feat: .d.ts for protos (#197)

packages/google-cloud-asset/.eslintignore

@@ -2,3 +2,4 @@
 src/**/doc/*
 build/
 docs/
+protos/

packages/google-cloud-asset/src/v1/doc/google/iam/v1/doc_policy.js

@@ -20,27 +20,36 @@
  * specify access control policies for Cloud Platform resources.
  *
  *
- * A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- * `members` to a `role`, where the members can be user accounts, Google groups,
- * Google domains, and service accounts. A `role` is a named list of permissions
- * defined by IAM.
+ * A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ * `members` to a single `role`. Members can be user accounts, service accounts,
+ * Google groups, and domains (such as G Suite). A `role` is a named list of
+ * permissions (defined by IAM or configured by users). A `binding` can
+ * optionally specify a `condition`, which is a logic expression that further
+ * constrains the role binding based on attributes about the request and/or
+ * target resource.
  *
  * **JSON Example**
  *
  *     {
  *       "bindings": [
  *         {
- *           "role": "roles/owner",
+ *           "role": "role/resourcemanager.organizationAdmin",
  *           "members": [
  *             "user:mike@example.com",
  *             "group:admins@example.com",
  *             "domain:google.com",
- *             "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ *             "serviceAccount:my-project-id@appspot.gserviceaccount.com"
  *           ]
  *         },
  *         {
- *           "role": "roles/viewer",
- *           "members": ["user:sean@example.com"]
+ *           "role": "roles/resourcemanager.organizationViewer",
+ *           "members": ["user:eve@example.com"],
+ *           "condition": {
+ *             "title": "expirable access",
+ *             "description": "Does not grant access after Sep 2020",
+ *             "expression": "request.time <
+ *             timestamp('2020-10-01T00:00:00.000Z')",
+ *           }
  *         }
  *       ]
  *     }
@@ -52,12 +61,15 @@
  *       - user:mike@example.com
  *       - group:admins@example.com
  *       - domain:google.com
- *       - serviceAccount:my-other-app@appspot.gserviceaccount.com
- *       role: roles/owner
+ *       - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ *       role: roles/resourcemanager.organizationAdmin
  *     - members:
- *       - user:sean@example.com
- *       role: roles/viewer
- *
+ *       - user:eve@example.com
+ *       role: roles/resourcemanager.organizationViewer
+ *       condition:
+ *         title: expirable access
+ *         description: Does not grant access after Sep 2020
+ *         expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
  *
  * For a description of IAM and its features, see the
  * [IAM developer's guide](https://cloud.google.com/iam/docs).
@@ -68,12 +80,18 @@
  *   Valid values are 0, 1, and 3. Requests specifying an invalid value will be
  *   rejected.
  *
- *   Policies with any conditional bindings must specify version 3. Policies
- *   without any conditional bindings may specify any valid value or leave the
- *   field unset.
+ *   Operations affecting conditional bindings must specify version 3. This can
+ *   be either setting a conditional policy, modifying a conditional binding,
+ *   or removing a conditional binding from the stored conditional policy.
+ *   Operations on non-conditional policies may specify any valid value or
+ *   leave the field unset.
+ *
+ *   If no etag is provided in the call to `setIamPolicy`, any version
+ *   compliance checks on the incoming and/or stored policy is skipped.
  *
  * @property {Object[]} bindings
- *   Associates a list of `members` to a `role`.
+ *   Associates a list of `members` to a `role`. Optionally may specify a
+ *   `condition` that determines when binding is in effect.
  *   `bindings` with no members will result in an error.
  *
  *   This object should have the same structure as [Binding]{@link google.iam.v1.Binding}
@@ -88,7 +106,9 @@
  *   ensure that their change will be applied to the same version of the policy.
  *
  *   If no `etag` is provided in the call to `setIamPolicy`, then the existing
- *   policy is overwritten.
+ *   policy is overwritten. Due to blind-set semantics of an etag-less policy,
+ *   'setIamPolicy' will not fail even if either of incoming or stored policy
+ *   does not meet the version requirements.
  *
  * @typedef Policy
  * @memberof google.iam.v1

