docs: kzb-01 add docs

.editorconfig

@@ -0,0 +1,50 @@
+# EditorConfig is awesome: http://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+[*]
+# Unix-style newlines at the bottom of every file
+end_of_line = lf
+charset = utf-8
+
+# indentation style and size
+indent_style = space
+indent_size = 2
+
+# Make sure every file has a blank line at the end
+insert_final_newline = true
+
+# Remove any whitespace characters preceding newline characters
+trim_trailing_whitespace = true
+
+# Give operators breathing room, but not brackets
+spaces_around_operators = true
+spaces_around_brackets = false
+
+# 4 space indentation
+[*.{py,java}]
+indent_size = 4
+
+[*.json]
+indent_size = 4
+
+# 2 space indentation
+[*.{js,html}]
+indent_size = 2
+
+[*.{tf}]
+indent_size = 2
+
+[*.rb]
+indent_size = 2
+
+[*.yml]
+indent_size = 2
+
+[*.yaml]
+indent_size = 2
+
+[*.{md}]
+indent_size = unset
+trim_trailing_whitespace = false

.github/CODEOWNERS

@@ -0,0 +1,5 @@
+# This is a comment. Each line is a file pattern followed by one or more owners.
+
+# These owners will be the default owners for everything in the repo. @oneanupam will be requested for review when someone opens a pull request.
+
+-       @oneanupam

.github/conventional-commit-lint.yaml

@@ -0,0 +1,5 @@
+# Config for GitHub App that ensures that commit messages and pull requests are based on conventionalcommits.org 
+# https://github.com/googleapis/repo-automation-bots/tree/main/packages/conventional-commit-lint
+
+enabled: true
+always_check_pr_title: true

.github/pull-request_template.md

@@ -0,0 +1,15 @@
+# Description
+Please include a short summary of the update made along with the context.
+
+## Checklist
+- [ ] Self-review of the code is performed.
+- [ ] Code has been fully tested and completely functional.
+
+## Type of Change
+- [ ] break: Resolved a breaking change. This will increment the major version.
+- [ ] feat: A new feature or enhancement added to the codebase. This will increment the minor version.
+- [ ] fix: A bug fix or correction to resolve an issue. This will increment the patch version.
+- [ ] chore: Other changes not directly affecting the code (e.g., documentation update). No version increment.
+
+## Reference
+https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/creating-a-pull-request-template-for-your-repository

.github/workflows/pull-request.yml

@@ -0,0 +1,40 @@
+name: Pull Request Checks
+
+on:
+  pull_request:
+    branches:
+      - master
+    types:
+      - opened
+      - synchronize
+      - reopened
+
+jobs:
+  pull-request-check:
+    runs-on: ubuntu-latest
+    steps:
+      # Checkout the repository code
+      - name: Code checkout
+        id: code_checkout
+        uses: actions/checkout@v4
+
+      # Check PR title prefix to ensure it follows the convention
+      - name: Check PR title prefix
+        run: |
+          echo "PR Title: '${{ github.event.pull_request.title }}'"
+
+          if [[ ! "${{ github.event.pull_request.title }}" =~ ^(ci|feat|fix|chore|docs|refactor): ]]; then
+            echo "❌ PR title must start with one of: ci:, feat:, fix:, chore:, docs:, refactor:"
+            exit 1
+          else
+            echo "✅ PR title is valid."
+          fi
+
+      # Scan the repo for any sensitive information like secrets etc
+      - name: Secret Scanning
+        uses: trufflesecurity/trufflehog@main
+        with:
+          path: ./ # Code repository path
+          base: "" # Start scanning from here
+          head: ${{ github.head_ref || github.ref_name }} # Scan commits until here
+          extra_args: --only-verified

.pre-commit-config.yaml

@@ -0,0 +1,17 @@
+# See https://pre-commit.com for more information
+# See https://pre-commit.com/hooks.html for more hooks
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.6.0
+    hooks:
+      - id: no-commit-to-branch
+        args: [--branch, main, --branch, master]
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+      - id: check-added-large-files
+      - id: detect-private-key
+  - repo: https://github.com/gitleaks/gitleaks
+    rev: v8.18.4
+    hooks:
+      - id: gitleaks

