Version information
This version is compatible with:
- , , , , , ,
Tasks:
- upload
Start using this module
Add this module to your Puppetfile:
mod 'google-gstorage', '0.3.0'Learn more about managing modules with a PuppetfileDocumentation
Google Cloud Storage Puppet Module
Table of Contents
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with Google Cloud Storage
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
Module Description
This Puppet module manages the resource of Google Cloud Storage. You can manage its resources using standard Puppet DSL and the module will, under the hood, ensure the state described will be reflected in the Google Cloud Platform resources.
Setup
To install this module on your Puppet Master (or Puppet Client/Agent), use the Puppet module installer:
puppet module install google-gstorage
Optionally you can install support to all Google Cloud Platform products at
once by installing our "bundle" google-cloud module:
puppet module install google-cloud
Since this module depends on the googleauth and google-api-client gems,
you will also need to install those, with
/opt/puppetlabs/puppet/bin/gem install googleauth google-api-client
If you prefer, you could also add the following to your puppet manifest:
package { [
'googleauth',
'google-api-client',
]:
ensure => present,
provider => puppet_gem,
}
Usage
Credentials
All Google Cloud Platform modules use an unified authentication mechanism,
provided by the google-gauth module. Don't worry, it is automatically
installed when you install this module.
gauth_credential { 'mycred':
path => $cred_path, # e.g. '/home/nelsonjr/my_account.json'
provider => serviceaccount,
scopes => [
'https://www.googleapis.com/auth/devstorage.full_control',
],
}
Please refer to the google-gauth module for further requirements, i.e.
required gems.
Examples
gstorage_bucket
# This is a simple example of a bucket creation/ensure existence. If you want a
# more thorough setup of its ACL please refer to 'examples/bucket~acl.pp'
# manifest.
gstorage_bucket { 'puppet-storage-module-test':
ensure => present,
project => $project, # e.g. 'my-test-project'
credential => 'mycred',
}
gstorage_bucket_access_control
# Bucket Access Control requires a bucket. Please ensure its existence with
# the gstorage_bucket { ... } resource
gstorage_bucket_access_control { 'user-nelsona@google.com':
bucket => 'puppet-storage-module-test',
entity => 'user-nelsona@google.com',
role => 'WRITER',
project => $project, # e.g. 'my-test-project'
credential => 'mycred',
}
gstorage_object_access_control
# Object Access Control requires a bucket. Please ensure its existence with
# the gstorage_bucket { ... } resource. The object does not have to exist.
gstorage_object_access_control { 'user-nelsona@google.com':
bucket => 'puppet-storage-module-test',
object => 'acl-controlled-file.txt'
entity => 'user-nelsona@google.com',
role => 'WRITER',
project => $project, # e.g. 'my-test-project'
credential => 'mycred',
}
gstorage_default_object_acl
# Default Object ACLs require a bucket. Please ensure its existence with
# the gstorage_bucket { ... } resource
gstorage_default_object_acl { 'user-nelsona@google.com':
bucket => 'puppet-storage-module-test',
entity => 'user-nelsona@google.com',
role => 'READER',
project => $project, # e.g. 'my-test-project'
credential => 'mycred',
}
Classes
Public classes
gstorage_bucket: The Buckets resource represents a bucket in Google Cloud Storage. There is a single global namespace shared by all buckets. For more information, see Bucket Name Requirements. Buckets contain objects which can be accessed by their own methods. In addition to the acl property, buckets contain bucketAccessControls, for use in fine-grained manipulation of an existing bucket's access controls. A bucket is always owned by the project team owners group.gstorage_bucket_access_control: The BucketAccessControls resource represents the Access Control Lists (ACLs) for buckets within Google Cloud Storage. ACLs let you specify who has access to your data and to what extent. There are three roles that can be assigned to an entity: READERs can get the bucket, though no acl property will be returned, and list the bucket's objects. WRITERs are READERs, and they can insert objects