def _AddLoggingMetadata(self, messages, args, log_config):
if args.IsSpecified('logging_metadata'):
if log_config is None or not log_config.enable:
raise calliope_exceptions.InvalidArgumentException(
'--logging-metadata',
'cannot toggle logging metadata if logging is not enabled.')
log_config.metadata = flags.GetLoggingMetadataArg(
messages).GetEnumForChoice(args.logging_metadata)
def Modify(self, client, args, existing, cleared_fields):
new_firewall = super(AlphaUpdateFirewall,
self).Modify(client, args, existing,
cleared_fields)
if args.IsSpecified('logging_metadata'):
log_config = encoding.CopyProtoMessage(existing.logConfig)
if log_config is None or not log_config.enable:
raise calliope_exceptions.InvalidArgumentException(
'--logging-metadata',
'cannot toggle logging metadata if logging is not enabled.'
)
log_config.metadata = flags.GetLoggingMetadataArg(
client.messages).GetEnumForChoice(args.logging_metadata)
new_firewall.logConfig = log_config
return new_firewall
def _CreateFirewall(self, holder, args):
client = holder.client
firewall, project = super(AlphaCreate,
self)._CreateFirewall(holder, args)
if args.IsSpecified('logging_metadata') and not args.enable_logging:
raise exceptions.InvalidArgumentException(
'--logging-metadata',
'cannot toggle logging metadata if logging is not enabled.')
if args.IsSpecified('enable_logging'):
log_config = client.messages.FirewallLogConfig(
enable=args.enable_logging)
if args.IsSpecified('logging_metadata'):
log_config.metadata = flags.GetLoggingMetadataArg(
client.messages).GetEnumForChoice(args.logging_metadata)
firewall.logConfig = log_config
return firewall, project
def _CreateFirewall(self, holder, args):
client = holder.client
if args.rules and args.allow:
raise firewalls_utils.ArgumentValidationError(
'Can NOT specify --rules and --allow in the same request.')
if bool(args.action) ^ bool(args.rules):
raise firewalls_utils.ArgumentValidationError(
'Must specify --rules with --action.')
allowed = firewalls_utils.ParseRules(args.allow, client.messages,
firewalls_utils.ActionType.ALLOW)
network_ref = self.NETWORK_ARG.ResolveAsResource(
args, holder.resources)
firewall_ref = self.FIREWALL_RULE_ARG.ResolveAsResource(
args, holder.resources)
firewall = client.messages.Firewall(allowed=allowed,
name=firewall_ref.Name(),
description=args.description,
network=network_ref.SelfLink(),
sourceRanges=args.source_ranges,
sourceTags=args.source_tags,
targetTags=args.target_tags)
if args.disabled is not None:
firewall.disabled = args.disabled
firewall.direction = None
if args.direction and args.direction in ['EGRESS', 'OUT']:
firewall.direction = (
client.messages.Firewall.DirectionValueValuesEnum.EGRESS)
else:
firewall.direction = (
client.messages.Firewall.DirectionValueValuesEnum.INGRESS)
firewall.priority = args.priority
firewall.destinationRanges = args.destination_ranges
allowed = []
denied = []
if not args.action:
allowed = firewalls_utils.ParseRules(
args.allow, client.messages, firewalls_utils.ActionType.ALLOW)
elif args.action == 'ALLOW':
allowed = firewalls_utils.ParseRules(
args.rules, client.messages, firewalls_utils.ActionType.ALLOW)
elif args.action == 'DENY':
denied = firewalls_utils.ParseRules(
args.rules, client.messages, firewalls_utils.ActionType.DENY)
firewall.allowed = allowed
firewall.denied = denied
firewall.sourceServiceAccounts = args.source_service_accounts
firewall.targetServiceAccounts = args.target_service_accounts
if args.IsSpecified('logging_metadata') and not args.enable_logging:
raise exceptions.InvalidArgumentException(
'--logging-metadata',
'cannot toggle logging metadata if logging is not enabled.')
if args.IsSpecified('enable_logging'):
log_config = client.messages.FirewallLogConfig(
enable=args.enable_logging)
if args.IsSpecified('logging_metadata'):
log_config.metadata = flags.GetLoggingMetadataArg(
client.messages).GetEnumForChoice(args.logging_metadata)
firewall.logConfig = log_config
return firewall, firewall_ref.project