README
¶
RAM Real-time Asset Monitor
RAM Testing framework
RAM Unit testing framework
- GO unit testing functions MUST be prefixed with
TestUnitenabling filtering in testing_unit.yaml - GO unit test source code file SHOULD be named after the code source file using the suffix
_unit_test.goexample.- Code source file
func_validatestruct.go - Unit tests code file
func_validatestruct_unit_test.go
- Code source file
- Unit tests MUST be small enough so all the unit tests are run on each push and each PR update: testing_unit.yaml
- Unit test MUST run in isolation:
- No real call to a dependency API
- meaning, the service account used to run the CI pipeline need no expertanl API IAM related role
- Test double (mocks / stubs/ fakes) are not encouraged:
- prefer to use a real object
- As calling real object is not allowed in unit test (previous guideline), move these tests to small integration tests (next section)
- No real call to a dependency API
RAM Integration testing framework
- GO integration testing functions MUST be prefixed with
TestIntegenabling filtering in testing_integ.yaml - GO integration test source code file SHOULD be named after the code source file using the suffix
_integ_test.goexample- Code source file
meth_folderdeployment_deploy.go - Unit tests code file
meth_folderdeployment_deploy_integ_test.go
- Code source file
- Integration tests MUST be small enough so a GO package integration tests are run on each push on the package code and each PR to master update: testing_integ.yaml
- The project hosting the integration tests MUST have a project name that contains
ram-buildavoiding resources deletion, creation driven during integration test to occur in the wrong project - To run integration tests locally set the environment variable
RAM_ITEST_PROJECT_ID - The project hosting the integration tests MUST have a Cloud Operation Workspace hosted by itself
- The following IAM bindings MUST be set with the service account used to run integration tests:
- sandboxes folder
- folder admin
- required by: grm
- folder admin
- project hosting integration tests
- editor
- required to create, delete integration test resources
- editor
- sandboxes folder
- The project hosting the service account used to run the integration test MUST have the following API enabled:
- Cloud Resource Manager API
What's next
Directories
¶
| Path | Synopsis |
|---|---|
|
services
|
|
|
convertlog2feed
Package convertlog2feed convert log entry messsage from pubsub into feed compatible format pubusub message Instances Some.
|
Package convertlog2feed convert log entry messsage from pubsub into feed compatible format pubusub message Instances Some. |
|
dumpinventory
Package dumpinventory request CAI to perform an export Triggered by Cloud Scheduler Job, through PubSub messages.
|
Package dumpinventory request CAI to perform an export Triggered by Cloud Scheduler Job, through PubSub messages. |
|
getgroupsettings
Package getgroupsettings retreives the settings of one group from `Groups Settings API` Triggered by PubSub messages from the GCI groups topic.
|
Package getgroupsettings retreives the settings of one group from `Groups Settings API` Triggered by PubSub messages from the GCI groups topic. |
|
listgroupmembers
Package listgroupmembers extract all members from a group in GCI directory using the Admin SDK API Triggered by PubSub messages from the GCI groups topic.
|
Package listgroupmembers extract all members from a group in GCI directory using the Admin SDK API Triggered by PubSub messages from the GCI groups topic. |
|
listgroups
Package listgroups extract all groups from a GCI directory using the Admin SDK API Triggered by Cloud Scheduler Job, through PubSub messages.
|
Package listgroups extract all groups from a GCI directory using the Admin SDK API Triggered by Cloud Scheduler Job, through PubSub messages. |
|
monitor
Package monitor check asset compliance Triggered by Resource or IAM policies assets feed messages in PubSub topics.
|
Package monitor check asset compliance Triggered by Resource or IAM policies assets feed messages in PubSub topics. |
|
publish2fs
Package publish2fs publish assets resource feeds as FireStore documents It manages creation, updates and delete.
|
Package publish2fs publish assets resource feeds as FireStore documents It manages creation, updates and delete. |
|
setdashboards
Package setdashboards set cloud monitoring dashboards for RAM Instances Multiple: one per dashboard.
|
Package setdashboards set cloud monitoring dashboards for RAM Instances Multiple: one per dashboard. |
|
setfeeds
Package setfeeds set Cloud Asset Inventory feeds at organization level Instances per targeted GCP organization, per environment - one feed for all iam policies - one feed per asset type for resource metadata.