into the bucket and delete the bucket's objects. OWNERs are WRITERs, and they can get the acl property of a bucket, update a bucket, and call all BucketAccessControls methods on the bucket. For more information, see Access Control, with the caveat that this API uses READER, WRITER, and OWNER instead of READ, WRITE, and FULL_CONTROL.gstorage_object_access_control: The ObjectAccessControls resources represent the Access Control Lists (ACLs) for objects within Google Cloud Storage. ACLs let you specify who has access to your data and to what extent. There are two roles that can be assigned to an entity: READERs can get an object, though the acl property will not be revealed. OWNERs are READERs, and they can get the acl property, update an object, and call all objectAccessControls methods on the object. The owner of an object is always an OWNER. For more information, see Access Control, with the caveat that this API uses READER and OWNER instead of READ and FULL_CONTROL.gstorage_default_object_acl: The ObjectAccessControls resources represent the Access Control Lists (ACLs) for objects within Google Cloud Storage. ACLs let you specify who has access to your data and to what extent. There are two roles that can be assigned to an entity: READERs can get an object, though the acl property will not be revealed. OWNERs are READERs, and they can get the acl property, update an object, and call all objectAccessControls methods on the object. The owner of an object is always an OWNER. For more information, see Access Control, with the caveat that this API uses READER and OWNER instead of READ and FULL_CONTROL.
About output only properties
Some fields are output-only. It means you cannot set them because they are provided by the Google Cloud Platform. Yet they are still useful to ensure the value the API is assigning (or has assigned in the past) is still the value you expect.
For example in a DNS the name servers are assigned by the Google Cloud DNS service. Checking these values once created is useful to make sure your upstream and/or root DNS masters are in sync. Or if you decide to use the object ID, e.g. the VM unique ID, for billing purposes. If the VM gets deleted and recreated it will have a different ID, despite the name being the same. If that detail is important to you you can verify that the ID of the object did not change by asserting it in the manifest.
Parameters
gstorage_bucket
The Buckets resource represents a bucket in Google Cloud Storage. There is a single global namespace shared by all buckets. For more information, see Bucket Name Requirements.
Buckets contain objects which can be accessed by their own methods. In addition to the acl property, buckets contain bucketAccessControls, for use in fine-grained manipulation of an existing bucket's access controls.
A bucket is always owned by the project team owners group.
Example
# This is a simple example of a bucket creation/ensure existence. If you want a
# more thorough setup of its ACL please refer to 'examples/bucket~acl.pp'
# manifest.
gstorage_bucket { 'puppet-storage-module-test':
ensure => present,
project => $project, # e.g. 'my-test-project'
credential => 'mycred',
}
Reference
gstorage_bucket { 'id-of-resource':
acl => [
{
bucket => reference to gstorage_bucket,
domain => string,
email => string,
entity => string,
entity_id => string,
id => string,
role => 'OWNER', 'READER' or 'WRITER',
project_team => {
team => 'editors', 'owners' or 'viewers',
project_number => string,
},
},
...
],
cors => [
{
max_age_seconds => integer,
method => [
string,
...
],
origin => [
string,
...
],
response_header => [
string,
...
],
},
...
],
default_object_acl => [
{
bucket => reference to gstorage_bucket,
domain => string,
email => string,
entity => string,
entity_id => string,
generation => integer,
id => string,
object => string,
role => 'OWNER' or 'READER',
project_team => {
team => 'editors', 'owners' or 'viewers',
project_number => string,
},
},
...
],
id => string,
lifecycle => {
rule => [
{
action => {
storage_class => string,
type => 'Delete' or 'SetStorageClass',
},
condition => {
age_days => integer,
created_before => time,
is_live => boolean,
matches_storage_class => [
string,
...
],
num_newer_versions => integer,
},
},
...
