chore(docs): firewall samples

Author: FrodoTheTrue

compute/firewall/createFirewallRule.js

@@ -0,0 +1,88 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/**
+ * Creates a simple firewall rule allowing for incoming HTTP and HTTPS access from the entire Internet.
+ *
+ * @param {string} projectId - project ID or project number of the Cloud project you want to use.
+ * @param {string} firewallRuleName - name of the rule that is created.
+ * @param {string} network - name of the network the rule will be applied to. Available name formats:
+ *  https://www.googleapis.com/compute/v1/projects/{project_id}/global/networks/{network}
+ *  projects/{project_id}/global/networks/{network}
+ *  global/networks/{network}
+ */
+function main(
+  projectId,
+  firewallRuleName,
+  networkName = 'global/networks/default'
+) {
+  // [START compute_firewall_create]
+  /**
+   * TODO(developer): Uncomment and replace these variables before running the sample.
+   */
+  // const projectId = 'YOUR_PROJECT_ID';
+  // const firewallRuleName = 'YOUR_FIREWALL_RULE_NAME'
+  // const networkName = 'global/networks/default'
+
+  const compute = require('@google-cloud/compute');
+  const compute_protos = compute.protos.google.cloud.compute.v1;
+
+  async function createFirewallRule() {
+    const firewallsClient = new compute.FirewallsClient();
+    const operationsClient = new compute.GlobalOperationsClient();
+
+    const firewallRule = new compute_protos.Firewall();
+    firewallRule.name = firewallRuleName;
+    firewallRule.direction = compute_protos.Firewall.Direction.INGRESS;
+    firewallRule.allowed = [
+      {
+        IPProtocol: 'tcp',
+        ports: ['80', '443'],
+      },
+    ];
+    firewallRule.targetTags = ['web'];
+    firewallRule.network = networkName;
+    firewallRule.description =
+      'Allowing TCP traffic on port 80 and 443 from Internet.';
+
+    // Note that the default value of priority for the firewall API is 1000.
+    // If you check the value of `firewallRule.priority` at this point it
+    // will be equal to null, however it is not treated as "set" by the library and thus
+    // the default will be applied to the new rule. If you want to create a rule that
+    // has priority == 0, you need to explicitly set it so:
+
+    // firewallRule.priority = 0
+
+    const [response] = await firewallsClient.insert({
+      project: projectId,
+      firewallResource: firewallRule,
+    });
+    let operation = response.latestResponse;
+
+    // Wait for the create operation to complete.
+    while (operation.status !== 'DONE') {
+      [operation] = await operationsClient.wait({
+        operation: operation.name,
+        project: projectId,
+      });
+    }
+
+    console.log('Firewall rule created');
+  }
+
+  createFirewallRule();
+  // [END compute_firewall_create]
+}
+
+main(...process.argv.slice(2));

compute/firewall/deleteFirewallRule.js

@@ -0,0 +1,56 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/**
+ * Deletes a firewall rule from the project.
+ *
+ * @param {string} projectId - project ID or project number of the Cloud project you want to use.
+ * @param {string} firewallRuleName - name of the rule you want to modify.
+ */
+function main(projectId, firewallRuleName) {
+  // [START compute_firewall_delete]
+  /**
+   * TODO(developer): Uncomment and replace these variables before running the sample.
+   */
+  // const projectId = 'YOUR_PROJECT_ID';
+  // const firewallRuleName = 'FIREWALL_RULE_NAME';
+
+  const compute = require('@google-cloud/compute');
+
+  async function deleteFirewallRule() {
+    const firewallsClient = new compute.FirewallsClient();
+    const operationsClient = new compute.GlobalOperationsClient();
+
+    const [response] = await firewallsClient.delete({
+      project: projectId,
+      firewall: firewallRuleName,
+    });
+    let operation = response.latestResponse;
+
+    // Wait for the create operation to complete.
+    while (operation.status !== 'DONE') {
+      [operation] = await operationsClient.wait({
+        operation: operation.name,
+        project: projectId,
+      });
+    }
+
+    console.log('Firewall rule deleted');
+  }
+
+  deleteFirewallRule();
+  // [END compute_firewall_delete]
+}
+
+main(...process.argv.slice(2));

compute/firewall/listFirewallRules.js

@@ -0,0 +1,45 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/**
+ * Prints a list of all firewall rules in specified project.
+ *
+ * @param {string} projectId - project ID or project number of the Cloud project you want to use.
+ */
+function main(projectId) {
+  // [START compute_firewall_list]
+  /**
+   * TODO(developer): Uncomment and replace these variables before running the sample.
+   */
+  // const projectId = 'YOUR_PROJECT_ID';
+
+  const compute = require('@google-cloud/compute');
+
+  async function listFirewallRules() {
+    const firewallsClient = new compute.FirewallsClient();
+
+    const [firewallRules] = await firewallsClient.list({
+      project: projectId,
+    });
+
+    for (const rule of firewallRules) {
+      console.log(` - ${rule.name}: ${rule.description}`);
+    }
+  }
+
+  listFirewallRules();
+  // [END compute_firewall_list]
+}
+
+main(...process.argv.slice(2));

