Presubmit fixes

Author: dandye

datatap/delete_datatap.py

@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 
-# Copyright 2025 Google LLC
+# Copyright 2022 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

datatap/delete_datatap_test.py

@@ -1,4 +1,4 @@
-# Copyright 2025 Google LLC
+# Copyright 2022 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -62,4 +62,4 @@ def test_delete_datatap(self, mock_response, mock_session):
 
 if __name__ == "__main__":
   unittest.main()
-  
+  

datatap/list_datatap.py

@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 
-# Copyright 2025 Google LLC
+# Copyright 2022 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

datatap/update_datatap.py

@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 
-# Copyright 2025 Google LLC
+# Copyright 2022 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

detect/v1alpha/enable_rule.py

@@ -33,12 +33,11 @@
 import argparse
 import json
 from typing import Any, Mapping
-
+from google.auth.transport import requests
 from common import chronicle_auth
 from common import project_id
 from common import project_instance
 from common import regions
-from google.auth.transport import requests
 
 CHRONICLE_API_BASE_URL = "https://chronicle.googleapis.com"
 SCOPES = [
@@ -53,14 +52,15 @@ def enable_rule(
     proj_region: str,
     rule_id: str,
 ) -> Mapping[str, Any]:
-    """Enables a detection rule.
+  """Enables a detection rule.
 
   Args:
     http_session: Authorized session for HTTP requests.
     proj_id: GCP project id or number to which the target instance belongs.
     proj_instance: Customer ID (uuid with dashes) for the Chronicle instance.
     proj_region: region in which the target project is located.
-    rule_id: Unique ID of the detection rule to enable (in the format "ru_<UUID>").
+    rule_id: Unique ID of the detection rule to enable
+      (in the format "ru_<UUID>").
 
   Returns:
     Dictionary containing the rule's deployment information.
@@ -72,41 +72,41 @@ def enable_rule(
   Requires the following IAM permission on the parent resource:
   chronicle.rules.updateDeployment
   """
-    base_url_with_region = regions.url_always_prepend_region(
-        CHRONICLE_API_BASE_URL, proj_region)
-    parent = f"projects/{proj_id}/locations/{proj_region}/instances/{proj_instance}"
-    url = f"{base_url_with_region}/v1alpha/{parent}/rules/{rule_id}/deployment"
+  base_url_with_region = regions.url_always_prepend_region(
+      CHRONICLE_API_BASE_URL, proj_region)
+  parent = f"projects/{proj_id}/locations/{proj_region}/instances/{proj_instance}"
+  url = f"{base_url_with_region}/v1alpha/{parent}/rules/{rule_id}/deployment"
 
-    body = {
-        "enabled": True,  # Set to False to disable the rule
-    }
-    params = {"update_mask": "enabled"}
+  body = {
+      "enabled": True,  # Set to False to disable the rule
+  }
+  params = {"update_mask": "enabled"}
 
-    response = http_session.request("PATCH", url, params=params, json=body)
-    if response.status_code >= 400:
-        print(response.text)
-    response.raise_for_status()
+  response = http_session.request("PATCH", url, params=params, json=body)
+  if response.status_code >= 400:
+    print(response.text)
+  response.raise_for_status()
 
-    return response.json()
+  return response.json()
 
 
 if __name__ == "__main__":
-    parser = argparse.ArgumentParser()
-    # common
-    chronicle_auth.add_argument_credentials_file(parser)
-    project_instance.add_argument_project_instance(parser)
-    project_id.add_argument_project_id(parser)
-    regions.add_argument_region(parser)
-    # local
-    parser.add_argument("--rule_id",
-                        type=str,
-                        required=True,
-                        help='ID of rule to enable (format: "ru_<UUID>")')
-
-    args = parser.parse_args()
-
-    auth_session = chronicle_auth.initialize_http_session(
-        args.credentials_file, SCOPES)
-    result = enable_rule(auth_session, args.project_id, args.project_instance,
-                         args.region, args.rule_id)
-    print(json.dumps(result, indent=2))
+  parser = argparse.ArgumentParser()
+  # common
+  chronicle_auth.add_argument_credentials_file(parser)
+  project_instance.add_argument_project_instance(parser)
+  project_id.add_argument_project_id(parser)
+  regions.add_argument_region(parser)
+  # local
+  parser.add_argument("--rule_id",
+                      type=str,
+                      required=True,
+                      help='ID of rule to enable (format: "ru_<UUID>")')
+
+  args = parser.parse_args()
+
+  auth_session = chronicle_auth.initialize_http_session(
+      args.credentials_file, SCOPES)
+  result = enable_rule(auth_session, args.project_id, args.project_instance,
+                        args.region, args.rule_id)
+  print(json.dumps(result, indent=2))

