feat: [policytroubleshooter] include errors in troubleshoot response (#…

…9649) * feat: include errors in troubleshoot response docs: update documentation for ToubleshootIamPolicy RPC method PiperOrigin-RevId: 549040975 Source-Link: googleapis/googleapis@1ca7973 Source-Link: googleapis/googleapis-gen@21e6ee6 Copy-Tag: eyJwIjoiamF2YS1wb2xpY3ktdHJvdWJsZXNob290ZXIvLk93bEJvdC55YW1sIiwiaCI6IjIxZTZlZTZmNjEzNDlkM2I2ZGQyNTMxNjliNWVjMjE4MDI0ZDJmMDQifQ== * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --------- Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
googleapis · Jul 20, 2023 · c7c7860 · c7c7860
1 parent e77037d
commit c7c7860
Show file tree

Hide file tree

Showing 13 changed files with 1,252 additions and 689 deletions.
diff --git a/java-policy-troubleshooter/README.md b/java-policy-troubleshooter/README.md
@@ -20,7 +20,7 @@ If you are using Maven with [BOM][libraries-bom], add this to your pom.xml file:
     <dependency>
       <groupId>com.google.cloud</groupId>
       <artifactId>libraries-bom</artifactId>
-      <version>26.16.0</version>
+      <version>26.18.0</version>
       <type>pom</type>
       <scope>import</scope>
     </dependency>
@@ -195,7 +195,7 @@ Java is a registered trademark of Oracle and/or its affiliates.
 [kokoro-badge-link-5]: http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/java11.html
 [stability-image]: https://img.shields.io/badge/stability-stable-green
 [maven-version-image]: https://img.shields.io/maven-central/v/com.google.cloud/google-cloud-policy-troubleshooter.svg
-[maven-version-link]: https://central.sonatype.com/artifact/com.google.cloud/google-cloud-policy-troubleshooter/1.18.0
+[maven-version-link]: https://central.sonatype.com/artifact/com.google.cloud/google-cloud-policy-troubleshooter/1.20.0
 [authentication]: https://github.com/googleapis/google-cloud-java#authentication
 [auth-scopes]: https://developers.google.com/identity/protocols/oauth2/scopes
 [predefined-iam-roles]: https://cloud.google.com/iam/docs/understanding-roles#predefined_roles

diff --git a/...oubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerClient.java b/...oubleshooter/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerClient.java
@@ -167,8 +167,8 @@ public IamCheckerStub getStub() {
 
   // AUTO-GENERATED DOCUMENTATION AND METHOD.
   /**
-   * Checks whether a member has a specific permission for a specific resource, and explains why the
-   * member does or does not have that permission.
+   * Checks whether a principal has a specific permission for a specific resource, and explains why
+   * the principal does or does not have that permission.
    *
    * <p>Sample code:
    *
@@ -197,8 +197,8 @@ public final TroubleshootIamPolicyResponse troubleshootIamPolicy(
 
   // AUTO-GENERATED DOCUMENTATION AND METHOD.
   /**
-   * Checks whether a member has a specific permission for a specific resource, and explains why the
-   * member does or does not have that permission.
+   * Checks whether a principal has a specific permission for a specific resource, and explains why
+   * the principal does or does not have that permission.
    *
    * <p>Sample code:
    *

diff --git a/.../src/test/java/com/google/cloud/policytroubleshooter/v1/IamCheckerClientHttpJsonTest.java b/.../src/test/java/com/google/cloud/policytroubleshooter/v1/IamCheckerClientHttpJsonTest.java
@@ -26,6 +26,7 @@
 import com.google.api.gax.rpc.StatusCode;
 import com.google.api.gax.rpc.testing.FakeStatusCode;
 import com.google.cloud.policytroubleshooter.v1.stub.HttpJsonIamCheckerStub;
+import com.google.rpc.Status;
 import google.cloud.policytroubleshooter.v1.Explanations;
 import java.io.IOException;
 import java.util.ArrayList;
@@ -78,6 +79,7 @@ public void troubleshootIamPolicyTest() throws Exception {
         TroubleshootIamPolicyResponse.newBuilder()
             .setAccess(Explanations.AccessState.forNumber(0))
             .addAllExplainedPolicies(new ArrayList<Explanations.ExplainedPolicy>())
+            .addAllErrors(new ArrayList<Status>())
             .build();
     mockService.addResponse(expectedResponse);
 

