1# -*- coding: utf-8 -*- #
2# Copyright 2014 Google LLC. All Rights Reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8#    http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15"""Defines tool-wide constants."""
16
17from __future__ import absolute_import
18from __future__ import division
19from __future__ import unicode_literals
20
21import collections
22
23import six
24
25BYTES_IN_ONE_MB = 2 ** 20
26BYTES_IN_ONE_GB = 2 ** 30
27
28STANDARD_DISK_PERFORMANCE_WARNING_GB = 200
29SSD_DISK_PERFORMANCE_WARNING_GB = 10
30
31# Disk types
32DISK_TYPE_PD_STANDARD = 'pd-standard'
33DISK_TYPE_PD_BALANCED = 'pd-balanced'
34DISK_TYPE_PD_SSD = 'pd-ssd'
35DISK_TYPE_PD_EXTREME = 'pd-extreme'
36
37# Provisioned IOPS for pd-extreme disks
38MIN_PROVISIONED_IOPS = 10000
39MAX_PROVISIONED_IOPS = 120000
40DEFAULT_PROVISIONED_IOPS = 100000
41
42# Default size for each disk type
43DEFAULT_DISK_SIZE_GB_MAP = {
44    DISK_TYPE_PD_STANDARD: 500,
45    DISK_TYPE_PD_BALANCED: 100,
46    DISK_TYPE_PD_SSD: 100,
47    DISK_TYPE_PD_EXTREME: 1000,
48}
49
50# The maximum number of results that can be returned in a single list
51# response.
52MAX_RESULTS_PER_PAGE = 500
53
54# Defaults for instance creation.
55DEFAULT_ACCESS_CONFIG_NAME = 'external-nat'
56DEFAULT_IPV6_ACCESS_CONFIG_NAME = 'external-v6-access-config'
57
58DEFAULT_MACHINE_TYPE = 'n1-standard-1'
59DEFAULT_MACHINE_TYPE_FOR_CONFIDENTIAL_VMS = 'n2d-standard-2'
60DEFAULT_NETWORK = 'default'
61DEFAULT_NETWORK_INTERFACE = 'nic0'
62NETWORK_TIER_CHOICES_FOR_INSTANCE = ['PREMIUM', 'SELECT', 'STANDARD']
63NETWORK_INTERFACE_NIC_TYPE_CHOICES = ['VIRTIO_NET', 'GVNIC']
64ADV_NETWORK_TIER_CHOICES = ['DEFAULT', 'TIER_1']
65
66DEFAULT_IMAGE_FAMILY = 'debian-10'
67DEFAULT_IMAGE_FAMILY_FOR_CONFIDENTIAL_VMS = 'ubuntu-1804-lts'
68
69ImageAlias = collections.namedtuple(
70    'ImageAlias', ['project', 'name_prefix', 'family'])
71
72IMAGE_ALIASES = {
73    'centos-6': ImageAlias(
74        project='centos-cloud',
75        name_prefix='centos-6',
76        family='centos-6'),
77    'centos-7': ImageAlias(
78        project='centos-cloud',
79        name_prefix='centos-7',
80        family='centos-7'),
81    'container-vm': ImageAlias(
82        project='google-containers',
83        name_prefix='container-vm',
84        family='container-vm'),
85    'cos': ImageAlias(
86        project='cos-cloud',
87        name_prefix='cos',
88        family='cos'),
89    'debian-8': ImageAlias(
90        project='debian-cloud',
91        name_prefix='debian-8-jessie',
92        family='debian-8'),
93    'fedora-coreos-stable': ImageAlias(
94        project='fedora-coreos-cloud',
95        name_prefix='fedora-coreos',
96        family='fedora-coreos-stable'),
97    'rhel-6': ImageAlias(
98        project='rhel-cloud',
99        name_prefix='rhel-6',
100        family='rhel-6'),
101    'rhel-7': ImageAlias(
102        project='rhel-cloud',
103        name_prefix='rhel-7',
104        family='rhel-7'),
105    'rhel-8': ImageAlias(
106        project='rhel-cloud',
107        name_prefix='rhel-8',
108        family='rhel-8'),
109    'sles-11': ImageAlias(
110        project='suse-cloud',
111        name_prefix='sles-11',
112        family=None),
113    'sles-12': ImageAlias(
114        project='suse-cloud',
115        name_prefix='sles-12',
116        family=None),
117    'ubuntu-12-04': ImageAlias(
118        project='ubuntu-os-cloud',
119        name_prefix='ubuntu-1204-precise',
120        family='ubuntu-1204-lts'),
121    'ubuntu-14-04': ImageAlias(
122        project='ubuntu-os-cloud',
123        name_prefix='ubuntu-1404-trusty',
124        family='ubuntu-1404-lts'),
125    'windows-2008-r2': ImageAlias(
126        project='windows-cloud',
127        name_prefix='windows-server-2008-r2',
128        family='windows-2008-r2'),
129    'windows-2012-r2': ImageAlias(
130        project='windows-cloud',
131        name_prefix='windows-server-2012-r2',
132        family='windows-2012-r2'),
133}
134
135# These are like IMAGE_ALIASES, but don't show up in the alias list.
136HIDDEN_IMAGE_ALIASES = {
137    'gae-builder-vm': ImageAlias(
138        project='goog-vmruntime-images',
139        name_prefix='gae-builder-vm',
140        family=None),
141    'opensuse-13': ImageAlias(
142        project='opensuse-cloud',
143        name_prefix='opensuse-13',
144        family=None),
145}
146
147WINDOWS_IMAGE_PROJECTS = [
148    'windows-cloud',
149    'windows-sql-cloud'
150]
151PUBLIC_IMAGE_PROJECTS = [
152    'centos-cloud',
153    'cos-cloud',
154    'debian-cloud',
155    'fedora-coreos-cloud',
156    'rhel-cloud',
157    'rhel-sap-cloud',
158    'suse-cloud',
159    'suse-sap-cloud',
160    'ubuntu-os-cloud',
161] + WINDOWS_IMAGE_PROJECTS
162PREVIEW_IMAGE_PROJECTS = []
163
164# SSH-related constants.