],
},
location => string,
logging => {
log_bucket => string,
log_object_prefix => string,
},
metageneration => integer,
name => string,
owner => {
entity => string,
entity_id => string,
},
predefined_default_object_acl => 'authenticatedRead', 'bucketOwnerFullControl', 'bucketOwnerRead', 'private', 'projectPrivate' or 'publicRead',
storage_class => 'MULTI_REGIONAL', 'REGIONAL', 'STANDARD', 'NEARLINE', 'COLDLINE' or 'DURABLE_REDUCED_AVAILABILITY',
time_created => time,
updated => time,
versioning => {
enabled => boolean,
},
website => {
main_page_suffix => string,
not_found_page => string,
},
project_number => integer,
project => string,
credential => reference to gauth_credential,
}
acl
Access controls on the bucket.
acl[]/bucket
Required. The name of the bucket.
acl[]/domain
Output only. The domain associated with the entity.
acl[]/email
Output only. The email address associated with the entity.
acl[]/entity
Required. The entity holding the permission, in one of the following forms: user-userId user-email group-groupId group-email domain-domain project-team-projectId allUsers allAuthenticatedUsers Examples: The user liz@example.com would be user-liz@example.com. The group example@googlegroups.com would be group-example@googlegroups.com. To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
acl[]/entity_id
The ID for the entity
acl[]/id
Output only. The ID of the access-control entry.
acl[]/project_team
The project team associated with the entity
acl[]/project_team/project_number
The project team associated with the entity
acl[]/project_team/team
The team.
acl[]/role
The access permission for the entity.
cors
The bucket's Cross-Origin Resource Sharing (CORS) configuration.
cors[]/max_age_seconds
The value, in seconds, to return in the Access-Control-Max-Age header used in preflight responses.
cors[]/method
The list of HTTP methods on which to include CORS response headers, (GET, OPTIONS, POST, etc) Note: "*" is permitted in the list of methods, and means "any method".
cors[]/origin
The list of Origins eligible to receive CORS response headers. Note: "*" is permitted in the list of origins, and means "any Origin".
cors[]/response_header
The list of HTTP headers other than the simple response headers to give permission for the user-agent to share across domains.
default_object_acl
Default access controls to apply to new objects when no ACL is provided.
default_object_acl[]/bucket
Required. The name of the bucket.
default_object_acl[]/domain
Output only. The domain associated with the entity.
default_object_acl[]/email
Output only. The email address associated with the entity.
default_object_acl[]/entity
Required. The entity holding the permission, in one of the following forms: user-userId user-email group-groupId group-email domain-domain project-team-projectId allUsers allAuthenticatedUsers Examples: The user liz@example.com would be user-liz@example.com. The group example@googlegroups.com would be group-example@googlegroups.com. To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
default_object_acl[]/entity_id
The ID for the entity
default_object_acl[]/generation
Output only. The content generation of the object, if applied to an object.
default_object_acl[]/id
Output only. The ID of the access-control entry.
default_object_acl[]/object
The name of the object, if applied to an object.
default_object_acl[]/project_team
The project team associated with the entity
default_object_acl[]/project_team/project_number
The project team associated with the entity
default_object_acl[]/project_team/team
The team.
default_object_acl[]/role
The access permission for the entity.
lifecycle
The bucket's lifecycle configuration. See https://developers.google.com/storage/docs/lifecycle for more information.
lifecycle/rule
A lifecycle management rule, which is made of an action to take and the condition(s) under which the action will be taken.
lifecycle/rule[]/action
The action to take.
lifecycle/rule[]/action/storage_class
Target storage class. Required iff the type of the action is SetStorageClass.
lifecycle/rule[]/action/type
Type of the action. Currently, only Delete and SetStorageClass are supported.
lifecycle/rule[]/condition
The condition(s) under which the action will be taken.
lifecycle/rule[]/condition/age_days
Age of an object (in days). This condition is satisfied when an object reaches the specified age.
lifecycle/rule[]/condition/created_before
A date in RFC 3339 format with only the date part (for instance, "2013-01-15"). This condition is satisfied when an object is created before midnight of the specified date in UTC.
lifecycle/rule[]/condition/is_live
Relevant only for versioned objects. If the value is true, this condition matches live objects; if the value is false, it matches archived objects.