detect/v2/disable_live_rule.py

@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 
-# Copyright 2025 Google LLC
+# Copyright 2021 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

detect/v2/list_curated_rule_detections.py

@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 
-# Copyright 2025 Google LLC
+# Copyright 2023 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

lists/list_lists.py

@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 
-# Copyright 2025 Google LLC
+# Copyright 2021 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

search/v1alpha/asset_events_find.py

@@ -52,18 +52,20 @@ def find_asset_events(http_session: requests.AuthorizedSession,
                       end_time: str,
                       reference_time: Optional[str] = None,
                       max_results: Optional[int] = None) -> None:
-    """Find asset events in Chronicle using the Legacy Find Asset Events API.
+  """Find asset events in Chronicle using the Legacy Find Asset Events API.
 
     Args:
         http_session: Authorized session for HTTP requests.
         proj_id: GCP project id or number to which the target instance belongs.
-        proj_instance: Customer ID (uuid with dashes) for the Chronicle instance.
+        proj_instance: Customer ID (uuid with dashes) for the instance.
         proj_region: region in which the target project is located.
-        asset_indicator: JSON string containing the asset indicator to search for.
+        asset_indicator: JSON str containing the asset indicator to search for.
         start_time: Start time in RFC3339 format (e.g., "2024-01-01T00:00:00Z").
         end_time: End time in RFC3339 format (e.g., "2024-01-02T00:00:00Z").
-        reference_time: Optional reference time in RFC3339 format for asset aliasing.
-        max_results: Optional maximum number of results to return (default: 10000, max: 250000).
+        reference_time: Optional reference time in RFC3339 format for
+          asset aliasing.
+        max_results: Optional maximum number of results to return
+          (default: 10000, max: 250000).
 
     Raises:
         requests.exceptions.HTTPError: HTTP request resulted in an error
@@ -73,100 +75,104 @@ def find_asset_events(http_session: requests.AuthorizedSession,
     Requires the following IAM permission on the instance resource:
     chronicle.legacies.legacyFindAssetEvents
     """
-    # Validate and parse the times to ensure they're in RFC3339 format
-    for time_str in [start_time, end_time, reference_time
-                    ] if reference_time else [start_time, end_time]:
-        try:
-            datetime.strptime(time_str, "%Y-%m-%dT%H:%M:%SZ")
-        except ValueError as e:
-            if "does not match format" in str(e):
-                raise ValueError(
-                    f"Time '{time_str}' must be in RFC3339 format (e.g., '2024-01-01T00:00:00Z')"
-                ) from e
-            raise
-
-    base_url_with_region = regions.url_always_prepend_region(
-        CHRONICLE_API_BASE_URL, proj_region)
-    instance = f"projects/{proj_id}/locations/{proj_region}/instances/{proj_instance}"
-    url = f"{base_url_with_region}/v1alpha/{instance}/legacy:legacyFindAssetEvents"
-
-    # Build query parameters
-    params = [
-        f"assetIndicator={asset_indicator}",
-        f"timeRange.startTime={start_time}", f"timeRange.endTime={end_time}"
-    ]
-
-    if reference_time:
-        params.append(f"referenceTime={reference_time}")
-
-    if max_results:
-        # Ensure max_results is within bounds
-        max_results = min(max(1, max_results), MAX_RESULTS_LIMIT)
-        params.append(f"maxResults={max_results}")
-
-    url = f"{url}?{'&'.join(params)}"
-
-    response = http_session.request("GET", url)
-    if response.status_code >= 400:
-        print(response.text)
-    response.raise_for_status()
-
-    result = response.json()
-    print(json.dumps(result, indent=2))
-
-    if result.get("more_data_available"):
-        print(
-            "\nWarning: More data is available but was not returned due to maxResults limit."
-        )
-
-    if result.get("uri"):
-        print("\nBackstory UI URLs:")
-        for uri in result["uri"]:
-            print(f"  {uri}")
-
-
-if __name__ == "__main__":
-    parser = argparse.ArgumentParser()
-    # common
-    chronicle_auth.add_argument_credentials_file(parser)
-    project_instance.add_argument_project_instance(parser)
-    project_id.add_argument_project_id(parser)
-    regions.add_argument_region(parser)
-    # local
-    parser.add_argument(
-        "--asset_indicator",
-        type=str,
-        required=True,
-        help=
-        "JSON string containing the asset indicator (e.g., '{\"hostname\": \"example.com\"}')"
-    )
-    parser.add_argument(
-        "--start_time",
-        type=str,
-        required=True,
-        help="Start time in RFC3339 format (e.g., '2024-01-01T00:00:00Z')")
-    parser.add_argument(
-        "--end_time",
-        type=str,
-        required=True,
-        help="End time in RFC3339 format (e.g., '2024-01-02T00:00:00Z')")
-    parser.add_argument(
-        "--reference_time",
-        type=str,
-        help="Optional reference time in RFC3339 format for asset aliasing")
-    parser.add_argument(
-        "--max_results",
-        type=int,
-        help=
-        f"Maximum number of results to return (default: {DEFAULT_MAX_RESULTS}, max: {MAX_RESULTS_LIMIT})"
+  # Validate and parse the times to ensure they're in RFC3339 format
+  for time_str in [start_time, end_time, reference_time
+                  ] if reference_time else [start_time, end_time]:
+    try:
+      datetime.strptime(time_str, "%Y-%m-%dT%H:%M:%SZ")
+    except ValueError as e:
+      if "does not match format" in str(e):
+        raise ValueError(
+            f"Time '{time_str}' must be in RFC3339 format "
+            "(e.g., '2024-01-01T00:00:00Z')"
+        ) from e
+      raise
+
+  base_url_with_region = regions.url_always_prepend_region(
+      CHRONICLE_API_BASE_URL, proj_region)
+  instance = f"projects/{proj_id}/locations/{proj_region}/instances/{proj_instance}"
+  url = f"{base_url_with_region}/v1alpha/{instance}/legacy:legacyFindAssetEvents"
+
+  # Build query parameters
+  params = [
+      f"assetIndicator={asset_indicator}", f"timeRange.startTime={start_time}",
+      f"timeRange.endTime={end_time}"
+  ]
+
+  if reference_time:
+    params.append(f"referenceTime={reference_time}")
+
+  if max_results:
+    # Ensure max_results is within bounds
+    max_results = min(max(1, max_results), MAX_RESULTS_LIMIT)
+    params.append(f"maxResults={max_results}")
+
+  url = f"{url}?{'&'.join(params)}"
+
+  response = http_session.request("GET", url)
+  if response.status_code >= 400:
+    print(response.text)
+  response.raise_for_status()
+
+  result = response.json()
+  print(json.dumps(result, indent=2))
+
+  if result.get("more_data_available"):
+    print(
+        "\nWarning: More data is available but was not returned due to "
+        "maxResults limit."
     )
 