165SSH_KEYS_METADATA_KEY = 'ssh-keys'
166SSH_KEYS_LEGACY_METADATA_KEY = 'sshKeys'
167SSH_KEYS_BLOCK_METADATA_KEY = 'block-project-ssh-keys'
168MAX_METADATA_VALUE_SIZE_IN_BYTES = 262144
169SSH_KEY_TYPES = ('ssh-dss', 'ecdsa-sha2-nistp256', 'ssh-ed25519', 'ssh-rsa')
170
171_STORAGE_RO = 'https://www.googleapis.com/auth/devstorage.read_only'
172_LOGGING_WRITE = 'https://www.googleapis.com/auth/logging.write'
173_MONITORING_WRITE = 'https://www.googleapis.com/auth/monitoring.write'
174_MONITORING = 'https://www.googleapis.com/auth/monitoring'
175_SERVICE_CONTROL_SCOPE = 'https://www.googleapis.com/auth/servicecontrol'
176_SERVICE_MANAGEMENT_SCOPE = 'https://www.googleapis.com/auth/service.management.readonly'
177_SOURCE_REPOS = 'https://www.googleapis.com/auth/source.full_control'
178_SOURCE_REPOS_RO = 'https://www.googleapis.com/auth/source.read_only'
179_PUBSUB = 'https://www.googleapis.com/auth/pubsub'
180_STACKDRIVER_TRACE = 'https://www.googleapis.com/auth/trace.append'
181
182DEFAULT_SCOPES = sorted([
183    _STORAGE_RO, _LOGGING_WRITE, _MONITORING_WRITE, _SERVICE_CONTROL_SCOPE,
184    _SERVICE_MANAGEMENT_SCOPE, _PUBSUB, _STACKDRIVER_TRACE,
185])
186
187GKE_DEFAULT_SCOPES = sorted([
188    _STORAGE_RO,
189    _LOGGING_WRITE,
190    _MONITORING,
191    _SERVICE_CONTROL_SCOPE,
192    _SERVICE_MANAGEMENT_SCOPE,
193    _STACKDRIVER_TRACE,
194])
195
196DEPRECATED_SQL_SCOPE_MSG = """\
197DEPRECATION WARNING: https://www.googleapis.com/auth/sqlservice account scope
198and `sql` alias do not provide SQL instance management capabilities and have
199been deprecated. Please, use https://www.googleapis.com/auth/sqlservice.admin
200or `sql-admin` to manage your Google SQL Service instances.
201"""
202
203DEPRECATED_SCOPES_MESSAGES = DEPRECATED_SQL_SCOPE_MSG
204
205DEPRECATED_SCOPE_ALIASES = {'sql'}
206
207SCOPES = {
208    'bigquery': ['https://www.googleapis.com/auth/bigquery'],
209    'cloud-platform': ['https://www.googleapis.com/auth/cloud-platform'],
210    'cloud-source-repos': [_SOURCE_REPOS],
211    'cloud-source-repos-ro': [_SOURCE_REPOS_RO],
212    'compute-ro': ['https://www.googleapis.com/auth/compute.readonly'],
213    'compute-rw': ['https://www.googleapis.com/auth/compute'],
214    'default':
215        DEFAULT_SCOPES,
216    'gke-default':
217        GKE_DEFAULT_SCOPES,
218    'datastore': ['https://www.googleapis.com/auth/datastore'],
219    'logging-write': [_LOGGING_WRITE],
220    'monitoring': [_MONITORING],
221    'monitoring-read': ['https://www.googleapis.com/auth/monitoring.read'],
222    'monitoring-write': [_MONITORING_WRITE],
223    'service-control': [_SERVICE_CONTROL_SCOPE],
224    'service-management': [_SERVICE_MANAGEMENT_SCOPE],
225    'sql': ['https://www.googleapis.com/auth/sqlservice'],
226    'sql-admin': ['https://www.googleapis.com/auth/sqlservice.admin'],
227    'trace': [_STACKDRIVER_TRACE],
228    'storage-full': ['https://www.googleapis.com/auth/devstorage.full_control'],
229    'storage-ro': [_STORAGE_RO],
230    'storage-rw': ['https://www.googleapis.com/auth/devstorage.read_write'],
231    'taskqueue': ['https://www.googleapis.com/auth/taskqueue'],
232    'userinfo-email': ['https://www.googleapis.com/auth/userinfo.email'],
233    'pubsub': ['https://www.googleapis.com/auth/pubsub'],
234}
235
236
237def ScopesHelp():
238  """Returns the command help text markdown for scopes.
239
240  Returns:
241    The command help text markdown with scope intro text, aliases, and optional
242    notes and/or warnings.
243  """
244  aliases = []
245  for alias, value in sorted(six.iteritems(SCOPES)):
246    if alias in DEPRECATED_SCOPE_ALIASES:
247      alias = '{} (deprecated)'.format(alias)
248    aliases.append('{0} | {1}'.format(alias, value[0]))
249    for item in value[1:]:
250      aliases.append('| ' + item)
251  return """\
252SCOPE can be either the full URI of the scope or an alias. *default* scopes are
253assigned to all instances. Available aliases are:
254
255Alias | URI
256--- | ---
257{aliases}
258
259{scope_deprecation_msg}
260""".format(
261    aliases='\n'.join(aliases),
262    scope_deprecation_msg=DEPRECATED_SCOPES_MESSAGES)
263