adds KMS region tags, Quickstart, and tests (#502)

GoogleCloudPlatform · Feb 7, 2017 · 879aa0d · 879aa0d
1 parent ec9375e
commit 879aa0d
Show file tree

Hide file tree

Showing 6 changed files with 188 additions and 6 deletions.
diff --git a/kms/pom.xml b/kms/pom.xml
@@ -62,6 +62,8 @@
 
   <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    <maven.compiler.source>1.7</maven.compiler.source>
+    <maven.compiler.target>1.7</maven.compiler.target>
   </properties>
 
   <build>
@@ -71,10 +73,6 @@
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-compiler-plugin</artifactId>
         <version>3.2</version>
-        <configuration>
-          <source>5</source>
-          <target>5</target>
-        </configuration>
       </plugin>
       <plugin>
         <artifactId>maven-assembly-plugin</artifactId>

diff --git a/kms/src/main/java/com/example/CryptFile.java b/kms/src/main/java/com/example/CryptFile.java
@@ -71,6 +71,7 @@ public static byte[] encrypt(String projectId, String ringId, String keyId, byte
     return encrypt(projectId, ringId, keyId, null, plaintext);
   }
 
+  // [START kms_encrypt]
   /**
    * Encrypts the given bytes, using the specified crypto key version.
    */
@@ -95,7 +96,9 @@ public static byte[] encrypt(
 
     return response.decodeCiphertext();
   }
+  // [END kms_encrypt]
 
+  // [START kms_decrypt]
   /**
    * Decrypts the given encrypted bytes, using the specified crypto key.
    */
@@ -117,6 +120,7 @@ public static byte[] decrypt(String projectId, String ringId, String keyId, byte
 
     return response.decodePlaintext();
   }
+  // [END kms_decrypt]
 
   public static void main(String[] args) throws IOException {
     CryptFileCommands commands = new CryptFileCommands();

diff --git a/kms/src/main/java/com/example/CryptFileCommands.java b/kms/src/main/java/com/example/CryptFileCommands.java
@@ -45,9 +45,9 @@ static class Args {
     String ringId;
     @Argument(metaVar = "keyId", required = true, index = 1, usage = "The key id")
     String keyId;
-    @Argument(metaVar = "inFile", required = true, index = 1, usage = "The source file")
+    @Argument(metaVar = "inFile", required = true, index = 2, usage = "The source file")
     String inFile;
-    @Argument(metaVar = "outFile", required = true, index = 1, usage = "The destination file")
+    @Argument(metaVar = "outFile", required = true, index = 3, usage = "The destination file")
     String outFile;
   }
 

diff --git a/kms/src/main/java/com/example/Quickstart.java b/kms/src/main/java/com/example/Quickstart.java
@@ -0,0 +1,87 @@
+/*
+  Copyright 2016, Google, Inc.
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+      http://www.apache.org/licenses/LICENSE-2.0
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/
+
+package com.example;
+
+// [START kms_quickstart]
+// Imports the Google Cloud client library
+import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
+import com.google.api.client.http.HttpTransport;
+import com.google.api.client.http.javanet.NetHttpTransport;
+import com.google.api.client.json.JsonFactory;
+import com.google.api.client.json.jackson2.JacksonFactory;
+import com.google.api.services.cloudkms.v1beta1.CloudKMS;
+import com.google.api.services.cloudkms.v1beta1.CloudKMSScopes;
+import com.google.api.services.cloudkms.v1beta1.model.KeyRing;
+import com.google.api.services.cloudkms.v1beta1.model.ListKeyRingsResponse;
+
+import java.io.IOException;
+
+public class Quickstart {
+  /**
+   * Creates an authorized CloudKMS client service using Application Default Credentials.
+   *
+   * @return an authorized CloudKMS client
+   * @throws IOException if there's an error getting the default credentials.
+   */
+  public static CloudKMS createAuthorizedClient() throws IOException {
+    // Create the credential
+    HttpTransport transport = new NetHttpTransport();
+    JsonFactory jsonFactory = new JacksonFactory();
+    // Authorize the client using Application Default Credentials
+    // @see https://g.co/dv/identity/protocols/application-default-credentials
+    GoogleCredential credential = GoogleCredential.getApplicationDefault(transport, jsonFactory);
+
+    // Depending on the environment that provides the default credentials (e.g. Compute Engine, App
+    // Engine), the credentials may require us to specify the scopes we need explicitly.
+    // Check for this case, and inject the scope if required.
+    if (credential.createScopedRequired()) {
+      credential = credential.createScoped(CloudKMSScopes.all());
+    }
+
+    return new CloudKMS.Builder(transport, jsonFactory, credential)
+        .setApplicationName("CloudKMS snippets")
+        .build();
+  }
+
+  public static void main(String... args) throws Exception {
+    String projectId = args[0];
+    // The location of the Key Rings
+    String location = "global";
+
+    // Create the Cloud KMS client.
+    CloudKMS kms = createAuthorizedClient();
+
+    // The resource name of the cryptoKey
+    String keyRingPath = String.format(
+        "projects/%s/locations/%s",
+        projectId, location);
+
+    // Make the RPC call
+    ListKeyRingsResponse response = kms.projects().locations()
+        .keyRings()
+        .list(keyRingPath)
+        .execute();
+
+    // Print the returned key rings
+    if (null != response.getKeyRings()) {
+      System.out.println("Key Rings: ");
+      for (KeyRing keyRing : response.getKeyRings()) {
+        System.out.println(keyRing.getName());
+      }
+    } else {
+      System.out.println("No keyrings defined.");
+    }
+  }
+}
+// [END kms_quickstart]
diff --git a/kms/src/main/java/com/example/Snippets.java b/kms/src/main/java/com/example/Snippets.java
@@ -67,6 +67,7 @@ public static CloudKMS createAuthorizedClient() throws IOException {
         .build();
   }
 
