Skip to content

Greenfield: Implement direct KRM types, identity, and generate.sh for SecurityCenterManagementSecurityHealthAnalyticsCustomModule#11415

Open
ada-coder-bot wants to merge 6 commits into
GoogleCloudPlatform:masterfrom
ada-coder-bot:issue-11397-1783384470
Open

Greenfield: Implement direct KRM types, identity, and generate.sh for SecurityCenterManagementSecurityHealthAnalyticsCustomModule#11415
ada-coder-bot wants to merge 6 commits into
GoogleCloudPlatform:masterfrom
ada-coder-bot:issue-11397-1783384470

Conversation

@ada-coder-bot

Copy link
Copy Markdown
Collaborator

Greenfield implementation of direct KRM types, identity, and generate.sh for SecurityCenterManagementSecurityHealthAnalyticsCustomModule.

In this change, we:

  1. Scaffolded apis/securitycentermanagement/v1alpha1 directory and added doc.go, groupversion_info.go, and generate.sh.
  2. Implemented direct KRM types in apis/securitycentermanagement/v1alpha1/securitycentermanagementsecurityhealthanalyticscustommodule_types.go.
  3. Implemented identity interface with gcpurls.Template in apis/securitycentermanagement/v1alpha1/securitycentermanagementsecurityhealthanalyticscustommodule_identity.go.
  4. Implemented reference type and normalization logic in apis/securitycentermanagement/v1alpha1/securitycentermanagementsecurityhealthanalyticscustommodule_reference.go.
  5. Added unit tests for FromExternal identity parsing.
  6. Generated CRDs, clientsets, and static config files.

This PR was generated by the overseer,overseer,step/gen-types,greenfield agent (powered by the gemini-3.5-flash model).

Fixes #11397

@google-oss-prow

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign justinsb for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started investigating CI check failures for this pull request.

@ada-coder-bot ada-coder-bot force-pushed the issue-11397-1783384470 branch from 76b15ec to db2656f Compare July 7, 2026 01:27
@ada-coder-bot

Copy link
Copy Markdown
Collaborator Author

Investigating unit-tests failure

Run: 28834206997 (https://github.com/GoogleCloudPlatform/k8s-config-connector/actions/runs/28834206997/job/85514463081)
Name: unit-tests
Cause: Code Error
Details: Compilation failed in package github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct/securitycentermanagement because Expr_FromProto and Expr_ToProto (called by the generated mapper to translate google.type.Expr fields) were undefined in the package.
Action Taken: Implemented the missing handwritten mapper functions Expr_FromProto and Expr_ToProto in a new file pkg/controller/direct/securitycentermanagement/mapper.go.

Investigating run-linters failure

Run: 28834206997 (https://github.com/GoogleCloudPlatform/k8s-config-connector/actions/runs/28834206997/job/85514463062)
Name: run-linters
Cause: Code Error
Details: The custom linters check failed because analysis was skipped due to compilation errors in the securitycentermanagement direct controller package (caused by the missing/undefined Expr mapper functions).
Action Taken: Created pkg/controller/direct/securitycentermanagement/mapper.go to provide the required Expr mapper implementations.

Investigating license-lint failure

Run: 28834206997 (https://github.com/GoogleCloudPlatform/k8s-config-connector/actions/runs/28834206997/job/85514463141)
Name: license-lint
Cause: Code Error
Details: The license-lint task failed to download/build dependencies because the newly introduced client library cloud.google.com/go/securitycentermanagement was not added to the root go.mod file, which triggered an import lookup error when run under -mod=readonly.
Action Taken: Added the latest client library cloud.google.com/go/securitycentermanagement@v1.6.0 to the root go.mod and tidied up dependencies for both the main workspace and the mockgcp workspace.

(This report was generated by overseer)

@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started investigating CI check failures for this pull request.

@ada-coder-bot

Copy link
Copy Markdown
Collaborator Author

Investigating unit-tests failure

Run: 28835002981 (https://github.com/GoogleCloudPlatform/k8s-config-connector/actions/runs/28835002981/job/85516816065)
Name: unit-tests
Cause: Code Error
Details: The test TestCRDFieldPresenceInTestsForAlpha failed because the newly introduced SecurityCenterManagementSecurityHealthAnalyticsCustomModule CRD is not yet covered by any end-to-end test fixtures, and its fields were not documented in the alpha exceptions list.
Action Taken: Regenerated the alpha exceptions list tests/apichecks/testdata/exceptions/alpha-missingfields.txt.