diff --git a/...eshooter/src/test/java/com/google/cloud/policytroubleshooter/v1/IamCheckerClientTest.java b/...eshooter/src/test/java/com/google/cloud/policytroubleshooter/v1/IamCheckerClientTest.java
@@ -24,6 +24,7 @@
 import com.google.api.gax.rpc.ApiClientHeaderProvider;
 import com.google.api.gax.rpc.InvalidArgumentException;
 import com.google.protobuf.AbstractMessage;
+import com.google.rpc.Status;
 import google.cloud.policytroubleshooter.v1.Explanations;
 import io.grpc.StatusRuntimeException;
 import java.io.IOException;
@@ -83,6 +84,7 @@ public void troubleshootIamPolicyTest() throws Exception {
         TroubleshootIamPolicyResponse.newBuilder()
             .setAccess(Explanations.AccessState.forNumber(0))
             .addAllExplainedPolicies(new ArrayList<Explanations.ExplainedPolicy>())
+            .addAllErrors(new ArrayList<Status>())
             .build();
     mockIamChecker.addResponse(expectedResponse);
 

diff --git a/...ubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerGrpc.java b/...ubleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/IamCheckerGrpc.java
@@ -139,8 +139,9 @@ public interface AsyncService {
      *
      *
      * <pre>
-     * Checks whether a member has a specific permission for a specific resource,
-     * and explains why the member does or does not have that permission.
+     * Checks whether a principal has a specific permission for a specific
+     * resource, and explains why the principal does or does not have that
+     * permission.
      * </pre>
      */
     default void troubleshootIamPolicy(
@@ -191,8 +192,9 @@ protected IamCheckerStub build(io.grpc.Channel channel, io.grpc.CallOptions call
      *
      *
      * <pre>
-     * Checks whether a member has a specific permission for a specific resource,
-     * and explains why the member does or does not have that permission.
+     * Checks whether a principal has a specific permission for a specific
+     * resource, and explains why the principal does or does not have that
+     * permission.
      * </pre>
      */
     public void troubleshootIamPolicy(
@@ -231,8 +233,9 @@ protected IamCheckerBlockingStub build(
      *
      *
      * <pre>
-     * Checks whether a member has a specific permission for a specific resource,
-     * and explains why the member does or does not have that permission.
+     * Checks whether a principal has a specific permission for a specific
+     * resource, and explains why the principal does or does not have that
+     * permission.
      * </pre>
      */
     public com.google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyResponse
@@ -266,8 +269,9 @@ protected IamCheckerFutureStub build(io.grpc.Channel channel, io.grpc.CallOption
      *
      *
      * <pre>
-     * Checks whether a member has a specific permission for a specific resource,
-     * and explains why the member does or does not have that permission.
+     * Checks whether a principal has a specific permission for a specific
+     * resource, and explains why the principal does or does not have that
+     * permission.
      * </pre>
      */
     public com.google.common.util.concurrent.ListenableFuture<