lifecycle/rule[]/condition/matches_storage_class
Objects having any of the storage classes specified by this condition will be matched. Values include MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, and DURABLE_REDUCED_AVAILABILITY.
lifecycle/rule[]/condition/num_newer_versions
Relevant only for versioned objects. If the value is N, this condition is satisfied when there are at least N versions (including the live version) newer than this version of the object.
location
The location of the bucket. Object data for objects in the bucket resides in physical storage within this region. Defaults to US. See the developer's guide for the authoritative list.
logging
The bucket's logging configuration, which defines the destination bucket and optional name prefix for the current bucket's logs.
logging/log_bucket
The destination bucket where the current bucket's logs should be placed.
logging/log_object_prefix
A prefix for log object names.
metageneration
The metadata generation of this bucket.
name
The name of the bucket
owner
The owner of the bucket. This is always the project team's owner group.
owner/entity
The entity, in the form project-owner-projectId.
owner/entity_id
Output only. The ID for the entity.
storage_class
The bucket's default storage class, used whenever no storageClass is specified for a newly-created object. This defines how objects in the bucket are stored and determines the SLA and the cost of storage. Values include MULTI_REGIONAL, REGIONAL, STANDARD, NEARLINE, COLDLINE, and DURABLE_REDUCED_AVAILABILITY. If this value is not specified when the bucket is created, it will default to STANDARD. For more information, see storage classes.
versioning
The bucket's versioning configuration.
versioning/enabled
While set to true, versioning is fully enabled for this bucket.
website
The bucket's website configuration, controlling how the service behaves when accessing bucket contents as a web site. See the Static Website Examples for more information.
website/main_page_suffix
If the requested object path is missing, the service will ensure the path has a trailing '/', append this suffix, and attempt to retrieve the resulting object. This allows the creation of index.html objects to represent directory pages.
website/not_found_page
If the requested object path is missing, and any mainPageSuffix object is missing, if applicable, the service will return the named object from this bucket as the content for a 404 Not Found result.
project
A valid API project identifier.
predefined_default_object_acl
Apply a predefined set of default object access controls to this bucket. Acceptable values are:
- "authenticatedRead": Object owner gets OWNER access, and allAuthenticatedUsers get READER access.
- "bucketOwnerFullControl": Object owner gets OWNER access, and project team owners get OWNER access.
- "bucketOwnerRead": Object owner gets OWNER access, and project team owners get READER access.
- "private": Object owner gets OWNER access.
- "projectPrivate": Object owner gets OWNER access, and project team members get access according to their roles.
- "publicRead": Object owner gets OWNER access, and allUsers get READER access.
Output-only properties
-
id: Output only. The ID of the bucket. For buckets, the id and name properities are the same. -
project_number: Output only. The project number of the project the bucket belongs to. -
time_created: Output only. The creation time of the bucket in RFC 3339 format. -
updated: Output only. The modification time of the bucket in RFC 3339 format.
gstorage_bucket_access_control
The BucketAccessControls resource represents the Access Control Lists (ACLs) for buckets within Google Cloud Storage. ACLs let you specify who has access to your data and to what extent.
There are three roles that can be assigned to an entity:
READERs can get the bucket, though no acl property will be returned, and list the bucket's objects. WRITERs are READERs, and they can insert objects into the bucket and delete the bucket's objects. OWNERs are WRITERs, and they can get the acl property of a bucket, update a bucket, and call all BucketAccessControls methods on the bucket. For more information, see Access Control, with the caveat that this API uses READER, WRITER, and OWNER instead of READ, WRITE, and FULL_CONTROL.