packages/google-cloud-asset/src/v1beta1/doc/google/iam/v1/doc_policy.js

@@ -20,27 +20,36 @@
  * specify access control policies for Cloud Platform resources.
  *
  *
- * A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- * `members` to a `role`, where the members can be user accounts, Google groups,
- * Google domains, and service accounts. A `role` is a named list of permissions
- * defined by IAM.
+ * A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ * `members` to a single `role`. Members can be user accounts, service accounts,
+ * Google groups, and domains (such as G Suite). A `role` is a named list of
+ * permissions (defined by IAM or configured by users). A `binding` can
+ * optionally specify a `condition`, which is a logic expression that further
+ * constrains the role binding based on attributes about the request and/or
+ * target resource.
  *
  * **JSON Example**
  *
  *     {
  *       "bindings": [
  *         {
- *           "role": "roles/owner",
+ *           "role": "role/resourcemanager.organizationAdmin",
  *           "members": [
  *             "user:mike@example.com",
  *             "group:admins@example.com",
  *             "domain:google.com",
- *             "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ *             "serviceAccount:my-project-id@appspot.gserviceaccount.com"
  *           ]
  *         },
  *         {
- *           "role": "roles/viewer",
- *           "members": ["user:sean@example.com"]
+ *           "role": "roles/resourcemanager.organizationViewer",
+ *           "members": ["user:eve@example.com"],
+ *           "condition": {
+ *             "title": "expirable access",
+ *             "description": "Does not grant access after Sep 2020",
+ *             "expression": "request.time <
+ *             timestamp('2020-10-01T00:00:00.000Z')",
+ *           }
  *         }
  *       ]
  *     }
@@ -52,12 +61,15 @@
  *       - user:mike@example.com
  *       - group:admins@example.com
  *       - domain:google.com
- *       - serviceAccount:my-other-app@appspot.gserviceaccount.com
- *       role: roles/owner
+ *       - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ *       role: roles/resourcemanager.organizationAdmin
  *     - members:
- *       - user:sean@example.com
- *       role: roles/viewer
- *
+ *       - user:eve@example.com
+ *       role: roles/resourcemanager.organizationViewer
+ *       condition:
+ *         title: expirable access
+ *         description: Does not grant access after Sep 2020
+ *         expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
  *
  * For a description of IAM and its features, see the
  * [IAM developer's guide](https://cloud.google.com/iam/docs).
@@ -68,12 +80,18 @@
  *   Valid values are 0, 1, and 3. Requests specifying an invalid value will be
  *   rejected.
  *
- *   Policies with any conditional bindings must specify version 3. Policies
- *   without any conditional bindings may specify any valid value or leave the
- *   field unset.
+ *   Operations affecting conditional bindings must specify version 3. This can
+ *   be either setting a conditional policy, modifying a conditional binding,
+ *   or removing a conditional binding from the stored conditional policy.
+ *   Operations on non-conditional policies may specify any valid value or
+ *   leave the field unset.
+ *
+ *   If no etag is provided in the call to `setIamPolicy`, any version
+ *   compliance checks on the incoming and/or stored policy is skipped.
  *
  * @property {Object[]} bindings
- *   Associates a list of `members` to a `role`.
+ *   Associates a list of `members` to a `role`. Optionally may specify a
+ *   `condition` that determines when binding is in effect.
  *   `bindings` with no members will result in an error.
  *
  *   This object should have the same structure as [Binding]{@link google.iam.v1.Binding}
@@ -88,7 +106,9 @@
  *   ensure that their change will be applied to the same version of the policy.
  *
  *   If no `etag` is provided in the call to `setIamPolicy`, then the existing
- *   policy is overwritten.
+ *   policy is overwritten. Due to blind-set semantics of an etag-less policy,
+ *   'setIamPolicy' will not fail even if either of incoming or stored policy
+ *   does not meet the version requirements.
  *
  * @typedef Policy
  * @memberof google.iam.v1

