From c64abfb69fa15638852ccfe43554d2fe15160310 Mon Sep 17 00:00:00 2001 From: Vijaykanth Melugiri Date: Tue, 12 Nov 2024 20:20:07 +0000 Subject: [PATCH 1/8] Add Resource v2 Assets Security Marks --- .../vtwo/assets/AddDeleteSecurityMarks.java | 83 ++++++++++ .../vtwo/assets/AddSecurityMarksToAssets.java | 89 ++++++++++ .../assets/DeleteAssetsSecurityMarks.java | 81 +++++++++ .../test/java/vtwo/AssetSecurityMarksIT.java | 155 ++++++++++++++++++ 4 files changed, 408 insertions(+) create mode 100644 security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java create mode 100644 security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java create mode 100644 security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java create mode 100644 security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java b/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java new file mode 100644 index 00000000000..9ec84613110 --- /dev/null +++ b/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java @@ -0,0 +1,83 @@ +/* + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package vtwo.assets; + +import java.io.IOException; + +import com.google.cloud.securitycenter.v2.SecurityCenterClient; +import com.google.cloud.securitycenter.v2.SecurityMarks; +import com.google.cloud.securitycenter.v2.UpdateSecurityMarksRequest; +import com.google.protobuf.FieldMask; + +//[START securitycenter_add_delete_security_marks_assets_v2] + + +public class AddDeleteSecurityMarks { + public static void main(String[] args) throws IOException { + // organizationId: Google Cloud Organization id. + String organizationId = "{google-cloud-organization-id}"; + + // Specify the finding-id. + String assetId = "{asset-id}"; + + // Specify the location. + String location = "global"; + + addDeleteSecurityMarks(organizationId, location, assetId); + } + + // Demonstrates adding/updating at the same time as deleting security + // marks from an asset. + // To add or change security marks, you must have an IAM role that includes permission: + public static SecurityMarks addDeleteSecurityMarks(String organizationId, + String location, String assetId) throws IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. + SecurityCenterClient client = SecurityCenterClient.create(); + + // Specify the value of 'assetName' in one of the following formats: + // String assetName = "organizations/{org-id}/assets/{asset-id}"; + // String assetName = "projects/{project-id}/assets/{asset-id}"; + // String assetName = "folders/{folder-id}/assets/{asset-id}"; + String assetName = String.format("organizations/%s/assets/%s", organizationId, assetId); + + // Start setting up a request to clear and update security marks for an asset. + // Create security mark and field mask for clearing security marks. + SecurityMarks securityMarks = SecurityMarks.newBuilder() + .setName(assetName + "/securityMarks") + .putMarks("key_a", "new_value_for_a") + .build(); + + FieldMask updateMask = FieldMask.newBuilder() + .addPaths("marks.key_a") + .addPaths("marks.key_b") + .build(); + + UpdateSecurityMarksRequest request = UpdateSecurityMarksRequest.newBuilder() + .setSecurityMarks(securityMarks) + .setUpdateMask(updateMask) + .build(); + + // Call the API. + SecurityMarks response = client.updateSecurityMarks(request); + + System.out.println("Security Marks updated and cleared::" + response); + return response; + } +} + +//[END securitycenter_add_delete_security_marks_assets_v2] diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java b/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java new file mode 100644 index 00000000000..86468dd7358 --- /dev/null +++ b/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java @@ -0,0 +1,89 @@ +/* + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package vtwo.assets; + +// [START securitycenter_add_security_marks_assets_v2] + +import autovalue.shaded.com.google.common.collect.ImmutableMap; +import com.google.cloud.securitycenter.v2.SecurityCenterClient; +import com.google.cloud.securitycenter.v2.SecurityMarks; +import com.google.cloud.securitycenter.v2.UpdateSecurityMarksRequest; +import com.google.protobuf.FieldMask; +import java.io.IOException; + +public class AddSecurityMarksToAssets { + + public static void main(String[] args) throws IOException { + // organizationId: Google Cloud Organization id. + String organizationId = "{google-cloud-organization-id}"; + + // Specify the finding-id. + String assetId = "{asset-id}"; + + // Specify the location. + String location = "global"; + + addToAsset(organizationId, location, assetId); + } + + // Demonstrates adding security marks to findings. + // To add or change security marks, you must have an IAM role that includes permission: + public static SecurityMarks addToAsset(String organizationId, + String location, String assetId) throws IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. + SecurityCenterClient client = SecurityCenterClient.create(); + + // Specify the value of 'assetName' in one of the following formats: + // String assetName = "organizations/{org-id}/assets/{asset-id}"; + // String assetName = "projects/{project-id}/assets/{asset-id}"; + // String assetName = "folders/{folder-id}/assets/{asset-id}"; + String assetName = String.format("organizations/%s/assets/%s", organizationId, assetId); + + // Start setting up a request to add security marks for a finding. + ImmutableMap markMap = ImmutableMap.of("key_a", "value_a", "key_b", "value_b"); + + // Add security marks and field mask for security marks. + SecurityMarks securityMarks = SecurityMarks.newBuilder() + .setName(assetName + "/securityMarks") + .putAllMarks(markMap) + .build(); + + // Set the update mask to specify which properties should be updated. + // If empty, all mutable fields will be updated. + // For more info on constructing field mask path, see the proto or: + // https://cloud.google.com/java/docs/reference/protobuf/latest/com.google.protobuf.FieldMask + FieldMask updateMask = FieldMask.newBuilder() + .addPaths("marks.key_a") + .addPaths("marks.key_b") + .build(); + + UpdateSecurityMarksRequest request = UpdateSecurityMarksRequest.newBuilder() + .setSecurityMarks(securityMarks) + .setUpdateMask(updateMask) + .build(); + + // Call the API. + SecurityMarks response = client.updateSecurityMarks(request); + + System.out.println("Security Marks:" + response); + return response; + } +} + + +// [END