|
Package setfeeds set Cloud Asset Inventory feeds at organization level Instances per targeted GCP organization, per environment - one feed for all iam policies - one feed per asset type for resource metadata. |
|
setlogsinks
Package setlogsinks set organization log sinks to pubsub Instances Multiple.
|
Package setlogsinks set organization log sinks to pubsub Instances Multiple. |
|
splitdump
Package splitdump nibble large CAI dumps into PubSub asset feed messages One dump line = one PubSub message.
|
Package splitdump nibble large CAI dumps into PubSub asset feed messages One dump line = one PubSub message. |
|
stream2bq
Package stream2bq streams PubSub message into BigQuery tables It can stream into 3 RAM tables: 1) assets 2) compliance states 3) violations.
|
Package stream2bq streams PubSub message into BigQuery tables It can stream into 3 RAM tables: 1) assets 2) compliance states 3) violations. |
|
upload2gcs
Package upload2gcs stores feeds as JSON files in a GCS bucket Manage file creation (with override) and deletion.
|
Package upload2gcs stores feeds as JSON files in a GCS bucket Manage file creation (with override) and deletion. |
|
utilities
|
|
|
aut
Package aut helps authentication and tokens
|
Package aut helps authentication and tokens |
|
bil
Package bil helps with billing management
|
Package bil helps with billing management |
|
cai
Package cai helps with Cloud Asset Inventory
|
Package cai helps with Cloud Asset Inventory |
|
deploy
Package deploy defines the core structure for deployments and common APIs
|
Package deploy defines the core structure for deployments and common APIs |
|
erm
Package erm helps with errors management
|
Package erm helps with errors management |
|
ffo
Package ffo helps with file and folder operations
|
Package ffo helps with file and folder operations |
|
gae
Package gae helps with Google Application Engine
|
Package gae helps with Google Application Engine |
|
gbq
Package gbq helps with google Bigquery
|
Package gbq helps with google Bigquery |
|
gcb
Package gcb helps with Google Cloud Build
|
Package gcb helps with Google Cloud Build |
|
gcf
Package gcf helps with Google cloud functions
|
Package gcf helps with Google cloud functions |
|
gcs
Package gcs helps with Google Cloud Storage
|
Package gcs helps with Google Cloud Storage |
|
gfs
Package gfs helps with Google FireStore
|
Package gfs helps with Google FireStore |
|
gps
Package gps helps with Google Pubsub
|
Package gps helps with Google Pubsub |
|
grm
Package grm helps with Google Resource Manager, aka Organizations, Folders, Projects and their role bindings
|
Package grm helps with Google Resource Manager, aka Organizations, Folders, Projects and their role bindings |
|
gsr
Package gsr helps with Google Source Repositories
|
Package gsr helps with Google Source Repositories |
|
gsu
Package gsu helps with Google Service Usage, aka APIs activation
|
Package gsu helps with Google Service Usage, aka APIs activation |
|
iamgt
Package iamgt helps with Google Identity Access Management, aka Service Accounts and their roles bindings
|
Package iamgt helps with Google Identity Access Management, aka Service Accounts and their roles bindings |
|
itst
Package itst helps with integration tests
|
Package itst helps with integration tests |
|
logging
Package logging helps with Logging
|
Package logging helps with Logging |
|
lsk
Package lsk helps with Log Sinks
|
Package lsk helps with Log Sinks |
|
mon
Package mon helps cloud monitoring
|
Package mon helps cloud monitoring |
|
ramcli
Package ramcli Real-time Asset Monitor command line cli
|
Package ramcli Real-time Asset Monitor command line cli |
|
sch
Package sch helps with Google Cloud Scheduler
|
Package sch helps with Google Cloud Scheduler |
|
solution
Package solution defines the structure for solution settings
|
Package solution defines the structure for solution settings |
|
str
Package str helps with strings
|
Package str helps with strings |
|
validater
Package validater helps to validate struct fields
|
Package validater helps to validate struct fields |
Click to show internal directories.
Click to hide internal directories.