feat(security-center): Add Resource v2 API Assets Security Marks Samples #3916
Conversation
|
🤖 I detect that the PR title and the commit message differ and there's only one commit. To use the PR title for the commit history, you can use Github's automerge feature with squashing, or use -- conventional-commit-lint bot |
product-auto-label
bot
added
api: securitycenter
|
Here is the summary of changes. You are about to add 3 region tags.
This comment is generated by snippet-bot.
|
…form/nodejs-docs-samples into security-marks-assets-v2 merge remote to local
feywind
left a comment
feywind
left a comment
There was a problem hiding this comment.
This generally looks fine, maybe just check on that exec() vs execSync() thing. Let's see if we can get someone closer to docs/samples to approve the rest of the way.
| parent: client.organizationPath(organizationId), | ||
| }); | ||
| const randomAsset = | ||
| assetResults[Math.floor(Math.random() * assetResults.length)].asset; |
There was a problem hiding this comment.
Seeing random() in a test makes me worry that it's going to end up being flaky, but I guess if all the items are more or less equivalent, should be okay.
|
|
||
| it('client can add and delete security marks', () => { | ||
| // Ensure marks are set. | ||
| exec(`node v2/addSecurityMarks.js ${data.assetName}`); |
There was a problem hiding this comment.
Addressed. Other tests were using the exec() method so I have used the same but I have updated it.
|
@gemini review |
![code-review-assist-experimental[bot]](https://avatars.githubusercontent.com/in/919852?s=60&v=4){kind=small}
There was a problem hiding this comment.
This pull request adds samples for the Security Center v2 API's Asset Security Marks in Node.js. The new samples demonstrate adding, deleting, and adding/deleting security marks. The changes also include updates to the system tests to incorporate these new functionalities. The implementation looks good overall, but I have a few suggestions to improve clarity, consistency, and robustness.
One improvement could be to add more comprehensive documentation in the README file for the security-center/snippets/v2 directory. This documentation should explain the purpose of each sample, how to run them, and the expected outcomes. It should also clearly outline the prerequisites, such as setting up a Security Center project and enabling the necessary APIs.
Additionally, the system tests could be enhanced by adding more assertions to validate the state of the security marks after each operation. This would ensure that the samples are functioning correctly and provide more confidence in the code's reliability.
| try { | ||
| /*eslint no-unused-vars: ["error", { "varsIgnorePattern": "^_" }]*/ | ||
| const [_response] = await client.createNotificationConfig({ | ||
| parent: orgName, | ||
| configId: configId, | ||
| notificationConfig: { | ||
| description: 'Sample config for node.js', | ||
| pubsubTopic: pubsubTopic, | ||
| streamingConfig: {filter: 'state = "ACTIVE"'}, | ||
| }, | ||
| }); | ||
| } catch (err) { | ||
| console.error(`Error creating config ${configId}:`, err.message); | ||
| } |
There was a problem hiding this comment.
Adding a try-catch block is a good practice for error handling. Consider adding more specific error handling within the try block to catch potential issues like incorrect input or network errors. This would make debugging easier and improve the robustness of the tests.
| await createNotificationConfig(deleteConfig); | ||
| await new Promise(resolve => setTimeout(resolve, 1000)); // 1-second delay | ||
| await createNotificationConfig(getConfig); | ||
| await new Promise(resolve => setTimeout(resolve, 1000)); // 1-second delay | ||
| await createNotificationConfig(listConfig); | ||
| await new Promise(resolve => setTimeout(resolve, 1000)); // 1-second delay | ||
| await createNotificationConfig(updateConfig); |
There was a problem hiding this comment.
Adding delays using setTimeout can make tests flaky and increase execution time. Consider using a more robust approach like polling or a dedicated testing library that provides utilities for waiting for asynchronous operations to complete.
| async function deleteNotificationConfig(configId) { | ||
| const name = client.organizationNotificationConfigPath( | ||
| organizationId, | ||
| configId | ||
| ); | ||
| await client.deleteNotificationConfig({name: name}); | ||
| try { | ||
| const name = client.organizationNotificationConfigPath( | ||
| organizationId, | ||
| configId | ||
| ); | ||
| await client.deleteNotificationConfig({name: name}); | ||
| } catch (err) { | ||
| console.error(`Error deleting config ${configId}:`, err.message); | ||
| } |
There was a problem hiding this comment.
Similar to the creation process, adding a try-catch block is good practice for error handling during deletion. Consider adding more specific error handling within the try block.
| await deleteNotificationConfig(createConfig); | ||
| await new Promise(resolve => setTimeout(resolve, 1000)); // 1-second delay | ||
| await deleteNotificationConfig(getConfig); | ||
| await new Promise(resolve => setTimeout(resolve, 1000)); // 1-second delay | ||
| await deleteNotificationConfig(listConfig); | ||
| await new Promise(resolve => setTimeout(resolve, 1000)); // 1-second delay | ||
| await deleteNotificationConfig(updateConfig); |
There was a problem hiding this comment.
Using setTimeout for delays can lead to flaky tests. Consider using a more robust approach like polling or a dedicated testing library for waiting for asynchronous operations.
| const {execSync} = require('child_process'); | ||
|
|
||
| // TODO(developers): update for your own environment | ||
| const organizationId = '1081635000895'; |
There was a problem hiding this comment.
The organization ID is hardcoded. Consider storing this in an environment variable or a configuration file to make the test more portable and avoid exposing sensitive information directly in the code.
| const organizationId = '1081635000895'; | |
| // Retrieve organization ID from environment variable | |
| const organizationId = process.env.ORGANIZATION_ID || 'YOUR_ORGANIZATION_ID'; | |
| if (!organizationId) { | |
| throw new Error('Environment variable ORGANIZATION_ID is not set.'); | |
| } |
| // assetName is the full resource path for the asset to update. | ||
| /* | ||
| * TODO(developer): Uncomment the following lines | ||
| */ | ||
| // Specify the value of 'assetName' in one of the following formats: | ||
| // `organizations/${org-id}/assets/${asset-id}`; | ||
| // `projects/${project-id}/assets/${asset-id}`; | ||
| // `folders/${folder-id}/assets/${asset-id}`; | ||
| // const assetName = "organizations/123123342/assets/12312321"; |
There was a problem hiding this comment.
The TODO comments suggest uncommenting lines to specify the asset name. It's better to provide clear instructions or examples on how to obtain and use the asset name rather than relying on commented-out code.
4 participants
Description
This PR adds v2 API Assets Security Marks Node js client samples to Add Security Marks, Delete Security Marks, Add Delete Security Marks.
Note: Before submitting a pull request, please open an issue for discussion if you are not associated with Google.
Checklist
npm test(see Testing)npm run lint(see Style)GoogleCloudPlatform/nodejs-docs-samples. Not a fork.