Make manual adapter framework cloud-provider agnostic by moving PredefinedRole to GCP-specific interface (#2799)

GitOrigin-RevId: 1a1ef38828617466ef56ec15383f15d76559fc0e

Author: omerdemirok

sources/aws/apigateway-api-key.go

@@ -25,11 +25,6 @@ type apiGatewayKeyWrapper struct {
 	*Base
 }
 
-func (d *apiGatewayKeyWrapper) PredefinedRole() string {
-	// TODO: https://linear.app/overmind/issue/ENG-1526/ensure-the-manual-adapter-framework-is-cloud-provider-agnostic
-	return ""
-}
-
 // NewApiGatewayAPIKey creates a new apiGatewayKeyWrapper for AWS API Gateway API Key
 func NewApiGatewayAPIKey(client *apigateway.Client, accountID, region string) sources.SearchableListableWrapper {
 	return &apiGatewayKeyWrapper{

sources/aws/apigateway-stage.go

@@ -213,8 +213,3 @@ func convertGetStageOutputToStage(output *apigateway.GetStageOutput) types.Stage
 		Tags:                 output.Tags,
 	}
 }
-
-func (d *apiGatewayStageWrapper) PredefinedRole() string {
-	// TODO: https://linear.app/overmind/issue/ENG-1526/ensure-the-manual-adapter-framework-is-cloud-provider-agnostic
-	return ""
-}

sources/example/custom_searchable_listable.go

@@ -173,7 +173,3 @@ func (d *customComputeInstanceWrapper) IAMPermissions() []string {
 		"compute.instances.list",
 	}
 }
-
-func (d *customComputeInstanceWrapper) PredefinedRole() string {
-	return "roles/compute.viewer"
-}

sources/example/standard_searchable_listable.go

@@ -194,7 +194,3 @@ func (d *computeInstanceWrapper) IAMPermissions() []string {
 		"compute.instances.list",
 	}
 }
-
-func (d *computeInstanceWrapper) PredefinedRole() string {
-	return "roles/compute.viewer"
-}

sources/gcp/shared/base.go

@@ -11,8 +11,8 @@ import (
 // It adds the project ID and zone to the base struct
 // and makes them available to concrete wrapper implementations.
 type ZoneBase struct {
-	projectID string
-	zone      string
+	GCPBase
+	zone string
 
 	*shared.Base
 }
@@ -25,8 +25,10 @@ func NewZoneBase(
 	item shared.ItemType,
 ) *ZoneBase {
 	return &ZoneBase{
-		projectID: projectID,
-		zone:      zone,
+		GCPBase: GCPBase{
+			projectID: projectID,
+		},
+		zone: zone,
 		Base: shared.NewBase(
 			category,
 			item,
@@ -35,11 +37,6 @@ func NewZoneBase(
 	}
 }
 
-// ProjectID returns the project ID
-func (m *ZoneBase) ProjectID() string {
-	return m.projectID
-}
-
 // Zone returns the zone
 func (m *ZoneBase) Zone() string {
 	return m.zone
@@ -55,8 +52,8 @@ func (m *ZoneBase) DefaultScope() string {
 // It adds the project ID and region to the base struct
 // and makes them available to concrete wrapper implementations.
 type RegionBase struct {
-	projectID string
-	region    string
+	GCPBase
+	region string
 
 	*shared.Base
 }
@@ -69,8 +66,10 @@ func NewRegionBase(
 	item shared.ItemType,
 ) *RegionBase {
 	return &RegionBase{
-		projectID: projectID,
-		region:    region,
+		GCPBase: GCPBase{
+			projectID: projectID,
+		},
+		region: region,
 		Base: shared.NewBase(
 			category,
 			item,
@@ -79,11 +78,6 @@ func NewRegionBase(
 	}
 }
 
-// ProjectID returns the project ID
-func (m *RegionBase) ProjectID() string {
-	return m.projectID
-}
-
 // Region returns the region
 func (m *RegionBase) Region() string {
 	return m.region
@@ -99,7 +93,7 @@ func (m *RegionBase) DefaultScope() string {
 // It adds the project ID to the base struct
 // and makes them available to concrete wrapper implementations.
 type ProjectBase struct {
-	projectID string
+	GCPBase
 
 	*shared.Base
 }
@@ -111,7 +105,9 @@ func NewProjectBase(
 	item shared.ItemType,
 ) *ProjectBase {
 	return &ProjectBase{
-		projectID: projectID,
+		GCPBase: GCPBase{
+			projectID: projectID,
+		},
 		Base: shared.NewBase(
 			category,
 			item,
@@ -120,13 +116,20 @@ func NewProjectBase(
 	}
 }
 
-// ProjectID returns the project ID
-func (m *ProjectBase) ProjectID() string {
-	return m.projectID
-}
-
 // DefaultScope returns the default scope
 // Project ID is used to create the default scope.
 func (m *ProjectBase) DefaultScope() string {
 	return m.Scopes()[0]
 }
+
+type GCPBase struct {
+	projectID string
+}
+
+func (g *GCPBase) PredefinedRole() string {
+	panic("Predefined role not implemented")
+}
+
+func (g *GCPBase) ProjectID() string {
+	return g.projectID
+}

sources/gcp/shared/predefined-roles.go

@@ -1,5 +1,9 @@
 package shared
 
+type WithPredefinedRole interface {
+	PredefinedRole() string
+}
+
 type role struct {
 	Role           string
 	Link           string

sources/transformer.go

@@ -41,7 +41,6 @@ type Wrapper interface {
 	PotentialLinks() map[shared.ItemType]bool
 	AdapterMetadata() *sdp.AdapterMetadata
 	IAMPermissions() []string
-	PredefinedRole() string
 }
 
 // ListableWrapper defines an optional interface for resources that support listing.
@@ -826,18 +825,24 @@ func expectedSearchQueryFormat(keywords []ItemTypeLookups) string {
 
 // validatePredefinedRole validates that the wrapper's predefined role and IAM permissions are consistent
 func validatePredefinedRole(wrapper Wrapper) error {
-	predefinedRole := wrapper.PredefinedRole()
+	pdr, ok := wrapper.(gcpshared.WithPredefinedRole)
+	if !ok {
+		return fmt.Errorf("gcp predefined role not supported")
+	}
+
+	pRole := pdr.PredefinedRole()
+
 	iamPermissions := wrapper.IAMPermissions()
 
 	// Predefined role must be specified
-	if predefinedRole == "" {
+	if pRole == "" {
 		return fmt.Errorf("wrapper %s must specify a predefined role", wrapper.Type())
 	}
 
 	// Check if the predefined role exists in the map
-	role, exists := gcpshared.PredefinedRoles[predefinedRole]
+	role, exists := gcpshared.PredefinedRoles[pRole]
 	if !exists {
-		return fmt.Errorf("predefined role %s is not found in PredefinedRoles map", predefinedRole)
+		return fmt.Errorf("predefined role %s is not found in PredefinedRoles map", pRole)
 	}
 
 	// Check if all IAM permissions from the wrapper exist in the predefined role's IAMPermissions
@@ -850,7 +855,7 @@ func validatePredefinedRole(wrapper Wrapper) error {
 			}
 		}
 		if !found {
-			return fmt.Errorf("IAM permission %s from wrapper is not included in predefined role %s IAMPermissions", perm, predefinedRole)
+			return fmt.Errorf("IAM permission %s from wrapper is not included in predefined role %s IAMPermissions", perm, pRole)
 		}
 	}