diff --git a/...bleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/IAMCheckerProto.java b/...bleshooter-v1/src/main/java/com/google/cloud/policytroubleshooter/v1/IAMCheckerProto.java
@@ -49,29 +49,30 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
           + "shooter.v1\0327google/cloud/policytroublesh"
           + "ooter/v1/explanations.proto\032\034google/api/"
           + "annotations.proto\032\027google/api/client.pro"
-          + "to\"g\n\034TroubleshootIamPolicyRequest\022G\n\014ac"
-          + "cess_tuple\030\001 \001(\01321.google.cloud.policytr"
-          + "oubleshooter.v1.AccessTuple\"\265\001\n\035Troubles"
-          + "hootIamPolicyResponse\022A\n\006access\030\001 \001(\01621."
-          + "google.cloud.policytroubleshooter.v1.Acc"
-          + "essState\022Q\n\022explained_policies\030\002 \003(\01325.g"
-          + "oogle.cloud.policytroubleshooter.v1.Expl"
-          + "ainedPolicy2\251\002\n\nIamChecker\022\301\001\n\025Troublesh"
-          + "ootIamPolicy\022B.google.cloud.policytroubl"
-          + "eshooter.v1.TroubleshootIamPolicyRequest"
-          + "\032C.google.cloud.policytroubleshooter.v1."
-          + "TroubleshootIamPolicyResponse\"\037\202\323\344\223\002\031\"\024/"
-          + "v1/iam:troubleshoot:\001*\032W\312A#policytrouble"
-          + "shooter.googleapis.com\322A.https://www.goo"
-          + "gleapis.com/auth/cloud-platformB\226\002\n(com."
-          + "google.cloud.policytroubleshooter.v1B\017IA"
-          + "MCheckerProtoP\001Z\\cloud.google.com/go/pol"
-          + "icytroubleshooter/apiv1/policytroublesho"
-          + "oterpb;policytroubleshooterpb\370\001\001\252\002$Googl"
-          + "e.Cloud.PolicyTroubleshooter.V1\312\002$Google"
-          + "\\Cloud\\PolicyTroubleshooter\\V1\352\002\'Google:"
-          + ":Cloud::PolicyTroubleshooter::V1P\000b\006prot"
-          + "o3"
+          + "to\032\027google/rpc/status.proto\"g\n\034Troublesh"
+          + "ootIamPolicyRequest\022G\n\014access_tuple\030\001 \001("
+          + "\01321.google.cloud.policytroubleshooter.v1"
+          + ".AccessTuple\"\331\001\n\035TroubleshootIamPolicyRe"
+          + "sponse\022A\n\006access\030\001 \001(\01621.google.cloud.po"
+          + "licytroubleshooter.v1.AccessState\022Q\n\022exp"
+          + "lained_policies\030\002 \003(\01325.google.cloud.pol"
+          + "icytroubleshooter.v1.ExplainedPolicy\022\"\n\006"
+          + "errors\030\003 \003(\0132\022.google.rpc.Status2\251\002\n\nIam"
+          + "Checker\022\301\001\n\025TroubleshootIamPolicy\022B.goog"
+          + "le.cloud.policytroubleshooter.v1.Trouble"
+          + "shootIamPolicyRequest\032C.google.cloud.pol"
+          + "icytroubleshooter.v1.TroubleshootIamPoli"
+          + "cyResponse\"\037\202\323\344\223\002\031\"\024/v1/iam:troubleshoot"
+          + ":\001*\032W\312A#policytroubleshooter.googleapis."
+          + "com\322A.https://www.googleapis.com/auth/cl"
+          + "oud-platformB\226\002\n(com.google.cloud.policy"
+          + "troubleshooter.v1B\017IAMCheckerProtoP\001Z\\cl"
+          + "oud.google.com/go/policytroubleshooter/a"
+          + "piv1/policytroubleshooterpb;policytroubl"
+          + "eshooterpb\370\001\001\252\002$Google.Cloud.PolicyTroub"
+          + "leshooter.V1\312\002$Google\\Cloud\\PolicyTroubl"
+          + "eshooter\\V1\352\002\'Google::Cloud::PolicyTroub"
+          + "leshooter::V1P\000b\006proto3"
     };
     descriptor =
         com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
@@ -80,6 +81,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               google.cloud.policytroubleshooter.v1.Explanations.getDescriptor(),
               com.google.api.AnnotationsProto.getDescriptor(),
               com.google.api.ClientProto.getDescriptor(),
+              com.google.rpc.StatusProto.getDescriptor(),
             });
     internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyRequest_descriptor =
         getDescriptor().getMessageTypes().get(0);
@@ -95,7 +97,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_policytroubleshooter_v1_TroubleshootIamPolicyResponse_descriptor,
             new java.lang.String[] {
-              "Access", "ExplainedPolicies",
+              "Access", "ExplainedPolicies", "Errors",
             });
     com.google.protobuf.ExtensionRegistry registry =
         com.google.protobuf.ExtensionRegistry.newInstance();
@@ -107,6 +109,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
     google.cloud.policytroubleshooter.v1.Explanations.getDescriptor();
     com.google.api.AnnotationsProto.getDescriptor();
     com.google.api.ClientProto.getDescriptor();
+    com.google.rpc.StatusProto.getDescriptor();
   }
 
   // @@protoc_insertion_point(outer_class_scope)