Example
# Bucket Access Control requires a bucket. Please ensure its existence with
# the gstorage_bucket { ... } resource
gstorage_bucket_access_control { 'user-nelsona@google.com':
bucket => 'puppet-storage-module-test',
entity => 'user-nelsona@google.com',
role => 'WRITER',
project => $project, # e.g. 'my-test-project'
credential => 'mycred',
}
Reference
gstorage_bucket_access_control { 'id-of-resource':
bucket => reference to gstorage_bucket,
domain => string,
email => string,
entity => string,
entity_id => string,
id => string,
role => 'OWNER', 'READER' or 'WRITER',
project_team => {
team => 'editors', 'owners' or 'viewers',
project_number => string,
},
project => string,
credential => reference to gauth_credential,
}
bucket
Required. The name of the bucket.
entity
Required. The entity holding the permission, in one of the following forms: user-userId user-email group-groupId group-email domain-domain project-team-projectId allUsers allAuthenticatedUsers Examples: The user liz@example.com would be user-liz@example.com. The group example@googlegroups.com would be group-example@googlegroups.com. To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
entity_id
The ID for the entity
project_team
The project team associated with the entity
project_team/project_number
The project team associated with the entity
project_team/team
The team.
role
The access permission for the entity.
Output-only properties
-
domain: Output only. The domain associated with the entity. -
email: Output only. The email address associated with the entity. -
id: Output only. The ID of the access-control entry.
gstorage_object_access_control
The ObjectAccessControls resources represent the Access Control Lists (ACLs) for objects within Google Cloud Storage. ACLs let you specify who has access to your data and to what extent.
There are two roles that can be assigned to an entity:
READERs can get an object, though the acl property will not be revealed. OWNERs are READERs, and they can get the acl property, update an object, and call all objectAccessControls methods on the object. The owner of an object is always an OWNER. For more information, see Access Control, with the caveat that this API uses READER and OWNER instead of READ and FULL_CONTROL.
Example
# Object Access Control requires a bucket. Please ensure its existence with
# the gstorage_bucket { ... } resource. The object does not have to exist.
gstorage_object_access_control { 'user-nelsona@google.com':
bucket => 'puppet-storage-module-test',
object => 'acl-controlled-file.txt'
entity => 'user-nelsona@google.com',
role => 'WRITER',
project => $project, # e.g. 'my-test-project'
credential => 'mycred',
}
Reference
gstorage_object_access_control { 'id-of-resource':
bucket => reference to gstorage_bucket,
domain => string,
email => string,
entity => string,
entity_id => string,
generation => integer,
id => string,
object => string,
role => 'OWNER' or 'READER',
project_team => {
team => 'editors', 'owners' or 'viewers',
project_number => string,
},
project => string,
credential => reference to gauth_credential,
}
bucket
Required. The name of the bucket.
entity
Required. The entity holding the permission, in one of the following forms: user-userId user-email group-groupId group-email domain-domain project-team-projectId allUsers allAuthenticatedUsers Examples: The user liz@example.com would be user-liz@example.com. The group example@googlegroups.com would be group-example@googlegroups.com. To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
entity_id
The ID for the entity
object
Required. The name of the object, if applied to an object.
project_team
The project team associated with the entity
project_team/project_number
The project team associated with the entity
project_team/team
The team.
role
The access permission for the entity.
Output-only properties
-
domain: Output only. The domain associated with the entity. -
email: Output only. The email address associated with the entity. -
generation: Output only. The content generation of the object, if applied to an object. -
id: Output only. The ID of the access-control entry.
gstorage_default_object_acl
The ObjectAccessControls resources represent the Access Control Lists (ACLs) for objects within Google Cloud Storage. ACLs let you specify who has access to your data and to what extent.
There are two roles that can be assigned to an entity:
READERs can get an object, though the acl property will not be revealed. OWNERs are READERs, and they can get the acl property, update an object, and call all objectAccessControls methods on the object. The owner of an object is always an OWNER. For more information, see Access Control, with the caveat that this API uses READER and OWNER instead of READ and FULL_CONTROL.
