chore(samples): add delete protection samples (#696)

Co-authored-by: sofisl <[email protected]>
Co-authored-by: Jeffrey Rennie <[email protected]>
Co-authored-by: Benjamin E. Coe <[email protected]>

Author: 4 people

compute/instances/preventing-accidental-vm-deletion/createInstance.js

@@ -0,0 +1,97 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/**
+ * Sends an instance creation request to the Compute Engine API and wait for it to complete.
+ *
+ * @param {string} projectId - Project ID or project number of the Cloud project you want to use.
+ * @param {string} zone - Name of the zone you want to check, for example: us-west3-b
+ * @param {string} instanceName - Name of the new virtual machine.
+ * @param {string} deleteProtection - boolean value indicating if the new virtual machine should be
+ *    protected against deletion or not.
+ */
+
+function main(projectId, zone, instanceName, deleteProtection) {
+  // [START compute_delete_protection_create]
+  /**
+   * TODO(developer): Uncomment and replace these variables before running the sample.
+   */
+  // const projectId = 'YOUR_PROJECT_ID';
+  // const zone = 'europe-central2-b';
+  // const instanceName = 'YOUR_INSTANCE_NAME';
+  // const deleteProtection = true;
+
+  const compute = require('@google-cloud/compute');
+
+  // Send an instance creation request to the Compute Engine API and wait for it to complete.
+  async function createInstance() {
+    const instancesClient = new compute.InstancesClient();
+
+    const [response] = await instancesClient.insert({
+      project: projectId,
+      zone,
+      instanceResource: {
+        name: instanceName,
+        // Set the delete protection bit.
+        deletionProtection: deleteProtection,
+        disks: [
+          {
+            // Describe the size and source image of the boot disk to attach to the instance.
+            initializeParams: {
+              diskSizeGb: '10',
+              sourceImage:
+                'projects/debian-cloud/global/images/family/debian-10',
+            },
+            autoDelete: true,
+            boot: true,
+            type: 'PERSISTENT',
+          },
+        ],
+        machineType: `zones/${zone}/machineTypes/e2-small`,
+        networkInterfaces: [
+          {
+            // Use the default VPC network.
+            name: 'default',
+          },
+        ],
+      },
+    });
+    let operation = response.latestResponse;
+    const operationsClient = new compute.ZoneOperationsClient();
+
+    // Wait for the create operation to complete.
+    while (operation.status !== 'DONE') {
+      [operation] = await operationsClient.wait({
+        operation: operation.name,
+        project: projectId,
+        zone: operation.zone.split('/').pop(),
+      });
+    }
+
+    console.log('Instance created.');
+  }
+
+  createInstance();
+  // [END compute_delete_protection_create]
+}
+
+process.on('unhandledRejection', err => {
+  console.error(err.message);
+  process.exitCode = 1;
+});
+
+const args = process.argv.slice(2);
+args[3] = args[3] === 'true';
+
+main(...args);

compute/instances/preventing-accidental-vm-deletion/getDeleteProtection.js

@@ -0,0 +1,58 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/**
+ * Prints the state of delete protection flag of given instance.
+ *
+ * @param {string} projectId - Project ID or project number of the Cloud project you want to use.
+ * @param {string} zone - Name of the zone you want to check, for example: us-west3-b
+ * @param {string} instanceName - Name of the new virtual machine.
+ */
+
+function main(projectId, zone, instanceName) {
+  // [START compute_delete_protection_get]
+  /**
+   * TODO(developer): Uncomment and replace these variables before running the sample.
+   */
+  // const projectId = 'YOUR_PROJECT_ID';
+  // const zone = 'europe-central2-b';
+  // const instanceName = 'YOUR_INSTANCE_NAME';
+
+  const compute = require('@google-cloud/compute');
+
+  // Print the state of delete protection flag of given instance.
+  async function getDeleteProtection() {
+    const instancesClient = new compute.InstancesClient();
+
+    const [instance] = await instancesClient.get({
+      project: projectId,
+      zone,
+      instance: instanceName,
+    });
+
+    console.log(
+      `Instance ${instanceName} has deletionProtection value: ${instance.deletionProtection}`
+    );
+  }
+
+  getDeleteProtection();
+  // [END compute_delete_protection_get]
+}
+
+process.on('unhandledRejection', err => {
+  console.error(err.message);
+  process.exitCode = 1;
+});
+
+main(...process.argv.slice(2));