compute/firewall/patchFirewallPriority.js

@@ -0,0 +1,65 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/**
+ * Modifies the priority of a given firewall rule.
+ *
+ * @param {string} projectId - project ID or project number of the Cloud project you want to use.
+ * @param {string} firewallRuleName - name of the rule you want to modify.
+ * @param {number} priority - the new priority to be set for the rule.
+ */
+function main(projectId, firewallRuleName, priority = 10) {
+  // [START compute_firewall_patch]
+  /**
+   * TODO(developer): Uncomment and replace these variables before running the sample.
+   */
+  // const projectId = 'YOUR_PROJECT_ID';
+  // const firewallRuleName = 'FIREWALL_RULE_NAME';
+  // const priority = 10;
+
+  const compute = require('@google-cloud/compute');
+  const compute_protos = compute.protos.google.cloud.compute.v1;
+
+  async function patchFirewallPriority() {
+    const firewallsClient = new compute.FirewallsClient();
+    const operationsClient = new compute.GlobalOperationsClient();
+
+    const firewallRule = new compute_protos.Firewall();
+    firewallRule.priority = priority;
+
+    // The patch operation doesn't require the full definition of a Firewall object. It will only update
+    // the values that were set in it, in this case it will only change the priority.
+    const [response] = await firewallsClient.patch({
+      project: projectId,
+      firewall: firewallRuleName,
+      firewallResource: firewallRule,
+    });
+    let operation = response.latestResponse;
+
+    // Wait for the create operation to complete.
+    while (operation.status !== 'DONE') {
+      [operation] = await operationsClient.wait({
+        operation: operation.name,
+        project: projectId,
+      });
+    }
+
+    console.log('Firewall rule updated');
+  }
+
+  patchFirewallPriority();
+  // [END compute_firewall_patch]
+}
+
+main(...process.argv.slice(2));

compute/test/samples.test.js

@@ -25,6 +25,7 @@ const {assert} = require('chai');
 
 const instancesClient = new compute.InstancesClient({fallback: 'rest'});
 const projectsClient = new compute.ProjectsClient({fallback: 'rest'});
+const firewallsClient = new compute.FirewallsClient({fallback: 'rest'});
 
 const execSync = cmd => cp.execSync(cmd, {encoding: 'utf-8'});
 
@@ -313,4 +314,68 @@ describe('samples', () => {
       execSync(`node deleteInstance ${projectId} ${zone} ${newInstanceName}`);
     });
   });
+
+  describe('firewall', () => {
+    it('should create and delete firewall rule', async () => {
+      const projectId = await instancesClient.getProjectId();
+      const firewallRuleName = `test-firewall-rule-${uuid.v4().split('-')[0]}`;
+
+      let output = execSync(
+        `node firewall/createFirewallRule ${projectId} ${firewallRuleName}`
+      );
+      assert.match(output, /Firewall rule created/);
+
+      output = execSync(
+        `node firewall/deleteFirewallRule ${projectId} ${firewallRuleName}`
+      );
+      assert.match(output, /Firewall rule deleted/);
+    });
+
+    it('should list firewall rules', async () => {
+      const projectId = await instancesClient.getProjectId();
+      const firewallRuleName = `test-firewall-rule-${uuid.v4().split('-')[0]}`;
+
+      execSync(
+        `node firewall/createFirewallRule ${projectId} ${firewallRuleName}`
+      );
+      const output = execSync(`node firewall/listFirewallRules ${projectId}`);
+      assert.isTrue(output.includes(`- ${firewallRuleName}:`));
+
+      execSync(
+        `node firewall/deleteFirewallRule ${projectId} ${firewallRuleName}`
+      );
+    });
+
+    it('should patch firewall rule', async () => {
+      const projectId = await instancesClient.getProjectId();
+      const firewallRuleName = `test-firewall-rule-${uuid.v4().split('-')[0]}`;
+
+      execSync(
+        `node firewall/createFirewallRule ${projectId} ${firewallRuleName}`
+      );
+
+      let [firewallRule] = await firewallsClient.get({
+        project: projectId,
+        firewall: firewallRuleName,
+      });
+
+      assert.equal(firewallRule.priority, 1000);
+
+      const output = execSync(
+        `node firewall/patchFirewallPriority ${projectId} ${firewallRuleName} 500`
+      );
+      assert.match(output, /Firewall rule updated/);
+
+      [firewallRule] = await firewallsClient.get({
+        project: projectId,
+        firewall: firewallRuleName,
+      });
+
+      assert.equal(firewallRule.priority, 500);
+
+      execSync(
+        `node firewall/deleteFirewallRule ${projectId} ${firewallRuleName}`
+      );
+    });
+  });
 });