diff --git a/.../src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyRequest.java b/.../src/main/java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyRequest.java
@@ -22,7 +22,8 @@
  *
  *
  * <pre>
- * Request for [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy].
+ * Request for
+ * [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy].
  * </pre>
  *
  * Protobuf type {@code google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest}
@@ -66,8 +67,8 @@ public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
    *
    *
    * <pre>
-   * The information to use for checking whether a member has a permission for a
-   * resource.
+   * The information to use for checking whether a principal has a permission
+   * for a resource.
    * </pre>
    *
    * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -82,8 +83,8 @@ public boolean hasAccessTuple() {
    *
    *
    * <pre>
-   * The information to use for checking whether a member has a permission for a
-   * resource.
+   * The information to use for checking whether a principal has a permission
+   * for a resource.
    * </pre>
    *
    * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -100,8 +101,8 @@ public google.cloud.policytroubleshooter.v1.Explanations.AccessTuple getAccessTu
    *
    *
    * <pre>
-   * The information to use for checking whether a member has a permission for a
-   * resource.
+   * The information to use for checking whether a principal has a permission
+   * for a resource.
    * </pre>
    *
    * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -284,7 +285,8 @@ protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.Build
    *
    *
    * <pre>
-   * Request for [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy].
+   * Request for
+   * [TroubleshootIamPolicy][google.cloud.policytroubleshooter.v1.IamChecker.TroubleshootIamPolicy].
    * </pre>
    *
    * Protobuf type {@code google.cloud.policytroubleshooter.v1.TroubleshootIamPolicyRequest}
@@ -483,8 +485,8 @@ public Builder mergeFrom(
      *
      *
      * <pre>
-     * The information to use for checking whether a member has a permission for a
-     * resource.
+     * The information to use for checking whether a principal has a permission
+     * for a resource.
      * </pre>
      *
      * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -498,8 +500,8 @@ public boolean hasAccessTuple() {
      *
      *
      * <pre>
-     * The information to use for checking whether a member has a permission for a
-     * resource.
+     * The information to use for checking whether a principal has a permission
+     * for a resource.
      * </pre>
      *
      * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -519,8 +521,8 @@ public google.cloud.policytroubleshooter.v1.Explanations.AccessTuple getAccessTu
      *
      *
      * <pre>
-     * The information to use for checking whether a member has a permission for a
-     * resource.
+     * The information to use for checking whether a principal has a permission
+     * for a resource.
      * </pre>
      *
      * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -543,8 +545,8 @@ public Builder setAccessTuple(
      *
      *
      * <pre>
-     * The information to use for checking whether a member has a permission for a
-     * resource.
+     * The information to use for checking whether a principal has a permission
+     * for a resource.
      * </pre>
      *
      * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -564,8 +566,8 @@ public Builder setAccessTuple(
      *
      *
      * <pre>
-     * The information to use for checking whether a member has a permission for a
-     * resource.
+     * The information to use for checking whether a principal has a permission
+     * for a resource.
      * </pre>
      *
      * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -593,8 +595,8 @@ public Builder mergeAccessTuple(
      *
      *
      * <pre>
-     * The information to use for checking whether a member has a permission for a
-     * resource.
+     * The information to use for checking whether a principal has a permission
+     * for a resource.
      * </pre>
      *
      * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -613,8 +615,8 @@ public Builder clearAccessTuple() {
      *
      *
      * <pre>
-     * The information to use for checking whether a member has a permission for a
-     * resource.
+     * The information to use for checking whether a principal has a permission
+     * for a resource.
      * </pre>
      *
      * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -629,8 +631,8 @@ public Builder clearAccessTuple() {
      *
      *
      * <pre>
-     * The information to use for checking whether a member has a permission for a
-     * resource.
+     * The information to use for checking whether a principal has a permission
+     * for a resource.
      * </pre>
      *
      * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -649,8 +651,8 @@ public Builder clearAccessTuple() {
      *
      *
      * <pre>
-     * The information to use for checking whether a member has a permission for a
-     * resource.
+     * The information to use for checking whether a principal has a permission
+     * for a resource.
      * </pre>
      *
      * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>

diff --git a/.../java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyRequestOrBuilder.java b/.../java/com/google/cloud/policytroubleshooter/v1/TroubleshootIamPolicyRequestOrBuilder.java
@@ -27,8 +27,8 @@ public interface TroubleshootIamPolicyRequestOrBuilder
    *
    *
    * <pre>
-   * The information to use for checking whether a member has a permission for a
-   * resource.
+   * The information to use for checking whether a principal has a permission
+   * for a resource.
    * </pre>
    *
    * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -40,8 +40,8 @@ public interface TroubleshootIamPolicyRequestOrBuilder
    *
    *
    * <pre>
-   * The information to use for checking whether a member has a permission for a
-   * resource.
+   * The information to use for checking whether a principal has a permission
+   * for a resource.
    * </pre>
    *
    * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>
@@ -53,8 +53,8 @@ public interface TroubleshootIamPolicyRequestOrBuilder
    *
    *
    * <pre>
-   * The information to use for checking whether a member has a permission for a
-   * resource.
+   * The information to use for checking whether a principal has a permission
+   * for a resource.
    * </pre>
    *
    * <code>.google.cloud.policytroubleshooter.v1.AccessTuple access_tuple = 1;</code>