compute/instances/preventing-accidental-vm-deletion/setDeleteProtection.js

@@ -0,0 +1,75 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/**
+ * Updates the delete protection setting of given instance.
+ *
+ * @param {string} projectId - Project ID or project number of the Cloud project you want to use.
+ * @param {string} zone - Name of the zone you want to check, for example: us-west3-b
+ * @param {string} instanceName - Name of the new virtual machine.
+ * @param {string} deleteProtection - boolean value indicating if the new virtual machine should be
+ *    protected against deletion or not.
+ */
+
+function main(projectId, zone, instanceName, deleteProtection) {
+  // [START compute_delete_protection_set]
+  /**
+   * TODO(developer): Uncomment and replace these variables before running the sample.
+   */
+  // const projectId = 'YOUR_PROJECT_ID';
+  // const zone = 'europe-central2-b';
+  // const instanceName = 'YOUR_INSTANCE_NAME';
+  // const deleteProtection = True;
+
+  const compute = require('@google-cloud/compute');
+
+  // Update the delete protection setting of given instance.
+  async function setDeleteProtection() {
+    const instancesClient = new compute.InstancesClient();
+
+    const [response] = await instancesClient.setDeletionProtection({
+      project: projectId,
+      zone,
+      // Set the delete protection bit.
+      deletionProtection: deleteProtection,
+      resource: instanceName,
+    });
+    let operation = response.latestResponse;
+    const operationsClient = new compute.ZoneOperationsClient();
+
+    // Wait for the create operation to complete.
+    while (operation.status !== 'DONE') {
+      [operation] = await operationsClient.wait({
+        operation: operation.name,
+        project: projectId,
+        zone: operation.zone.split('/').pop(),
+      });
+    }
+
+    console.log('Instance updated.');
+  }
+
+  setDeleteProtection();
+  // [END compute_delete_protection_set]
+}
+
+process.on('unhandledRejection', err => {
+  console.error(err.message);
+  process.exitCode = 1;
+});
+
+const args = process.argv.slice(2);
+args[3] = args[3] === 'true';
+
+main(...args);

compute/test/preventAccidentalVMDeletion.test.js

@@ -0,0 +1,73 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+const compute = require('@google-cloud/compute');
+
+const {describe, it} = require('mocha');
+const cp = require('child_process');
+const {assert} = require('chai');
+
+const {generateTestId, getStaleVMInstances, deleteInstance} = require('./util');
+
+const instancesClient = new compute.InstancesClient();
+
+const execSync = cmd => cp.execSync(cmd, {encoding: 'utf-8'});
+
+describe('prevent accidental vm deletion tests', () => {
+  const instanceName = generateTestId();
+  const zone = 'europe-central2-b';
+
+  after(async () => {
+    const instances = await getStaleVMInstances();
+    await Promise.all(
+      instances.map(instance =>
+        deleteInstance(instance.zone, instance.instanceName)
+      )
+    );
+  });
+
+  it('should create instance and set delete protection', async () => {
+    const projectId = await instancesClient.getProjectId();
+
+    const outputCreate = execSync(
+      `node instances/preventing-accidental-vm-deletion/createInstance ${projectId} ${zone} ${instanceName} true`
+    );
+    assert.match(outputCreate, /Instance created./);
+
+    const outputGet = execSync(
+      `node instances/preventing-accidental-vm-deletion/getDeleteProtection ${projectId} ${zone} ${instanceName}`
+    );
+    assert.include(
+      outputGet,
+      `Instance ${instanceName} has deletionProtection value: true`
+    );
+
+    const outputSet = execSync(
+      `node instances/preventing-accidental-vm-deletion/setDeleteProtection ${projectId} ${zone} ${instanceName} false`
+    );
+    assert.include(outputSet, 'Instance updated.');
+
+    const outputGet2 = execSync(
+      `node instances/preventing-accidental-vm-deletion/getDeleteProtection ${projectId} ${zone} ${instanceName}`
+    );
+    assert.include(
+      outputGet2,
+      `Instance ${instanceName} has deletionProtection value: false`
+    );
+
+    execSync(`node deleteInstance ${projectId} ${zone} ${instanceName}`);
+  });
+});