pools associated with the finding. + This field will contain NodePool information for + each Node, when it is available. + roles (Sequence[google.cloud.securitycenter_v1.types.Kubernetes.Role]): + Provides Kubernetes role information for + findings that involve Roles or ClusterRoles. + bindings (Sequence[google.cloud.securitycenter_v1.types.Kubernetes.Binding]): + Provides Kubernetes role binding information + for findings that involve RoleBindings or + ClusterRoleBindings. + access_reviews (Sequence[google.cloud.securitycenter_v1.types.Kubernetes.AccessReview]): + Provides information on any Kubernetes access + reviews (i.e. privilege checks) relevant to the + finding. + """ + + class Pod(proto.Message): + r"""Kubernetes Pod. + + Attributes: + ns (str): + Kubernetes Pod namespace. + name (str): + Kubernetes Pod name. + labels (Sequence[google.cloud.securitycenter_v1.types.Label]): + Pod labels. For Kubernetes containers, these + are applied to the container. + containers (Sequence[google.cloud.securitycenter_v1.types.Container]): + Pod containers associated with this finding, + if any. + """ + + ns = proto.Field( + proto.STRING, + number=1, + ) + name = proto.Field( + proto.STRING, + number=2, + ) + labels = proto.RepeatedField( + proto.MESSAGE, + number=3, + message=label.Label, + ) + containers = proto.RepeatedField( + proto.MESSAGE, + number=4, + message=container.Container, + ) + + class Node(proto.Message): + r"""Kubernetes Nodes associated with the finding. + + Attributes: + name (str): + Full Resource name of the Compute Engine VM + running the cluster node. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + class NodePool(proto.Message): + r"""Provides GKE Node Pool information. + + Attributes: + name (str): + Kubernetes Node pool name. + nodes (Sequence[google.cloud.securitycenter_v1.types.Kubernetes.Node]): + Nodes associated with the finding. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + nodes = proto.RepeatedField( + proto.MESSAGE, + number=2, + message="Kubernetes.Node", + ) + + class Role(proto.Message): + r"""Kubernetes Role or ClusterRole. + + Attributes: + kind (google.cloud.securitycenter_v1.types.Kubernetes.Role.Kind): + Role type. + ns (str): + Role namespace. + name (str): + Role name. + """ + + class Kind(proto.Enum): + r"""Types of Kubernetes roles.""" + KIND_UNSPECIFIED = 0 + ROLE = 1 + CLUSTER_ROLE = 2 + + kind = proto.Field( + proto.ENUM, + number=1, + enum="Kubernetes.Role.Kind", + ) + ns = proto.Field( + proto.STRING, + number=2, + ) + name = proto.Field( + proto.STRING, + number=3, + ) + + class Binding(proto.Message): + r"""Represents a Kubernetes RoleBinding or ClusterRoleBinding. + + Attributes: + ns (str): + Namespace for binding. + name (str): + Name for binding. + role (google.cloud.securitycenter_v1.types.Kubernetes.Role): + The Role or ClusterRole referenced by the + binding. + subjects (Sequence[google.cloud.securitycenter_v1.types.Kubernetes.Subject]): + Represents the subjects(s) bound to the role. + Not always available for PATCH requests. + """ + + ns = proto.Field( + proto.STRING, + number=1, + ) + name = proto.Field( + proto.STRING, + number=2, + ) + role = proto.Field( + proto.MESSAGE, + number=3, + message="Kubernetes.Role", + ) + subjects = proto.RepeatedField( + proto.MESSAGE, + number=4, + message="Kubernetes.Subject", + ) + + class Subject(proto.Message): + r"""Represents a Kubernetes Subject. + + Attributes: + kind (google.cloud.securitycenter_v1.types.Kubernetes.Subject.AuthType): + Authentication type for subject. + ns (str): + Namespace for subject. + name (str): + Name for subject. + """ + + class AuthType(proto.Enum): + r"""Auth types that can be used for Subject's kind field.""" + AUTH_TYPE_UNSPECIFIED = 0 + USER = 1 + SERVICEACCOUNT = 2 + GROUP = 3 + + kind = proto.Field( + proto.ENUM, + number=1, + enum="Kubernetes.Subject.AuthType", + ) + ns = proto.Field( + proto.STRING, + number=2, + ) + name = proto.Field( + proto.STRING, + number=3, + ) + + class AccessReview(proto.Message): + r"""Conveys information about a Kubernetes access review (e.g. + kubectl auth can-i ...) that was involved in a finding. + + Attributes: + group (str): + Group is the API Group of the Resource. "*" means all. + ns (str): + Namespace of the action being requested. + Currently, there is no distinction between no + namespace and all namespaces. Both are + represented by "" (empty). + name (str): + Name is the name of the resource being + requested. Empty means all. + resource (str): + Resource is the optional resource type requested. "*" means + all. + subresource (str): + Subresource is the optional subresource type. + verb (str): + Verb is a Kubernetes resource API verb, like: get, list, + watch, create, update, delete, proxy. "*" means all. + version (str): + Version is the API Version of the Resource. "*" means all. + """ + + group = proto.Field( + proto.STRING, + number=1, + ) + ns = proto.Field( + proto.STRING, + number=2, + ) + name = proto.Field( + proto.STRING, + number=3, + ) + resource = proto.Field( + proto.STRING, + number=4, + ) + subresource = proto.Field( + proto.STRING, + number=5, + ) + verb = proto.Field( + proto.STRING, + number=6, + ) + version = proto.Field( + proto.STRING, + number=7, + ) + + pods = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=Pod, + ) + nodes = proto.RepeatedField( + proto.MESSAGE, + number=2, + message=Node, + ) + node_pools = proto.RepeatedField( + proto.MESSAGE, + number=3, + message=NodePool, + ) + roles = proto.RepeatedField( + proto.MESSAGE, + number=4, + message=Role, + ) + bindings = proto.RepeatedField( + proto.MESSAGE, + number=5, + message=Binding, + ) + access_reviews = proto.RepeatedField( + proto.MESSAGE, + number=6, + message=AccessReview, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/google/cloud/securitycenter_v1/types/label.py b/google/cloud/securitycenter_v1/types/label.py new file mode 100644 index 00000000..c3bfb3e5 --- /dev/null +++ b/google/cloud/securitycenter_v1/types/label.py @@ -0,0 +1,48 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +__protobuf__ = proto.module( + package="google.cloud.securitycenter.v1", + manifest={ + "Label", + }, +) + + +class Label(proto.Message): + r"""Label represents a generic name=value label. Label has + separate name and value fields to support filtering with + contains(). + + Attributes: + name (str): + Label name. + value (str): + Label value. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + value = proto.Field( + proto.STRING, + number=2, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/google/cloud/securitycenter_v1/types/mitre_attack.py b/google/cloud/securitycenter_v1/types/mitre_attack.py index 7de0015b..75186211 100644 --- a/google/cloud/securitycenter_v1/types/mitre_attack.py +++ b/google/cloud/securitycenter_v1/types/mitre_attack.py @@ -108,6 +108,7 @@ class Technique(proto.Enum): DATA_DESTRUCTION = 29 DOMAIN_POLICY_MODIFICATION = 30 IMPAIR_DEFENSES = 31 + NETWORK_SERVICE_DISCOVERY = 32 primary_tactic = proto.Field( proto.ENUM, diff --git a/google/cloud/securitycenter_v1beta1/services/security_center/async_client.py b/google/cloud/securitycenter_v1beta1/services/security_center/async_client.py index 7b1bcab0..6db9a0b9 100644 --- a/google/cloud/securitycenter_v1beta1/services/security_center/async_client.py +++ b/google/cloud/securitycenter_v1beta1/services/security_center/async_client.py @@ -1491,9 +1491,6 @@ async def sample_run_asset_discovery(): } - The JSON representation for Empty is empty JSON - object {}. - """ # Create or coerce a protobuf request object. # Quick check: If we got a request object, we should *not* have diff --git a/google/cloud/securitycenter_v1beta1/services/security_center/client.py b/google/cloud/securitycenter_v1beta1/services/security_center/client.py index 863016af..fdfb6b92 100644 --- a/google/cloud/securitycenter_v1beta1/services/security_center/client.py +++ b/google/cloud/securitycenter_v1beta1/services/security_center/client.py @@ -1703,9 +1703,6 @@ def sample_run_asset_discovery(): } - The JSON representation for Empty is empty JSON - object {}. - """ # Create or coerce a protobuf request object. # Quick check: If we got a request object, we should *not* have diff --git a/noxfile.py b/noxfile.py index 94b2f9c2..cc39f3b8 100644 --- a/noxfile.py +++ b/noxfile.py @@ -334,7 +334,8 @@ def prerelease_deps(session): # Install all dependencies session.install("-e", ".