Investigating validations failure

Run: 28835002962 (https://github.com/GoogleCloudPlatform/k8s-config-connector/actions/runs/28835002962/job/85516815673)
Name: validations
Cause: Code Error
Details: The validation job failed because the generated Go code was out of date. Specifically, the generated deepcopy methods for the reference type SecurityCenterManagementSecurityHealthAnalyticsCustomModuleRef were missing from apis/securitycentermanagement/v1alpha1/zz_generated.deepcopy.go.
Action Taken: Ran dev/tasks/generate-types-and-mappers to automatically generate the missing deepcopy methods.

Investigating validate-generated-files failure

Run: 28835002981 (https://github.com/GoogleCloudPlatform/k8s-config-connector/actions/runs/28835002981/job/85516816054)
Name: validate-generated-files
Cause: Code Error
Details: Failed because generated types were out of date.
Action Taken: Ran dev/tasks/generate-types-and-mappers to update the generated code.

Investigating unit-tests-operator failure

Run: 28835002981 (https://github.com/GoogleCloudPlatform/k8s-config-connector/actions/runs/28835002981/job/85516816057)
Name: unit-tests-operator
Cause: Code Error
Details: The test TestGoldenConfigConnector/simple failed because adding the new securitycentermanagement API group changed the operator's generated cluster roles for Admin and Viewer, resulting in unexpected diffs against the operator's simple golden files.
Action Taken: Regenerated the operator simple golden file operator/pkg/controllers/configconnector/testdata/golden/simple/_expected.yaml by running operator unit tests with WRITE_GOLDEN_OUTPUT=true.

(This report was generated by overseer)

@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started investigating CI check failures for this pull request.

@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started investigating CI check failures for this pull request.

@ada-coder-bot

Copy link
Copy Markdown
Collaborator Author

Investigating validate-generated-files failure

Run: 28837491557 (https://github.com/GoogleCloudPlatform/k8s-config-connector/actions/runs/28837491557/job/85524231793)
Name: validate-generated-files
Cause: Code Error
Details: The generated CRD analysis report files (docs/reports/crd_report.csv and docs/reports/crd_report.md) were out-of-date because they did not include the newly added SecurityCenterManagementSecurityHealthAnalyticsCustomModule Greenfield resource.
Action Taken: Regenerated the report files by running dev/tasks/generate-resource-report, amended the previous autogen commit with the updated files, and force-pushed upstream.

Investigating validations failure

Run: 28837491566 (https://github.com/GoogleCloudPlatform/k8s-config-connector/actions/runs/28837491566/job/85524231386)
Name: validations
Cause: Code Error
Details: The validation step failed because the generated CRD report files (docs/reports/crd_report.csv and docs/reports/crd_report.md) were out-of-date.
Action Taken: Regenerated the CRD report files and committed/pushed the updates.

(This report was generated by overseer)

@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started investigating CI check failures for this pull request.

@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started investigating CI check failures for this pull request.

@ada-coder-bot

Copy link
Copy Markdown
Collaborator Author

Investigating validations failure

Run: 28839458812 (https://github.com/GoogleCloudPlatform/k8s-config-connector/actions/runs/28839458812/job/85530226424)
Name: validations
Cause: Code Error
Details: The validation step failed because the generated Go clients for the newly added securitycentermanagement API group were out of date.
Action Taken: Regenerated the Go clients by running make generate-go-client ensure fmt, and pushed the updated files.

(This report was generated by overseer)

@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started investigating CI check failures for this pull request.

@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started resolving merge conflicts / rebasing this pull request in a sandbox.

@ada-coder-bot ada-coder-bot force-pushed the issue-11397-1783384470 branch from 4219006 to 9f05648 Compare July 10, 2026 08:26
@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started investigating CI check failures for this pull request.

@ada-coder-bot

Copy link
Copy Markdown
Collaborator Author

Investigating presubmit-gatekeeper failure

Run: 29079776353
Name: presubmit-gatekeeper
Cause: Infrastructure
Details: The run 29079776353 was automatically cancelled by GitHub Actions because a higher-priority run was triggered to supersede it. However, the subsequent unit-tests check would have failed due to an underlying test failure in TestCRDFieldPresenceInTestsForAlpha because the alpha exceptions file tests/apichecks/testdata/exceptions/alpha-missingfields.txt was outdated compared to the latest master branch (the saasservicemgmt fields are no longer missing in master).
Action Taken: Regenerated the alpha exceptions file and multi-version CRD diffs using WRITE_GOLDEN_OUTPUT=true go test ./tests/apichecks/.... Verified that all checks now compile and pass locally, committed the changes, and pushed them to the PR branch.