securitycenter_add_security_marks_assets_v2] diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java b/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java new file mode 100644 index 00000000000..cec6155857d --- /dev/null +++ b/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java @@ -0,0 +1,81 @@ +/* + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package vtwo.assets; + +import java.io.IOException; + +import com.google.cloud.securitycenter.v2.SecurityCenterClient; +import com.google.cloud.securitycenter.v2.SecurityMarks; +import com.google.cloud.securitycenter.v2.UpdateSecurityMarksRequest; +import com.google.protobuf.FieldMask; + +//[START securitycenter_delete_security_marks_assets_v2] + +public class DeleteAssetsSecurityMarks { + public static void main(String[] args) throws IOException { + // organizationId: Google Cloud Organization id. + String organizationId = "{google-cloud-organization-id}"; + + // Specify the asset-id. + String assetId = "{asset-id}"; + + // Specify the location. + String location = "global"; + + deleteSecurityMarks(organizationId, location, assetId); + } + + // Demonstrates deleting security marks on an asset. + // To add or change security marks, you must have an IAM role that includes permission: + public static SecurityMarks deleteSecurityMarks(String organizationId, + String location, String assetId) throws IOException { + // Initialize client that will be used to send requests. This client only needs to be created + // once, and can be reused for multiple requests. + SecurityCenterClient client = SecurityCenterClient.create(); + + // Specify the value of 'assetName' in one of the following formats: + // String assetName = "organizations/{org-id}/assets/{asset-id}"; + // String assetName = "projects/{project-id}/assets/{asset-id}"; + // String assetName = "folders/{folder-id}/assets/{asset-id}"; + String assetName = String.format("organizations/%s/assets/%s", organizationId, assetId); + + // Start setting up a request to clear and update security marks for an asset. + // Create security mark and field mask for clearing security marks. + SecurityMarks securityMarks = SecurityMarks.newBuilder() + .setName(assetName + "/securityMarks") + .build(); + + FieldMask updateMask = FieldMask.newBuilder() + .addPaths("marks.key_a") + .addPaths("marks.key_b") + .build(); + + UpdateSecurityMarksRequest request = UpdateSecurityMarksRequest.newBuilder() + .setSecurityMarks(securityMarks) + .setUpdateMask(updateMask) + .build(); + + // Call the API. + SecurityMarks response = client.updateSecurityMarks(request); + + System.out.println("Security Marks cleared::" + response); + return response; + } +} + +//[END securitycenter_delete_security_marks_assets_v2] + diff --git a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java new file mode 100644 index 00000000000..1d92dfcb5c6 --- /dev/null +++ b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java @@ -0,0 +1,155 @@ +/* + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package vtwo; + +import static com.google.common.truth.Truth.assertThat; +import static junit.framework.TestCase.assertFalse; +import static junit.framework.TestCase.assertTrue; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.PrintStream; +import java.util.concurrent.TimeUnit; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import org.junit.After; +import org.junit.AfterClass; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Rule; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.JUnit4; + +import com.google.api.gax.rpc.InvalidArgumentException; +import com.google.cloud.securitycenter.v1.Asset; +import com.google.cloud.securitycenter.v1.ListAssetsRequest; +import com.google.cloud.securitycenter.v1.SecurityCenterClient; +import com.google.cloud.securitycenter.v2.OrganizationName; +import com.google.cloud.securitycenter.v2.SecurityMarks; +import com.google.cloud.testing.junit4.MultipleAttemptsRule; + +import vtwo.assets.AddDeleteSecurityMarks; +import vtwo.assets.AddSecurityMarksToAssets; +import vtwo.assets.DeleteAssetsSecurityMarks; + +@RunWith(JUnit4.class) +public class AssetSecurityMarksIT { + + private static final String ORGANIZATION_ID = System.getenv("SCC_PROJECT_ORG_ID"); + private static final String LOCATION = "global"; + private static String assetId, assetName; + private static ByteArrayOutputStream stdOut; + + @Rule + public final MultipleAttemptsRule multipleAttemptsRule = new MultipleAttemptsRule(3, 120000); // 2 minutes + + // Check if the required environment variables are set. + public static void requireEnvVar(String envVarName) { + assertThat(System.getenv(envVarName)).isNotEmpty(); + } + + // Extracts the asset ID from a full resource name. + private static String extractAssetId(String assetPath) { + // Pattern to match the asset ID at the end of the resource name. + Pattern pattern = Pattern.compile("assets/(\\d+)$"); + Matcher matcher = pattern.matcher(assetPath); + if (matcher.find()) { + return matcher.group(1); + } + return assetPath; + } + +@SuppressWarnings("deprecation") +@BeforeClass + public static void setUp() throws IOException, InterruptedException { + final PrintStream out = System.out; + stdOut = new ByteArrayOutputStream(); + System.setOut(new PrintStream(stdOut)); + + requireEnvVar("GOOGLE_APPLICATION_CREDENTIALS"); + + // Fetch a valid asset ID dynamically + try (SecurityCenterClient client = SecurityCenterClient.create()) { + OrganizationName orgName = OrganizationName.of(ORGANIZATION_ID); + ListAssetsRequest request = ListAssetsRequest.newBuilder() + .setParent(orgName.toString()) + .setPageSize(1) + .build(); + + Asset asset = client.listAssets(request).iterateAll().iterator().next().getAsset(); + assetName = asset.getName(); // Get the full resource name for the asset + assetId = extractAssetId(assetName); + } catch (InvalidArgumentException e) { + System.err.println("Error retrieving asset ID: " + e.getMessage()); + throw e; + } + + stdOut = null; + System.setOut(out); + TimeUnit.MINUTES.sleep(1); + } + + @Before + public void beforeEach() { + stdOut = new ByteArrayOutputStream(); + System.setOut(new PrintStream(stdOut)); + } + + @After + public void afterEach() { + stdOut = null; + System.setOut(null); + } + + @AfterClass + public static void cleanUp() { + System.setOut(System.out); + } + + @Test + public void testAddSecurityMarksToAsset() throws IOException { + SecurityMarks response = AddSecurityMarksToAssets.addToAsset( + ORGANIZATION_ID, LOCATION, assetId); + + assertTrue(response.getMarksOrThrow("key_a").contains("value_a")); + assertTrue(response.getMarksOrThrow("key_b").contains("value_b")); + } + + @Test + public void testDeleteSecurityMarksOnAsset() throws IOException { + SecurityMarks response = DeleteAssetsSecurityMarks.deleteSecurityMarks( + ORGANIZATION_ID, LOCATION, assetId); + + assertFalse(response.containsMarks("key_a")); + assertFalse(response.containsMarks("key_b")); + } + + @Test + public void testAddAndDeleteSecurityMarks() throws IOException { + SecurityMarks response = AddDeleteSecurityMarks.addDeleteSecurityMarks( + ORGANIZATION_ID, LOCATION, assetId); + + // Assert update for key_a + assertTrue(response.getMarksOrThrow("key_a").contains("new_value_for_a")); + + // Assert deletion for key_b + assertFalse(response.getMarksMap().containsKey("key_b")); + } +} + From 8c769828d380444098fa2a5cb47f1a28253690d4 Mon Sep 17 00:00:00 2001 From: Vijaykanth Melugiri Date: Wed, 13 Nov 2024 18:34:49 +0000 Subject: [PATCH 2/8] lint fixes --- .../vtwo/assets/AddDeleteSecurityMarks.java | 4 +- .../vtwo/assets/AddSecurityMarksToAssets.java | 33 +++++----- .../assets/DeleteAssetsSecurityMarks.java | 3 +- .../test/java/vtwo/AssetSecurityMarksIT.java | 61 +++++++++---------- 4 files changed, 46 insertions(+), 55 deletions(-) diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java b/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java index 9ec84613110..b19c2b743cd 100644 --- a/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java +++ b/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java @@ -16,16 +16,14 @@ package vtwo.assets; -import java.io.IOException; - import com.google.cloud.securitycenter.v2.SecurityCenterClient; import com.google.cloud.securitycenter.v2.SecurityMarks; import com.google.cloud.securitycenter.v2.UpdateSecurityMarksRequest; import com.google.protobuf.FieldMask; +import java.io.IOException; //[START securitycenter_add_delete_security_marks_assets_v2] - public class AddDeleteSecurityMarks { public static void main(String[] args) throws IOException { // organizationId: Google Cloud Organization id. diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java b/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java index 86468dd7358..09d9529d4eb 100644 --- a/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java +++ b/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java @@ -42,8 +42,8 @@ public static void main(String[] args) throws IOException { // Demonstrates adding security marks to findings. // To add or change security marks, you must have an IAM role that includes permission: - public static SecurityMarks addToAsset(String organizationId, - String location, String assetId) throws IOException { + public static SecurityMarks addToAsset(String organizationId, String location, String assetId) + throws IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. SecurityCenterClient client = SecurityCenterClient.create(); @@ -53,37 +53,36 @@ public static SecurityMarks addToAsset(String organizationId, // String assetName = "projects/{project-id}/assets/{asset-id}"; // String assetName = "folders/{folder-id}/assets/{asset-id}"; String assetName = String.format("organizations/%s/assets/%s", organizationId, assetId); - + // Start setting up a request to add security marks for a finding. ImmutableMap markMap = ImmutableMap.of("key_a", "value_a", "key_b", "value_b"); // Add security marks and field mask for security marks. - SecurityMarks securityMarks = SecurityMarks.newBuilder() - .setName(assetName + "/securityMarks") - .putAllMarks(markMap) - .build(); + SecurityMarks securityMarks = + SecurityMarks.newBuilder() + .setName(assetName + "/securityMarks") + .putAllMarks(markMap) + .build(); // Set the update mask to specify which properties should be updated. // If empty, all mutable fields will be updated. // For more info on constructing field mask path, see the proto or: // https://cloud.google.com/java/docs/reference/protobuf/latest/com.google.protobuf.FieldMask - FieldMask updateMask = FieldMask.newBuilder() - .addPaths("marks.key_a") - .addPaths("marks.key_b") - .build(); + FieldMask updateMask = + FieldMask.newBuilder().addPaths("marks.key_a").addPaths("marks.key_b").build(); - UpdateSecurityMarksRequest request = UpdateSecurityMarksRequest.newBuilder() - .setSecurityMarks(securityMarks) - .setUpdateMask(updateMask) - .build(); + UpdateSecurityMarksRequest request = + UpdateSecurityMarksRequest.newBuilder() + .setSecurityMarks(securityMarks) + .setUpdateMask(updateMask) + .build(); // Call the API. SecurityMarks response = client.updateSecurityMarks(request); System.out.println("Security Marks:" + response); return response; - } + } } - // [END securitycenter_add_security_marks_assets_v2] diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java b/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java index cec6155857d..0899d8f59c4 100644 --- a/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java +++ b/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java @@ -16,12 +16,11 @@ package vtwo.assets; -import java.io.IOException; - import com.google.cloud.securitycenter.v2.SecurityCenterClient; import com.google.cloud.securitycenter.v2.SecurityMarks; import com.google.cloud.securitycenter.v2.UpdateSecurityMarksRequest; import com.google.protobuf.FieldMask; +import java.io.IOException; //[START securitycenter_delete_security_marks_assets_v2] diff --git a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java index 1d92dfcb5c6..481774ae528 100644 --- a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java +++ b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java @@ -26,7 +26,13 @@ import java.util.concurrent.TimeUnit; import java.util.regex.Matcher; import java.util.regex.Pattern; - +import com.google.api.gax.rpc.InvalidArgumentException; +import com.google.cloud.securitycenter.v1.Asset; +import com.google.cloud.securitycenter.v1.ListAssetsRequest; +import com.google.cloud.securitycenter.v1.SecurityCenterClient; +import com.google.cloud.securitycenter.v2.OrganizationName; +import com.google.cloud.securitycenter.v2.SecurityMarks; +import com.google.cloud.testing.junit4.MultipleAttemptsRule; import org.junit.After; import org.junit.AfterClass; import org.junit.Before; @@ -35,15 +41,6 @@ import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.JUnit4; - -import com.google.api.gax.rpc.InvalidArgumentException; -import com.google.cloud.securitycenter.v1.Asset; -import