-    args = parser.parse_args()
+  if result.get("uri"):
+    print("\nBackstory UI URLs:")
+    for uri in result["uri"]:
+      print(f"  {uri}")
 
-    auth_session = chronicle_auth.initialize_http_session(
-        args.credentials_file,
-        SCOPES,
-    )
-    find_asset_events(auth_session, args.project_id, args.project_instance,
-                      args.region, args.asset_indicator, args.start_time,
-                      args.end_time, args.reference_time, args.max_results)
+
+if __name__ == "__main__":
+  parser = argparse.ArgumentParser()
+  # common
+  chronicle_auth.add_argument_credentials_file(parser)
+  project_instance.add_argument_project_instance(parser)
+  project_id.add_argument_project_id(parser)
+  regions.add_argument_region(parser)
+  # local
+  parser.add_argument(
+      "--asset_indicator",
+      type=str,
+      required=True,
+      help=
+      "JSON string containing the asset indicator "
+      "(e.g., '{\"hostname\": \"example.com\"}')"
+  )
+  parser.add_argument(
+      "--start_time",
+      type=str,
+      required=True,
+      help="Start time in RFC3339 format (e.g., '2024-01-01T00:00:00Z')")
+  parser.add_argument(
+      "--end_time",
+      type=str,
+      required=True,
+      help="End time in RFC3339 format (e.g., '2024-01-02T00:00:00Z')")
+  parser.add_argument(
+      "--reference_time",
+      type=str,
+      help="Optional reference time in RFC3339 format for asset aliasing")
+  parser.add_argument(
+      "--max_results",
+      type=int,
+      help=
+      "Maximum number of results to return "
+      f"(default: {DEFAULT_MAX_RESULTS}, max: {MAX_RESULTS_LIMIT})"
+  )
+
+  args = parser.parse_args()
+
+  auth_session = chronicle_auth.initialize_http_session(
+      args.credentials_file,
+      SCOPES,
+  )
+  find_asset_events(auth_session, args.project_id, args.project_instance,
+                    args.region, args.asset_indicator, args.start_time,
+                    args.end_time, args.reference_time, args.max_results)

service_management/get_gcp_association.py

@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 
-# Copyright 2025 Google LLC
+# Copyright 2021 Google LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.