in tfplan2cai/converters/google/convert.go [293:426]
func (c *Converter) augmentAsset(tfData tpgresource.TerraformResourceData, cfg *transport_tpg.Config, cai resources.Asset) (Asset, error) {
ancestors, parent, err := c.ancestryManager.Ancestors(cfg, tfData, &cai)
if err != nil {
return Asset{}, fmt.Errorf("getting resource ancestry or parent failed: %w", err)
}
var resource *caiasset.AssetResource
if cai.Resource != nil {
resource = &caiasset.AssetResource{
Version: cai.Resource.Version,
DiscoveryDocumentURI: cai.Resource.DiscoveryDocumentURI,
DiscoveryName: cai.Resource.DiscoveryName,
Parent: parent,
Data: cai.Resource.Data,
}
}
var policy *caiasset.IAMPolicy
if cai.IAMPolicy != nil {
policy = &caiasset.IAMPolicy{}
for _, b := range cai.IAMPolicy.Bindings {
policy.Bindings = append(policy.Bindings, caiasset.IAMBinding{
Role: b.Role,
Members: b.Members,
})
}
}
var orgPolicy []*caiasset.OrgPolicy
if cai.OrgPolicy != nil {
for _, o := range cai.OrgPolicy {
var listPolicy *caiasset.ListPolicy
var booleanPolicy *caiasset.BooleanPolicy
var restoreDefault *caiasset.RestoreDefault
if o.ListPolicy != nil {
listPolicy = &caiasset.ListPolicy{
AllowedValues: o.ListPolicy.AllowedValues,
AllValues: caiasset.ListPolicyAllValues(o.ListPolicy.AllValues),
DeniedValues: o.ListPolicy.DeniedValues,
SuggestedValue: o.ListPolicy.SuggestedValue,
InheritFromParent: o.ListPolicy.InheritFromParent,
}
}
if o.BooleanPolicy != nil {
booleanPolicy = &caiasset.BooleanPolicy{
Enforced: o.BooleanPolicy.Enforced,
}
}
if o.RestoreDefault != nil {
restoreDefault = &caiasset.RestoreDefault{}
}
//As time is not information in terraform resource data, time is fixed for testing purposes
fixedTime := time.Date(2021, time.April, 14, 15, 16, 17, 0, time.UTC)
orgPolicy = append(orgPolicy, &caiasset.OrgPolicy{
Constraint: o.Constraint,
ListPolicy: listPolicy,
BooleanPolicy: booleanPolicy,
RestoreDefault: restoreDefault,
UpdateTime: &caiasset.Timestamp{
Seconds: int64(fixedTime.Unix()),
Nanos: int64(fixedTime.UnixNano()),
},
})
}
}
var v2OrgPolicies []*caiasset.V2OrgPolicies
if cai.V2OrgPolicies != nil {
for _, o2 := range cai.V2OrgPolicies {
var spec *caiasset.PolicySpec
if o2.PolicySpec != nil {
var rules []*caiasset.PolicyRule
if o2.PolicySpec.PolicyRules != nil {
for _, rule := range o2.PolicySpec.PolicyRules {
var values *caiasset.StringValues
if rule.Values != nil {
values = &caiasset.StringValues{
AllowedValues: rule.Values.AllowedValues,
DeniedValues: rule.Values.DeniedValues,
}
}
var condition *caiasset.Expr
if rule.Condition != nil {
condition = &caiasset.Expr{
Expression: rule.Condition.Expression,
Title: rule.Condition.Title,
Description: rule.Condition.Description,
Location: rule.Condition.Location,
}
}
rules = append(rules, &caiasset.PolicyRule{
Values: values,
AllowAll: rule.AllowAll,
DenyAll: rule.DenyAll,
Enforce: rule.Enforce,
Condition: condition,
})
}
}
fixedTime := time.Date(2021, time.April, 14, 15, 16, 17, 0, time.UTC)
spec = &caiasset.PolicySpec{
Etag: o2.PolicySpec.Etag,
UpdateTime: &caiasset.Timestamp{
Seconds: int64(fixedTime.Unix()),
Nanos: int64(fixedTime.UnixNano()),
},
PolicyRules: rules,
InheritFromParent: o2.PolicySpec.InheritFromParent,
Reset: o2.PolicySpec.Reset,
}
}
v2OrgPolicies = append(v2OrgPolicies, &caiasset.V2OrgPolicies{
Name: o2.Name,
PolicySpec: spec,
})
}
}
return Asset{
Name: cai.Name,
Type: cai.Type,
Resource: resource,
IAMPolicy: policy,
OrgPolicy: orgPolicy,
V2OrgPolicies: v2OrgPolicies,
converterAsset: cai,
Ancestors: ancestors,
}, nil
}