+  // [START kms_create_keyring]
   /**
    * Creates a new key ring with the given id.
    */
@@ -86,7 +87,9 @@ public static KeyRing createKeyRing(String projectId, String ringId) throws IOEx
     System.out.println(keyring);
     return keyring;
   }
+  // [END kms_create_keyring]
 
+  // [START kms_create_cryptokey]
   /**
    * Creates a new crypto key with the given id.
    */
@@ -114,7 +117,9 @@ public static CryptoKey createCryptoKey(String projectId, String ringId, String
     System.out.println(createdKey);
     return createdKey;
   }
+  // [END kms_create_cryptokey]
 
+  // [START kms_create_cryptokey_version]
   /**
    * Creates a new crypto key version for the given id.
    */
@@ -138,7 +143,9 @@ public static void createCryptoKeyVersion(
 
     System.out.println(newVersion);
   }
+  // [END kms_create_cryptokey_version]
 
+  // [START kms_disable_cryptokey_version]
   /**
    * Disables the given version of the crypto key.
    */
@@ -166,7 +173,9 @@ public static CryptoKeyVersion disableCryptoKeyVersion(
     System.out.println(response);
     return response;
   }
+  // [END kms_disable_cryptokey_version]
 
+  // [START kms_destroy_cryptokey_version]
   /**
    * Marks the given version of a crypto key to be destroyed at a scheduled future point.
    */
@@ -192,7 +201,9 @@ public static CryptoKeyVersion destroyCryptoKeyVersion(
     System.out.println(destroyed);
     return destroyed;
   }
+  // [END kms_destroy_cryptokey_version]
 
+  // [START kms_get_cryptokey_policy]
   /**
    * Retrieves the IAM policy for the given crypto key.
    */
@@ -215,7 +226,9 @@ public static Policy getCryptoKeyPolicy(String projectId, String ringId, String
     System.out.println(iamPolicy.getBindings());
     return iamPolicy;
   }
+  // [END kms_get_cryptokey_policy]
 
+  // [START kms_get_keyring_policy]
   /**
    * Retrieves the IAM policy for the given crypto key.
    */
@@ -237,7 +250,9 @@ public static Policy getKeyRingPolicy(String projectId, String ringId) throws IO
     System.out.println(iamPolicy.getBindings());
     return iamPolicy;
   }
+  // [END kms_get_keyring_policy]
 
+  // [START kms_add_member_to_cryptokey_policy]
   /**
    * Adds the given member to the given key, with the given role.
    *
@@ -296,7 +311,9 @@ public static Policy addMemberToCryptoKeyPolicy(
     System.out.println("Response: " + newIamPolicy);
     return newIamPolicy;
   }
+  // [END kms_add_member_to_cryptokey_policy]
 
+  // [START kms_add_member_to_keyring_policy]
   /**
    * Adds the given member to the given keyring, with the given role.
    *
@@ -354,7 +371,9 @@ public static Policy addMemberToKeyRingPolicy(
     System.out.println("Response: " + newIamPolicy);
     return newIamPolicy;
   }
+  // [END kms_add_member_to_keyring_policy]
 
+  // [START kms_remove_member_from_cryptokey_policy]
   /**
    * Removes the given member from the given policy.
    */
@@ -395,7 +414,9 @@ public static Policy removeMemberFromCryptoKeyPolicy(
     System.out.println("Response: " + newIamPolicy);
     return newIamPolicy;
   }
+  // [END kms_remove_member_from_cryptokey_policy]
 
+  // [START kms_remove_member_from_keyring_policy]
   /**
    * Removes the given member from the given policy.
    */
@@ -431,6 +452,7 @@ public static Policy removeMemberFromKeyRingPolicy(
     System.out.println("Response: " + newIamPolicy);
     return newIamPolicy;
   }
+  // [END kms_remove_member_from_keyring_policy]
 
   /**
    * Prints all the keyrings in the given project.

diff --git a/kms/src/test/java/com/example/QuickstartIT.java b/kms/src/test/java/com/example/QuickstartIT.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright (c) 2017 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package com.example;
+
+import static com.google.common.truth.Truth.assertThat;
+
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+import java.io.ByteArrayOutputStream;
+import java.io.PrintStream;
+
+/**
+ * Integration (system) tests for {@link Quickstart}.
+ */
+@RunWith(JUnit4.class)
+@SuppressWarnings("checkstyle:abbreviationaswordinname")
+public class QuickstartIT {
+
+  private ByteArrayOutputStream bout;
+  private PrintStream out;
+
+  @BeforeClass
+  public static void setUpClass() throws Exception {
+    SnippetsIT.setUpClass();
+    ByteArrayOutputStream bout = new ByteArrayOutputStream();
+    PrintStream out = new PrintStream(bout);
+    System.setOut(out);
+  }
+
+  /**
+   * Destroys all the keys created during this test run.
+   */
+  @AfterClass
+  public static void tearDownClass() throws Exception {
+    SnippetsIT.tearDownClass();
+  }
+
+  @Before
+  public void setUp() throws Exception {
+    bout = new ByteArrayOutputStream();
+    out = new PrintStream(bout);
+    System.setOut(out);
+
+    Snippets.createCryptoKeyVersion(
+        SnippetsIT.PROJECT_ID, SnippetsIT.KEY_RING_ID, SnippetsIT.CRYPTO_KEY_ID);
+  }
+
+  @Test
+  public void listKeyRings_printsKeyRing() throws Exception {
+    Quickstart.main(SnippetsIT.PROJECT_ID);
+
+    assertThat(bout.toString()).contains(String.format("keyRings/%s", SnippetsIT.KEY_RING_ID));
+  }
+}