Example
# Default Object ACLs require a bucket. Please ensure its existence with
# the gstorage_bucket { ... } resource
gstorage_default_object_acl { 'user-nelsona@google.com':
bucket => 'puppet-storage-module-test',
entity => 'user-nelsona@google.com',
role => 'READER',
project => $project, # e.g. 'my-test-project'
credential => 'mycred',
}
Reference
gstorage_default_object_acl { 'id-of-resource':
bucket => reference to gstorage_bucket,
domain => string,
email => string,
entity => string,
entity_id => string,
generation => integer,
id => string,
object => string,
role => 'OWNER' or 'READER',
project_team => {
team => 'editors', 'owners' or 'viewers',
project_number => string,
},
project => string,
credential => reference to gauth_credential,
}
bucket
Required. The name of the bucket.
entity
Required. The entity holding the permission, in one of the following forms: user-userId user-email group-groupId group-email domain-domain project-team-projectId allUsers allAuthenticatedUsers Examples: The user liz@example.com would be user-liz@example.com. The group example@googlegroups.com would be group-example@googlegroups.com. To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
entity_id
The ID for the entity
object
The name of the object, if applied to an object.
project_team
The project team associated with the entity
project_team/project_number
The project team associated with the entity
project_team/team
The team.
role
The access permission for the entity.
Output-only properties
-
domain: Output only. The domain associated with the entity. -
email: Output only. The email address associated with the entity. -
generation: Output only. The content generation of the object, if applied to an object. -
id: Output only. The ID of the access-control entry.
Bolt Tasks
tasks/upload.rb
Uploads a local file to Google Cloud Storage
This task takes inputs as JSON from standard input.
Arguments
-
name: The name of the remote file to upload -
type: The type of the remote file (in MIME notation) (default: 'application/octet-stream') -
source: The path to a local file to upload -
bucket: The target bucket to write the file to -
project: The project that owns the bucket -
credential: Path to a service account credentials file
Limitations
This module has been tested on:
- RedHat 6, 7
- CentOS 6, 7
- Debian 7, 8
- Ubuntu 12.04, 14.04, 16.04, 16.10
- SLES 11-sp4, 12-sp2
- openSUSE 13
- Windows Server 2008 R2, 2012 R2, 2012 R2 Core, 2016 R2, 2016 R2 Core
Testing on other platforms has been minimal and cannot be guaranteed.
Development
Automatically Generated Files
Some files in this package are automatically generated by Magic Modules.
We use a code compiler to produce this module in order to avoid repetitive tasks and improve code quality. This means all Google Cloud Platform Puppet modules use the same underlying authentication, logic, test generation, style checks, etc.
Learn more about the way to change autogenerated files by reading the CONTRIBUTING.md file.
Contributing
Contributions to this library are always welcome and highly encouraged.
See CONTRIBUTING.md for more information on how to get started.
Running tests
This project contains tests for rspec, rspec-puppet and rubocop to verify functionality. For detailed information on using these tools, please see their respective documentation.
Testing quickstart: Ruby > 2.0.0
gem install bundler
bundle install
bundle exec rspec
bundle exec rubocop
Debugging Tests
In case you need to debug tests in this module you can set the following variables to increase verbose output:
| Variable | Side Effect |
|---|---|
PUPPET_HTTP_VERBOSE=1 |
Prints network access information by Puppet provier. |
PUPPET_HTTP_DEBUG=1 |
Prints the payload of network calls being made. |
GOOGLE_HTTP_VERBOSE=1 |
Prints debug related to the network calls being made. |
GOOGLE_HTTP_DEBUG=1 |
Prints the payload of network calls being made. |
During test runs (using rspec) you can also set:
| Variable | Side Effect |
|---|---|
RSPEC_DEBUG=1 |
Prints debug related to the tests being run. |
RSPEC_HTTP_VERBOSE=1 |
Prints network expectations and access. |
What are tasks?
Modules can contain tasks that take action outside of a desired state managed by Puppet. It’s perfect for troubleshooting or deploying one-off changes, distributing scripts to run across your infrastructure, or automating changes that need to happen in a particular order as part of an application deployment.
Tasks in this module release
Dependencies
- google/gauth (>= 0.2.0 < 0.3.0)
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.