[all, tests, tracing]") - session.install(*UNIT_TEST_STANDARD_DEPENDENCIES) + unit_deps_all = UNIT_TEST_STANDARD_DEPENDENCIES + UNIT_TEST_EXTERNAL_DEPENDENCIES + session.install(*unit_deps_all) system_deps_all = ( SYSTEM_TEST_STANDARD_DEPENDENCIES + SYSTEM_TEST_EXTERNAL_DEPENDENCIES @@ -363,12 +364,6 @@ def prerelease_deps(session): session.install(*constraints_deps) - if os.path.exists("samples/snippets/requirements.txt"): - session.install("-r", "samples/snippets/requirements.txt") - - if os.path.exists("samples/snippets/requirements-test.txt"): - session.install("-r", "samples/snippets/requirements-test.txt") - prerel_deps = [ "protobuf", # dependency of grpc @@ -405,11 +400,19 @@ def prerelease_deps(session): system_test_folder_path = os.path.join("tests", "system") # Only run system tests if found. - if os.path.exists(system_test_path) or os.path.exists(system_test_folder_path): - session.run("py.test", "tests/system") - - snippets_test_path = os.path.join("samples", "snippets") - - # Only run samples tests if found. - if os.path.exists(snippets_test_path): - session.run("py.test", "samples/snippets") + if os.path.exists(system_test_path): + session.run( + "py.test", + "--verbose", + f"--junitxml=system_{session.python}_sponge_log.xml", + system_test_path, + *session.posargs, + ) + if os.path.exists(system_test_folder_path): + session.run( + "py.test", + "--verbose", + f"--junitxml=system_{session.python}_sponge_log.xml", + system_test_folder_path, + *session.posargs, + ) diff --git a/samples/snippets/requirements-test.txt b/samples/snippets/requirements-test.txt index 838e63f6..66b222a0 100644 --- a/samples/snippets/requirements-test.txt +++ b/samples/snippets/requirements-test.txt @@ -1,2 +1,2 @@ pytest==7.1.2 -google-cloud-bigquery==3.1.0 +google-cloud-bigquery==3.3.1 diff --git a/samples/snippets/requirements.txt b/samples/snippets/requirements.txt index ab256ebc..ab1b6652 100644 --- a/samples/snippets/requirements.txt +++ b/samples/snippets/requirements.txt @@ -1,2 +1,2 @@ -google-cloud-pubsub==2.13.0 -google-cloud-securitycenter==1.11.1 \ No newline at end of file +google-cloud-pubsub==2.13.6 +google-cloud-securitycenter==1.12.0 \ No newline at end of file diff --git a/setup.py b/setup.py index 5a644e43..6ea00727 100644 --- a/setup.py +++ b/setup.py @@ -21,13 +21,13 @@ name = "google-cloud-securitycenter" description = "Cloud Security Command Center API client library" -version = "1.12.0" +version = "1.13.0" release_status = "Development Status :: 5 - Production/Stable" dependencies = [ "google-api-core[grpc] >= 1.32.0, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", "grpc-google-iam-v1 >= 0.12.4, <1.0.0dev", - "proto-plus >= 1.15.0, <2.0.0dev", - "protobuf >= 3.19.0, <4.0.0dev", + "proto-plus >= 1.22.0, <2.0.0dev", + "protobuf >= 3.19.0, <5.0.0dev", ] extras = {"libcst": "libcst >= 0.2.5"} diff --git a/testing/constraints-3.7.txt b/testing/constraints-3.7.txt index 39a7c58e..ed0460d8 100644 --- a/testing/constraints-3.7.txt +++ b/testing/constraints-3.7.txt @@ -7,6 +7,6 @@ # Then this file should have foo==1.14.0 google-api-core==1.32.0 grpc-google-iam-v1==0.12.4 -proto-plus==1.15.0 +proto-plus==1.22.0 libcst==0.2.5 protobuf==3.19.0 diff --git a/tests/unit/gapic/securitycenter_v1/test_security_center.py b/tests/unit/gapic/securitycenter_v1/test_security_center.py index 968e09a5..fe8e0da6 100644 --- a/tests/unit/gapic/securitycenter_v1/test_security_center.py +++ b/tests/unit/gapic/securitycenter_v1/test_security_center.py @@ -66,9 +66,16 @@ compliance, connection, contact_details, + container, exfiltration, ) -from google.cloud.securitycenter_v1.types import iam_binding, indicator, mitre_attack +from google.cloud.securitycenter_v1.types import ( + iam_binding, + indicator, + kubernetes, + label, + mitre_attack, +) from google.cloud.securitycenter_v1.types import process, run_asset_discovery_response from google.cloud.securitycenter_v1.types import external_system as gcs_external_system from google.cloud.securitycenter_v1.types import (