(This report was generated by overseer)

@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started investigating CI check failures for this pull request.

@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started resolving merge conflicts / rebasing this pull request in a sandbox.

@ada-coder-bot ada-coder-bot force-pushed the issue-11397-1783384470 branch from 7edcb1e to 81e19c5 Compare July 10, 2026 16:49
@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started resolving merge conflicts / rebasing this pull request in a sandbox.

1 similar comment
@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started resolving merge conflicts / rebasing this pull request in a sandbox.

@ada-coder-bot ada-coder-bot force-pushed the issue-11397-1783384470 branch from 81e19c5 to 37a7e92 Compare July 11, 2026 18:11
@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started investigating CI check failures for this pull request.

@ada-coder-bot

Copy link
Copy Markdown
Collaborator Author

Investigating tests-e2e-fixtures-dataplex failure

Run: 29162987707 (https://github.com/GoogleCloudPlatform/k8s-config-connector/actions/runs/29162987707/job/86573278651)
Name: tests-e2e-fixtures-dataplex
Cause: Flake
Details: The end-to-end fixture tests ran completely and passed successfully. However, the subsequent "Upload artifacts" standard GitHub Action step failed because of a network timeout (ETIMEDOUT) trying to communicate with GitHub's artifact storage endpoints. Since this is a transient infrastructure issue, the codebase and PR changes themselves are fully correct.
Action Taken: Attempted to rerun the failed job via the GitHub CLI, but the tool reported that admin rights to the repository are required to trigger reruns.

Investigating presubmit-gatekeeper failure

Run: 29162987707 (https://github.com/GoogleCloudPlatform/k8s-config-connector/actions/runs/29162987707/job/86575560552)
Name: presubmit-gatekeeper
Cause: Infrastructure
Details: The gatekeeper job failed because the tests-e2e-fixtures-dataplex run was marked as failed due to the "Upload artifacts" timeout. All actual code validation, linting, and unit-test checks in the suite passed.
Action Taken: None.

(This report was generated by overseer)

@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started resolving merge conflicts / rebasing this pull request in a sandbox.

@ada-coder-bot ada-coder-bot force-pushed the issue-11397-1783384470 branch from 37a7e92 to 6a06492 Compare July 11, 2026 20:44
@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started resolving merge conflicts / rebasing this pull request in a sandbox.

1 similar comment
@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started resolving merge conflicts / rebasing this pull request in a sandbox.

@ada-coder-bot ada-coder-bot force-pushed the issue-11397-1783384470 branch from 6a06492 to 978249e Compare July 12, 2026 03:06
@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started resolving merge conflicts / rebasing this pull request in a sandbox.

… SecurityCenterManagementSecurityHealthAnalyticsCustomModule

Implement direct KRM types, identity, and generate.sh for the Greenfield resource SecurityCenterManagementSecurityHealthAnalyticsCustomModule.

In this change, we:
1. Scaffolded apis/securitycentermanagement/v1alpha1 directory and added doc.go, groupversion_info.go, and generate.sh.
2. Implemented direct KRM types in apis/securitycentermanagement/v1alpha1/securitycentermanagementsecurityhealthanalyticscustommodule_types.go.
3. Implemented identity interface with gcpurls.Template in apis/securitycentermanagement/v1alpha1/securitycentermanagementsecurityhealthanalyticscustommodule_identity.go.
4. Implemented reference type and normalization logic in apis/securitycentermanagement/v1alpha1/securitycentermanagementsecurityhealthanalyticscustommodule_reference.go.
5. Added unit tests for FromExternal identity parsing.
6. Generated CRDs, clientsets, and static config files.

Fixes GoogleCloudPlatform#11397
@ada-coder-bot ada-coder-bot force-pushed the issue-11397-1783384470 branch from 978249e to 43b88fa Compare July 14, 2026 02:48
@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started resolving merge conflicts / rebasing this pull request in a sandbox.

1 similar comment
@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started resolving merge conflicts / rebasing this pull request in a sandbox.

@acpana acpana left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

address feedback

Comment on lines +32 to +34
// +kubebuilder:validation:Required
// The location of this resource.
Location string `json:"location"`

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

needs to be a pointer

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

revert changes to this file

@argus-watcher-bot

Copy link
Copy Markdown
Collaborator

🤖 AI Factory started addressing review feedback for this pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

greenfield Indicates implementation of a new resource (vs migration) overseer step/gen-types

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Greenfield: Implement direct KRM types, identity, and generate.sh for SecurityCenterManagementSecurityHealthAnalyticsCustomModule

3 participants