com.google.cloud.securitycenter.v1.ListAssetsRequest; -import com.google.cloud.securitycenter.v1.SecurityCenterClient; -import com.google.cloud.securitycenter.v2.OrganizationName; -import com.google.cloud.securitycenter.v2.SecurityMarks; -import com.google.cloud.testing.junit4.MultipleAttemptsRule; - import vtwo.assets.AddDeleteSecurityMarks; import vtwo.assets.AddSecurityMarksToAssets; import vtwo.assets.DeleteAssetsSecurityMarks; @@ -57,7 +54,8 @@ public class AssetSecurityMarksIT { private static ByteArrayOutputStream stdOut; @Rule - public final MultipleAttemptsRule multipleAttemptsRule = new MultipleAttemptsRule(3, 120000); // 2 minutes + public final MultipleAttemptsRule multipleAttemptsRule = + new MultipleAttemptsRule(3, 120000); // 2 minutes // Check if the required environment variables are set. public static void requireEnvVar(String envVarName) { @@ -74,9 +72,9 @@ private static String extractAssetId(String assetPath) { } return assetPath; } - -@SuppressWarnings("deprecation") -@BeforeClass + + @SuppressWarnings("deprecation") + @BeforeClass public static void setUp() throws IOException, InterruptedException { final PrintStream out = System.out; stdOut = new ByteArrayOutputStream(); @@ -86,20 +84,18 @@ public static void setUp() throws IOException, InterruptedException { // Fetch a valid asset ID dynamically try (SecurityCenterClient client = SecurityCenterClient.create()) { - OrganizationName orgName = OrganizationName.of(ORGANIZATION_ID); - ListAssetsRequest request = ListAssetsRequest.newBuilder() - .setParent(orgName.toString()) - .setPageSize(1) - .build(); - - Asset asset = client.listAssets(request).iterateAll().iterator().next().getAsset(); - assetName = asset.getName(); // Get the full resource name for the asset - assetId = extractAssetId(assetName); + OrganizationName orgName = OrganizationName.of(ORGANIZATION_ID); + ListAssetsRequest request = + ListAssetsRequest.newBuilder().setParent(orgName.toString()).setPageSize(1).build(); + + Asset asset = client.listAssets(request).iterateAll().iterator().next().getAsset(); + assetName = asset.getName(); // Get the full resource name for the asset + assetId = extractAssetId(assetName); } catch (InvalidArgumentException e) { - System.err.println("Error retrieving asset ID: " + e.getMessage()); - throw e; + System.err.println("Error retrieving asset ID: " + e.getMessage()); + throw e; } - + stdOut = null; System.setOut(out); TimeUnit.MINUTES.sleep(1); @@ -124,8 +120,8 @@ public static void cleanUp() { @Test public void testAddSecurityMarksToAsset() throws IOException { - SecurityMarks response = AddSecurityMarksToAssets.addToAsset( - ORGANIZATION_ID, LOCATION, assetId); + SecurityMarks response = + AddSecurityMarksToAssets.addToAsset(ORGANIZATION_ID, LOCATION, assetId); assertTrue(response.getMarksOrThrow("key_a").contains("value_a")); assertTrue(response.getMarksOrThrow("key_b").contains("value_b")); @@ -133,8 +129,8 @@ public void testAddSecurityMarksToAsset() throws IOException { @Test public void testDeleteSecurityMarksOnAsset() throws IOException { - SecurityMarks response = DeleteAssetsSecurityMarks.deleteSecurityMarks( - ORGANIZATION_ID, LOCATION, assetId); + SecurityMarks response = + DeleteAssetsSecurityMarks.deleteSecurityMarks(ORGANIZATION_ID, LOCATION, assetId); assertFalse(response.containsMarks("key_a")); assertFalse(response.containsMarks("key_b")); @@ -142,8 +138,8 @@ public void testDeleteSecurityMarksOnAsset() throws IOException { @Test public void testAddAndDeleteSecurityMarks() throws IOException { - SecurityMarks response = AddDeleteSecurityMarks.addDeleteSecurityMarks( - ORGANIZATION_ID, LOCATION, assetId); + SecurityMarks response = + AddDeleteSecurityMarks.addDeleteSecurityMarks(ORGANIZATION_ID, LOCATION, assetId); // Assert update for key_a assertTrue(response.getMarksOrThrow("key_a").contains("new_value_for_a")); @@ -152,4 +148,3 @@ public void testAddAndDeleteSecurityMarks() throws IOException { assertFalse(response.getMarksMap().containsKey("key_b")); } } - From 1d4693b56446a558c763084ad3b509391b27117a Mon Sep 17 00:00:00 2001 From: Vijaykanth Melugiri Date: Wed, 13 Nov 2024 18:48:12 +0000 Subject: [PATCH 3/8] refactor the imports order in test file: --- .../src/test/java/vtwo/AssetSecurityMarksIT.java | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java index 481774ae528..bef3ac672be 100644 --- a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java +++ b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java @@ -20,12 +20,6 @@ import static junit.framework.TestCase.assertFalse; import static junit.framework.TestCase.assertTrue; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.PrintStream; -import java.util.concurrent.TimeUnit; -import java.util.regex.Matcher; -import java.util.regex.Pattern; import com.google.api.gax.rpc.InvalidArgumentException; import com.google.cloud.securitycenter.v1.Asset; import com.google.cloud.securitycenter.v1.ListAssetsRequest; @@ -33,6 +27,12 @@ import com.google.cloud.securitycenter.v2.OrganizationName; import com.google.cloud.securitycenter.v2.SecurityMarks; import com.google.cloud.testing.junit4.MultipleAttemptsRule; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.PrintStream; +import java.util.concurrent.TimeUnit; +import java.util.regex.Matcher; +import java.util.regex.Pattern; import org.junit.After; import org.junit.AfterClass; import org.junit.Before; From 406c411d3b21cb7a4ed9119664cc11a13cdb2a89 Mon Sep 17 00:00:00 2001 From: Vijaykanth Melugiri Date: Wed, 13 Nov 2024 18:54:28 +0000 Subject: [PATCH 4/8] Lint being petty about variable declarations --- .../snippets/src/test/java/vtwo/AssetSecurityMarksIT.