packages/google-cloud-asset/src/v1p2beta1/doc/google/iam/v1/doc_policy.js

@@ -20,27 +20,36 @@
  * specify access control policies for Cloud Platform resources.
  *
  *
- * A `Policy` consists of a list of `bindings`. A `binding` binds a list of
- * `members` to a `role`, where the members can be user accounts, Google groups,
- * Google domains, and service accounts. A `role` is a named list of permissions
- * defined by IAM.
+ * A `Policy` is a collection of `bindings`. A `binding` binds one or more
+ * `members` to a single `role`. Members can be user accounts, service accounts,
+ * Google groups, and domains (such as G Suite). A `role` is a named list of
+ * permissions (defined by IAM or configured by users). A `binding` can
+ * optionally specify a `condition`, which is a logic expression that further
+ * constrains the role binding based on attributes about the request and/or
+ * target resource.
  *
  * **JSON Example**
  *
  *     {
  *       "bindings": [
  *         {
- *           "role": "roles/owner",
+ *           "role": "role/resourcemanager.organizationAdmin",
  *           "members": [
  *             "user:mike@example.com",
  *             "group:admins@example.com",
  *             "domain:google.com",
- *             "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+ *             "serviceAccount:my-project-id@appspot.gserviceaccount.com"
  *           ]
  *         },
  *         {
- *           "role": "roles/viewer",
- *           "members": ["user:sean@example.com"]
+ *           "role": "roles/resourcemanager.organizationViewer",
+ *           "members": ["user:eve@example.com"],
+ *           "condition": {
+ *             "title": "expirable access",
+ *             "description": "Does not grant access after Sep 2020",
+ *             "expression": "request.time <
+ *             timestamp('2020-10-01T00:00:00.000Z')",
+ *           }
  *         }
  *       ]
  *     }
@@ -52,12 +61,15 @@
  *       - user:mike@example.com
  *       - group:admins@example.com
  *       - domain:google.com
- *       - serviceAccount:my-other-app@appspot.gserviceaccount.com
- *       role: roles/owner
+ *       - serviceAccount:my-project-id@appspot.gserviceaccount.com
+ *       role: roles/resourcemanager.organizationAdmin
  *     - members:
- *       - user:sean@example.com
- *       role: roles/viewer
- *
+ *       - user:eve@example.com
+ *       role: roles/resourcemanager.organizationViewer
+ *       condition:
+ *         title: expirable access
+ *         description: Does not grant access after Sep 2020
+ *         expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
  *
  * For a description of IAM and its features, see the
  * [IAM developer's guide](https://cloud.google.com/iam/docs).
@@ -68,12 +80,18 @@
  *   Valid values are 0, 1, and 3. Requests specifying an invalid value will be
  *   rejected.
  *
- *   Policies with any conditional bindings must specify version 3. Policies
- *   without any conditional bindings may specify any valid value or leave the
- *   field unset.
+ *   Operations affecting conditional bindings must specify version 3. This can
+ *   be either setting a conditional policy, modifying a conditional binding,
+ *   or removing a conditional binding from the stored conditional policy.
+ *   Operations on non-conditional policies may specify any valid value or
+ *   leave the field unset.
+ *
+ *   If no etag is provided in the call to `setIamPolicy`, any version
+ *   compliance checks on the incoming and/or stored policy is skipped.
  *
  * @property {Object[]} bindings
- *   Associates a list of `members` to a `role`.
+ *   Associates a list of `members` to a `role`. Optionally may specify a
+ *   `condition` that determines when binding is in effect.
  *   `bindings` with no members will result in an error.
  *
  *   This object should have the same structure as [Binding]{@link google.iam.v1.Binding}
@@ -88,7 +106,9 @@
  *   ensure that their change will be applied to the same version of the policy.
  *
  *   If no `etag` is provided in the call to `setIamPolicy`, then the existing
- *   policy is overwritten.
+ *   policy is overwritten. Due to blind-set semantics of an etag-less policy,
+ *   'setIamPolicy' will not fail even if either of incoming or stored policy
+ *   does not meet the version requirements.
  *
  * @typedef Policy
  * @memberof google.iam.v1

packages/google-cloud-asset/synth.metadata

@@ -1,19 +1,19 @@
 {
-  "updateTime": "2019-08-31T11:07:20.415455Z",
+  "updateTime": "2019-09-20T11:07:26.247263Z",
   "sources": [
     {
       "generator": {
         "name": "artman",
-        "version": "0.36.1",
-        "dockerImage": "googleapis/artman@sha256:7c20f006c7a62d9d782e2665647d52290c37a952ef3cd134624d5dd62b3f71bd"
+        "version": "0.36.3",
+        "dockerImage": "googleapis/artman@sha256:66ca01f27ef7dc50fbfb7743b67028115a6a8acf43b2d82f9fc826de008adac4"
       }
     },
     {
       "git": {
         "name": "googleapis",
         "remote": "https://github.com/googleapis/googleapis.git",
-        "sha": "82809578652607c8ee29d9e199c21f28f81a03e0",
-        "internalRef": "266247326"
+        "sha": "44e588d97e7497dff01107d39b6a19062f9a4ffa",
+        "internalRef": "270200097"
       }
     },
     {