modules/mu/clouds/google.rb in cloud-mu-3.1.5 vs modules/mu/clouds/google.rb in cloud-mu-3.1.6

@@ -50,10 +50,15 @@
       # @return [Array<Symbol>]
       def self.required_instance_methods
         [:url]
       end
 
+      # Is this a "real" cloud provider, or a stub like CloudFormation?
+      def self.virtual?
+        false
+      end
+
       # Most of our resource implementation +find+ methods have to mangle their
       # args to make sure they've extracted a project or location argument from
       # other available information. This does it for them.
       # @return [Hash]
       def self.findLocationArgs(**args)
@@ -335,10 +340,11 @@
 
       # Purge cloud-specific deploy meta-artifacts (SSH keys, resource groups,
       # etc)
       # @param deploy_id [MU::MommaCat]
       def self.cleanDeploy(deploy_id, credentials: nil, noop: false)
+        removeDeploySecretsAndRoles(deploy_id, noop: noop, credentials: credentials)
       end
 
       # Plant a Mu deploy secret into a storage bucket somewhere for so our kittens can consume it
       # @param deploy_id [String]: The deploy for which we're writing the secret
       # @param value [String]: The contents of the secret
@@ -546,11 +552,11 @@
             @@authorizers[credentials][scopes.to_s].fetch_access_token!
             @@default_project ||= MU::Cloud::Google.getGoogleMetaData("project/project-id")
             begin
               listRegions(credentials: credentials)
               listInstanceTypes(credentials: credentials)
-              listProjects(credentials)
+              listHabitats(credentials)
             rescue ::Google::Apis::ClientError
               MU.log "Found machine credentials #{@@svc_account_name}, but these don't appear to have sufficient permissions or scopes", MU::WARN, details: scopes
               @@authorizers.delete(credentials)
               return nil
             end
@@ -699,15 +705,23 @@
         }
         nil
       end
 
       # List all Google Cloud Platform projects available to our credentials
-      def self.listProjects(credentials = nil)
+      def self.listHabitats(credentials = nil)
         cfg = credConfig(credentials)
-        return [] if !cfg or !cfg['project']
+        return [] if !cfg
+        if cfg['restrict_to_habitats'] and cfg['restrict_to_habitats'].is_a?(Array)
+          cfg['restrict_to_habitats'] << cfg['project'] if cfg['project']
+          return cfg['restrict_to_habitats'].uniq
+        end
         result = MU::Cloud::Google.resource_manager(credentials: credentials).list_projects
         result.projects.reject! { |p| p.lifecycle_state == "DELETE_REQUESTED" }
-        result.projects.map { |p| p.project_id }
+        allprojects = result.projects.map { |p| p.project_id }
+        if cfg['ignore_habitats'] and cfg['ignore_habitats'].is_a?(Array)
+          allprojects.reject! { |p| cfg['ignore_habitats'].include?(p) }
+        end
+        allprojects
       end
 
       @@regions = {}
       # List all known Google Cloud Platform regions
       # @param us_only [Boolean]: Restrict results to United States only