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java index bef3ac672be..5d0dc79123f 100644 --- a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java +++ b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java @@ -50,7 +50,8 @@ public class AssetSecurityMarksIT { private static final String ORGANIZATION_ID = System.getenv("SCC_PROJECT_ORG_ID"); private static final String LOCATION = "global"; - private static String assetId, assetName; + private static String assetId; + private static String assetName; private static ByteArrayOutputStream stdOut; @Rule From 38f9e26e9e5cb21ebcaf0e49a97f1f5e76b86ef8 Mon Sep 17 00:00:00 2001 From: Vijaykanth Melugiri Date: Fri, 31 Jan 2025 23:19:07 +0000 Subject: [PATCH 5/8] Address comments --- .../vtwo/assets/AddDeleteSecurityMarks.java | 75 +++++++--------- .../vtwo/assets/AddSecurityMarksToAssets.java | 88 ++++++++----------- .../assets/DeleteAssetsSecurityMarks.java | 74 +++++++--------- .../test/java/vtwo/AssetSecurityMarksIT.java | 87 +++++++++--------- .../src/test/resources/static_asset.json | 31 +++++++ 5 files changed, 177 insertions(+), 178 deletions(-) create mode 100644 security-command-center/snippets/src/test/resources/static_asset.json diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java b/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java index b19c2b743cd..6451f1ad4f0 100644 --- a/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java +++ b/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java @@ -14,6 +14,7 @@ * limitations under the License. */ +// [START securitycenter_add_delete_security_marks_assets_v2] package vtwo.assets; import com.google.cloud.securitycenter.v2.SecurityCenterClient; @@ -22,60 +23,52 @@ import com.google.protobuf.FieldMask; import java.io.IOException; -//[START securitycenter_add_delete_security_marks_assets_v2] - public class AddDeleteSecurityMarks { public static void main(String[] args) throws IOException { // organizationId: Google Cloud Organization id. - String organizationId = "{google-cloud-organization-id}"; - - // Specify the finding-id. - String assetId = "{asset-id}"; + String organizationId = "ORGANIZATION_ID"; - // Specify the location. - String location = "global"; + // Specify the asset id. + String assetId = "ASSET_ID"; - addDeleteSecurityMarks(organizationId, location, assetId); + addAndDeleteSecurityMarks(organizationId, assetId); } - // Demonstrates adding/updating at the same time as deleting security - // marks from an asset. - // To add or change security marks, you must have an IAM role that includes permission: - public static SecurityMarks addDeleteSecurityMarks(String organizationId, - String location, String assetId) throws IOException { + public static SecurityMarks addAndDeleteSecurityMarks(String organizationId, String assetId) + throws IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. - SecurityCenterClient client = SecurityCenterClient.create(); + try (SecurityCenterClient client = SecurityCenterClient.create()) { - // Specify the value of 'assetName' in one of the following formats: - // String assetName = "organizations/{org-id}/assets/{asset-id}"; - // String assetName = "projects/{project-id}/assets/{asset-id}"; - // String assetName = "folders/{folder-id}/assets/{asset-id}"; - String assetName = String.format("organizations/%s/assets/%s", organizationId, assetId); + // Specify the value of 'assetName' in one of the following formats: + // String assetName = "organizations/{org-id}/assets/{asset-id}"; + String assetName = String.format("organizations/%s/assets/%s", organizationId, assetId); - // Start setting up a request to clear and update security marks for an asset. - // Create security mark and field mask for clearing security marks. - SecurityMarks securityMarks = SecurityMarks.newBuilder() - .setName(assetName + "/securityMarks") - .putMarks("key_a", "new_value_for_a") - .build(); + // Start setting up a request to clear and update security marks for an asset. + // Create security mark and field mask for clearing security marks. + SecurityMarks securityMarks = + SecurityMarks.newBuilder() + .setName(assetName + "/securityMarks") + .putMarks("key_a", "new_value_for_a") + .putMarks("key_b", "new_value_for_b") + .build(); - FieldMask updateMask = FieldMask.newBuilder() - .addPaths("marks.key_a") - .addPaths("marks.key_b") - .build(); + // Define the paths in the updateMask that correspond to the keys being updated in + // securityMarks. + FieldMask updateMask = + FieldMask.newBuilder().addPaths("marks.key_a").addPaths("marks.key_b").build(); - UpdateSecurityMarksRequest request = UpdateSecurityMarksRequest.newBuilder() - .setSecurityMarks(securityMarks) - .setUpdateMask(updateMask) - .build(); + // Create the request to update security marks. + UpdateSecurityMarksRequest request = + UpdateSecurityMarksRequest.newBuilder() + .setSecurityMarks(securityMarks) + .setUpdateMask(updateMask) + .build(); - // Call the API. - SecurityMarks response = client.updateSecurityMarks(request); - - System.out.println("Security Marks updated and cleared::" + response); - return response; + // Call the API and return the response. + SecurityMarks response = client.updateSecurityMarks(request); + return response; + } } } - -//[END securitycenter_add_delete_security_marks_assets_v2] +// [END securitycenter_add_delete_security_marks_assets_v2] diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java b/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java index 09d9529d4eb..abfdc03a947 100644 --- a/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java +++ b/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java @@ -14,9 +14,8 @@ * limitations under the License. */ -package vtwo.assets; - // [START securitycenter_add_security_marks_assets_v2] +package vtwo.assets; import autovalue.shaded.com.google.common.collect.ImmutableMap; import com.google.cloud.securitycenter.v2.SecurityCenterClient; @@ -29,59 +28,50 @@ public class AddSecurityMarksToAssets { public static void main(String[] args) throws IOException { // organizationId: Google Cloud Organization id. - String organizationId = "{google-cloud-organization-id}"; + String organizationId = "ORGANIZATION_ID"; - // Specify the finding-id. - String assetId = "{asset-id}"; + // Specify the asset id. + String assetId = "ASSET_ID"; - // Specify the location. - String location = "global"; - - addToAsset(organizationId, location, assetId); + addToAsset(organizationId, assetId); } - // Demonstrates adding security marks to findings. - // To add or change security marks, you must have an IAM role that includes permission: - public static SecurityMarks addToAsset(String organizationId, String location, String assetId) - throws IOException { + public static SecurityMarks addToAsset(String organizationId, String assetId) throws IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. - SecurityCenterClient client = SecurityCenterClient.create(); - - // Specify the value of 'assetName' in one of the following formats: - // String assetName = "organizations/{org-id}/assets/{asset-id}"; - // String assetName = "projects/{project-id}/assets/{asset-id}"; - // String assetName = "folders/{folder-id}/assets/{asset-id}"; - String assetName = String.format("organizations/%s/assets/%s", organizationId, assetId); - - // Start setting up a request to add security marks for a finding. - ImmutableMap markMap = ImmutableMap.of("key_a", "value_a", "key_b", "value_b"); - - // Add security marks and field mask for security marks. - SecurityMarks securityMarks = - SecurityMarks.newBuilder() - .setName(assetName + "/securityMarks") - .putAllMarks(markMap) - .build(); - - // Set the update mask to specify which properties should be updated. - // If empty, all mutable fields will be updated. - // For more info on constructing field mask path, see the proto or: - // https://cloud.google.com/java/docs/reference/protobuf/latest/com.google.protobuf.FieldMask - FieldMask updateMask = - FieldMask.newBuilder().addPaths("marks.key_a").addPaths("marks.key_b").build(); - - UpdateSecurityMarksRequest request = - UpdateSecurityMarksRequest.newBuilder() - .setSecurityMarks(securityMarks) - .setUpdateMask(updateMask) - .build(); - - // Call the API. - SecurityMarks response = client.updateSecurityMarks(request); - - System.out.println("Security Marks:" + response); - return response; + try (SecurityCenterClient client = SecurityCenterClient.create()) { + + // Specify the value of 'assetName' in one of the following formats: + // String assetName = "organizations/{org-id}/assets/{asset-id}"; + String assetName = String.format("organizations/%s/assets/%s", organizationId, assetId); + + // Start setting up a request to add security marks for a finding. + ImmutableMap markMap = ImmutableMap.of("key_a", "value_a", "key_b", "value_b"); + + // Add security marks and field mask for security marks. + SecurityMarks securityMarks = + SecurityMarks.newBuilder() + .setName(assetName + "/securityMarks") + .putAllMarks(markMap) + .build(); + + // Set the update mask to specify which properties should be updated. + // If empty, all mutable fields will be updated. + // For more info on constructing field mask path, see the proto or: + // https://cloud.google.com/java/docs/reference/protobuf/latest/com.google.protobuf.FieldMask + FieldMask updateMask = + FieldMask.newBuilder().addPaths("marks.key_a").addPaths("marks.key_b").build(); + + UpdateSecurityMarksRequest request = + UpdateSecurityMarksRequest.newBuilder() + .setSecurityMarks(securityMarks) + .setUpdateMask(updateMask) + .build(); + + // Call the API and return the response. + SecurityMarks response = client.updateSecurityMarks(request); + return response; + } } } diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java b/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java index 0899d8f59c4..f7c8214bff7 100644 --- a/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java +++ b/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java @@ -14,6 +14,7 @@ * limitations under the License. */ +// [START securitycenter_delete_security_marks_assets_v2] package vtwo.assets; import com.google.cloud.securitycenter.v2.SecurityCenterClient; @@ -22,59 +23,46 @@ import com.google.protobuf.FieldMask; import java.io.IOException; -//[START securitycenter_delete_security_marks_assets_v2] - public class DeleteAssetsSecurityMarks { public static void main(String[] args) throws IOException { // organizationId: Google Cloud Organization id. - String organizationId = "{google-cloud-organization-id}"; + String organizationId = "ORGANIZATION_ID"; // Specify the asset-id. - String assetId = "{asset-id}"; - - // Specify the location. - String location = "global"; + String assetId = "ASSET_ID"; - deleteSecurityMarks(organizationId, location, assetId); + deleteSecurityMarks(organizationId, assetId); } - // Demonstrates deleting security marks on an asset. - // To add or change security marks, you must have an IAM role that includes permission: - public static SecurityMarks deleteSecurityMarks(String organizationId, - String location, String assetId) throws IOException { + public static SecurityMarks deleteSecurityMarks(String organizationId, String assetId) + throws IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. - SecurityCenterClient client = SecurityCenterClient.create(); - - // Specify the value of 'assetName' in one of the following formats: - // String assetName = "organizations/{org-id}/assets/{asset-id}"; - // String assetName = "projects/{project-id}/assets/{asset-id}"; - // String assetName = "folders/{folder-id}/assets/{asset-id}"; - String assetName = String.format("organizations/%s/assets/%s", organizationId, assetId); - - // Start setting up a request to clear and update security marks for an asset. - // Create security mark and field mask for clearing security marks. - SecurityMarks securityMarks = SecurityMarks.newBuilder() - .setName(assetName + "/securityMarks") - .build(); - - FieldMask updateMask = FieldMask.newBuilder() - .addPaths("marks.key_a") - .addPaths("marks.key_b") - .build(); - - UpdateSecurityMarksRequest request = UpdateSecurityMarksRequest.newBuilder() - .setSecurityMarks(securityMarks) - .setUpdateMask(updateMask) - .build(); - - // Call the API. - SecurityMarks response = client.updateSecurityMarks(request); - - System.out.println("Security Marks cleared::" + response); - return response; + try (SecurityCenterClient client = SecurityCenterClient.create()) { + + // Specify the value of 'assetName' in one of the following formats: + // String assetName = "organizations/{org-id}/assets/{asset-id}"; + String assetName = String.format("organizations/%s/assets/%s", organizationId, assetId); + + // Start setting up a request to clear and update security marks for an asset. + // Create security mark and field mask for clearing security marks. + SecurityMarks securityMarks = + SecurityMarks.newBuilder().setName(assetName + "/securityMarks").build(); + + FieldMask updateMask = + FieldMask.newBuilder().addPaths("marks.key_a").addPaths("marks.key_b").build(); + + UpdateSecurityMarksRequest request = + UpdateSecurityMarksRequest.newBuilder() + .setSecurityMarks(securityMarks) + .setUpdateMask(updateMask) + .build(); + + // Call the API. + SecurityMarks response = client.updateSecurityMarks(request); + return response; + } } } -//[END securitycenter_delete_security_marks_assets_v2] - +// [END securitycenter_delete_security_marks_assets_v2] diff --git a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java index 5d0dc79123f..d1145f6d4b8 100644 --- a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java +++ b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java @@ -16,23 +16,18 @@ package vtwo; +// import static org.junit.Assert.assertThat; import static com.google.common.truth.Truth.assertThat; import static junit.framework.TestCase.assertFalse; import static junit.framework.TestCase.assertTrue; -import com.google.api.gax.rpc.InvalidArgumentException; -import com.google.cloud.securitycenter.v1.Asset; -import com.google.cloud.securitycenter.v1.ListAssetsRequest; -import com.google.cloud.securitycenter.v1.SecurityCenterClient; -import com.google.cloud.securitycenter.v2.OrganizationName; -import com.google.cloud.securitycenter.v2.SecurityMarks; -import com.google.cloud.testing.junit4.MultipleAttemptsRule; import java.io.ByteArrayOutputStream; import java.io.IOException; -import java.io.PrintStream; -import java.util.concurrent.TimeUnit; +import java.io.InputStream; +import java.nio.charset.StandardCharsets; import java.util.regex.Matcher; import java.util.regex.Pattern; + import org.junit.After; import org.junit.AfterClass; import org.junit.Before; @@ -41,6 +36,11 @@ import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.JUnit4; + +import com.google.cloud.testing.junit4.MultipleAttemptsRule; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; + import vtwo.assets.AddDeleteSecurityMarks; import vtwo.assets.AddSecurityMarksToAssets; import vtwo.assets.DeleteAssetsSecurityMarks; @@ -49,9 +49,7 @@ public class AssetSecurityMarksIT { private static final String ORGANIZATION_ID = System.getenv("SCC_PROJECT_ORG_ID"); - private static final String LOCATION = "global"; private static String assetId; - private static String assetName; private static ByteArrayOutputStream stdOut; @Rule @@ -64,9 +62,11 @@ public static void requireEnvVar(String envVarName) { } // Extracts the asset ID from a full resource name. + // This regex pattern matches the last segment of the resource name, + // which consists of digits after the final forward slash (e.g., "assets/12345"). private static String extractAssetId(String assetPath) { // Pattern to match the asset ID at the end of the resource name. - Pattern pattern = Pattern.compile("assets/(\\d+)$"); + Pattern pattern = Pattern.compile("assets/([^/]+)$"); Matcher matcher = pattern.matcher(assetPath); if (matcher.find()) { return matcher.group(1); @@ -74,38 +74,38 @@ private static String extractAssetId(String assetPath) { return assetPath; } - @SuppressWarnings("deprecation") @BeforeClass public static void setUp() throws IOException, InterruptedException { - final PrintStream out = System.out; - stdOut = new ByteArrayOutputStream(); - System.setOut(new PrintStream(stdOut)); - - requireEnvVar("GOOGLE_APPLICATION_CREDENTIALS"); - - // Fetch a valid asset ID dynamically - try (SecurityCenterClient client = SecurityCenterClient.create()) { - OrganizationName orgName = OrganizationName.of(ORGANIZATION_ID); - ListAssetsRequest request = - ListAssetsRequest.newBuilder().setParent(orgName.toString()).setPageSize(1).build(); - - Asset asset = client.listAssets(request).iterateAll().iterator().next().getAsset(); - assetName = asset.getName(); // Get the full resource name for the asset - assetId = extractAssetId(assetName); - } catch (InvalidArgumentException e) { - System.err.println("Error retrieving asset ID: " + e.getMessage()); - throw e; + + // Validate required environment variables. + requireEnvVar("SCC_PROJECT_ORG_ID"); + + // Load static_asset.json from resources + // Since there are no APIs to create an Asset + InputStream inputStream = + AssetSecurityMarksIT.class.getClassLoader().getResourceAsStream("static_asset.json"); + + if (inputStream == null) { + throw new IOException("static_asset.json file not found in resources."); } - stdOut = null; - System.setOut(out); - TimeUnit.MINUTES.sleep(1); + // Convert InputStream to String + String jsonContent = new String(inputStream.readAllBytes(), StandardCharsets.UTF_8); + + // Parse JSON (using Gson) + JsonObject jsonObject = JsonParser.parseString(jsonContent).getAsJsonObject(); + + // Extract assetId from mock data + assetId = extractAssetId(jsonObject.get("name").getAsString()); + + if (assetId == null || assetId.isEmpty()) { + throw new IllegalStateException("Asset ID is missing from static_asset.json"); + } } @Before public void beforeEach() { stdOut = new ByteArrayOutputStream(); - System.setOut(new PrintStream(stdOut)); } @After @@ -121,8 +121,8 @@ public static void cleanUp() { @Test public void testAddSecurityMarksToAsset() throws IOException { - SecurityMarks response = - AddSecurityMarksToAssets.addToAsset(ORGANIZATION_ID, LOCATION, assetId); + com.google.cloud.securitycenter.v2.SecurityMarks response = + AddSecurityMarksToAssets.addToAsset(ORGANIZATION_ID, assetId); assertTrue(response.getMarksOrThrow("key_a").contains("value_a")); assertTrue(response.getMarksOrThrow("key_b").contains("value_b")); @@ -130,8 +130,8 @@ public void testAddSecurityMarksToAsset() throws IOException { @Test public void testDeleteSecurityMarksOnAsset() throws IOException { - SecurityMarks response = - DeleteAssetsSecurityMarks.deleteSecurityMarks(ORGANIZATION_ID, LOCATION, assetId); + com.google.cloud.securitycenter.v2.SecurityMarks response = + DeleteAssetsSecurityMarks.deleteSecurityMarks(ORGANIZATION_ID, assetId); assertFalse(response.containsMarks("key_a")); assertFalse(response.containsMarks("key_b")); @@ -139,13 +139,10 @@ public void testDeleteSecurityMarksOnAsset() throws IOException { @Test public void testAddAndDeleteSecurityMarks() throws IOException { - SecurityMarks response = - AddDeleteSecurityMarks.addDeleteSecurityMarks(ORGANIZATION_ID, LOCATION, assetId); + com.google.cloud.securitycenter.v2.SecurityMarks response = + AddDeleteSecurityMarks.addAndDeleteSecurityMarks(ORGANIZATION_ID, assetId); - // Assert update for key_a assertTrue(response.getMarksOrThrow("key_a").contains("new_value_for_a")); - - // Assert deletion for key_b - assertFalse(response.getMarksMap().containsKey("key_b")); + assertTrue(response.getMarksOrThrow("key_b").contains("new_value_for_b")); } } diff --git a/security-command-center/snippets/src/test/resources/static_asset.json b/security-command-center/snippets/src/test/resources/static_asset.json new file mode 100644 index 00000000000..81ad86c107d --- /dev/null +++ b/security-command-center/snippets/src/test/resources/static_asset.json @@ -0,0 +1,31 @@ +{ + "name": "organizations/1081635000895/assets/5259189201668787349", + "security_center_properties": { + "resource_name": "//cloudresourcemanager.googleapis.com/organizations/1081635000895", + "resource_type": "google.cloud.resourcemanager.Organization", + "resource_display_name": "cscc-client-libs-external.joonix.net" + }, + "resource_properties": { + "creationTime": "2019-03-13T21:41:55.851Z", + "displayName": "cscc-client-libs-external.joonix.net", + "lifecycleState": "ACTIVE", + "name": "organizations/1081635000895", + "organizationId": "1081635000895", + "owner": "{\"directoryCustomerId\":\"C03kcf68g\"}" + }, + "security_marks": { + "name": "organizations/1081635000895/assets/5259189201668787349/securityMarks", + "marks": { + "LEASEKEY": "1736624991011382373", + "other": "other_val" + } + }, + "create_time": { + "seconds": 1599734291, + "nanos": 993000000 + }, + "update_time": { + "seconds": 1733948390, + "nanos": 962000000 + } +} From 99eacfcba2b8a739101b63d86ac90b68078bc228 Mon Sep 17 00:00:00 2001 From: Vijaykanth Melugiri Date: Fri, 31 Jan 2025 23:22:08 +0000 Subject: [PATCH 6/8] Update the copyright year in the headers --- .../src/main/java/vtwo/assets/AddDeleteSecurityMarks.java | 2 +- .../src/main/java/vtwo/assets/AddSecurityMarksToAssets.java | 2 +- .../src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java | 2 +- .../snippets/src/test/java/vtwo/AssetSecurityMarksIT.java | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java b/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java index 6451f1ad4f0..b436ee5c7bd 100644 --- a/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java +++ b/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java @@ -1,5 +1,5 @@ /* - * Copyright 2024 Google LLC + * Copyright 2025 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java b/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java index abfdc03a947..643399a6093 100644 --- a/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java +++ b/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java @@ -1,5 +1,5 @@ /* - * Copyright 2024 Google LLC + * Copyright 2025 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java b/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java index f7c8214bff7..bb2fd575af1 100644 --- a/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java +++ b/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java @@ -1,5 +1,5 @@ /* - * Copyright 2024 Google LLC + * Copyright 2025 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java index d1145f6d4b8..fdd27c2bb05 100644 --- a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java +++ b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java @@ -1,5 +1,5 @@ /* - * Copyright 2024 Google LLC + * Copyright 2025 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. From d06981bb649d0d06ad554610d2682bf16b26f597 Mon Sep 17 00:00:00 2001 From: Vijaykanth Melugiri Date: Sun, 2 Feb 2025 20:10:42 +0000 Subject: [PATCH 7/8] Fix Linting --- .../src/main/java/vtwo/assets/AddDeleteSecurityMarks.java | 1 + .../src/main/java/vtwo/assets/AddSecurityMarksToAssets.java | 1 + .../src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java | 1 + .../snippets/src/test/java/vtwo/AssetSecurityMarksIT.java | 5 +---- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java b/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java index b436ee5c7bd..45e522b7c71 100644 --- a/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java +++ b/security-command-center/snippets/src/main/java/vtwo/assets/AddDeleteSecurityMarks.java @@ -15,6 +15,7 @@ */ // [START securitycenter_add_delete_security_marks_assets_v2] + package vtwo.assets; import com.google.cloud.securitycenter.v2.SecurityCenterClient; diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java b/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java index 643399a6093..0216e65d1d1 100644 --- a/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java +++ b/security-command-center/snippets/src/main/java/vtwo/assets/AddSecurityMarksToAssets.java @@ -15,6 +15,7 @@ */ // [START securitycenter_add_security_marks_assets_v2] + package vtwo.assets; import autovalue.shaded.com.google.common.collect.ImmutableMap; diff --git a/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java b/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java index bb2fd575af1..07c505a5850 100644 --- a/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java +++ b/security-command-center/snippets/src/main/java/vtwo/assets/DeleteAssetsSecurityMarks.java @@ -15,6 +15,7 @@ */ // [START securitycenter_delete_security_marks_assets_v2] + package vtwo.assets; import com.google.cloud.securitycenter.v2.SecurityCenterClient; diff --git a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java index fdd27c2bb05..5f0037145f6 100644 --- a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java +++ b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java @@ -27,7 +27,6 @@ import java.nio.charset.StandardCharsets; import java.util.regex.Matcher; import java.util.regex.Pattern; - import org.junit.After; import org.junit.AfterClass; import org.junit.Before; @@ -35,12 +34,10 @@ import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; -import org.junit.runners.JUnit4; - import com.google.cloud.testing.junit4.MultipleAttemptsRule; import com.google.gson.JsonObject; import com.google.gson.JsonParser; - +import org.junit.runners.JUnit4; import vtwo.assets.AddDeleteSecurityMarks; import vtwo.assets.AddSecurityMarksToAssets; import vtwo.assets.DeleteAssetsSecurityMarks; From 885be93961794171596e0a5077194a3fbb390682 Mon Sep 17 00:00:00 2001 From: Vijaykanth Melugiri Date: Sun, 2 Feb 2025 22:57:58 +0000 Subject: [PATCH 8/8] fix lint take two --- .../snippets/src/test/java/vtwo/AssetSecurityMarksIT.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java index 5f0037145f6..c398f322900 100644 --- a/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java +++ b/security-command-center/snippets/src/test/java/vtwo/AssetSecurityMarksIT.java @@ -21,6 +21,9 @@ import static junit.framework.TestCase.assertFalse; import static junit.framework.TestCase.assertTrue; +import com.google.cloud.testing.junit4.MultipleAttemptsRule; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; @@ -34,9 +37,6 @@ import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; -import com.google.cloud.testing.junit4.MultipleAttemptsRule; -import com.google.gson.JsonObject; -import com.google.gson.JsonParser; import org.junit.runners.JUnit4; import vtwo.assets.AddDeleteSecurityMarks; import vtwo.assets.AddSecurityMarksToAssets;