.vscode/extensions.json

@@ -0,0 +1,5 @@
+{
+    "recommendations": [
+        "EditorConfig.EditorConfig"
+    ]
+}

.vscode/settings.json

@@ -0,0 +1,5 @@
+{
+    "files.insertFinalNewline": true,
+    "files.trimTrailingWhitespace": true,
+    "files.trimFinalNewlines": true
+}

docs/usecases.md

@@ -0,0 +1,9 @@
+# GCP Common UseCases
+This document lists the most of the common use cases for which python scripts are written.
+
+1. Get all the unused external IP addresses reserved in a GCP project to save operational cost.
+2. [WIP] Get all the service account in a GCP project having service account keys.
+3. Get all the compute engines in a google cloud project having external IP address.
+4. Get all the unused compute disks in a google cloud project to save operational cost.
+5. Get all the projects in a GCP organization.
+6. Stop all the google compute engine instances based on a label association.

python/gcp-compute/get_compute_engine_list.py

@@ -0,0 +1,27 @@
+import argparse
+from google.cloud import compute_v1
+
+def get_compute_instances(project_id):
+    """ Prints all the google compute instances of a project """
+
+    instance_client = compute_v1.InstancesClient()
+
+    request = compute_v1.AggregatedListInstancesRequest()
+    request.project = project_id
+    request.max_results = 50
+
+    agg_list = instance_client.aggregated_list(request=request)
+
+    for zone, response in agg_list:
+        if response.instances:
+            for instance in response.instances:
+                print(f"Instance Name: {instance.name}, Instance ID: {instance.id}, Instance Zone: {zone}")
+
+def main():
+    parser = argparse.ArgumentParser()
+    parser.add_argument("project_id", help="Your Google Cloud project ID.")
+    args = parser.parse_args()
+    get_compute_instances(args.project_id)
+
+if __name__ == "__main__":
+    main()

python/gcp-compute/get_gce_metadata.py

@@ -0,0 +1,34 @@
+# Import the required python libraries
+import requests
+
+def get_instance_metadata(root_url, request_header, metadata_list):
+    """
+    This function returns the google compute instance metadata.
+
+    Note: You can query the contents of the metadata server by making a request to the root URLs from within 
+    a virtual machine instance. 
+    Use the http://metadata.google.internal/computeMetadata/v1/ root URL to make requests to metadata server.
+
+    Ref: https://cloud.google.com/compute/docs/metadata/overview#querying
+    """
+
+    for metadata in metadata_list:
+        try:
+            response = requests.get(root_url + metadata, headers=request_header)
+            print(response.text)
+        except Exception as error:
+            print(f'Error occurred: {error}')
+
+def main():
+    """
+    This main function calls the `get_instance_metadata` function to get google compute instance metadata.
+    """
+
+    root_url = "http://metadata.google.internal/computeMetadata/v1/"
+    request_header = {"Metadata-Flavor": "Google"}
+    metadata_list = ["instance/hostname", "instance/network-interfaces/0/ip"]
+
+    get_instance_metadata(root_url, request_header, metadata_list)
+
+if __name__ == "__main__":
+    main()

python/gcp-compute/get_gce_properties.py

@@ -0,0 +1,34 @@
+# Import the required python libraries
+from google.cloud import compute_v1
+
+def get_instance_properties(project_id, zone, instance_name):
+    """
+    This function returns the google compute instance properties.
+    """
+
+    instances_client = compute_v1.InstancesClient()
+
+    try:
+        instance_properties = instances_client.get(project=project_id, zone=zone, instance=instance_name)
+        if instance_properties:
+            print(f"Instance Name: {instance_properties.name}")
+            print(f"Instance ID: {instance_properties.id}")
+            print(f"Instance Status: {instance_properties.status}")
+            print(f"Instance Machine Type: {instance_properties.machine_type}")
+            print(f"Instance Creation Time: {instance_properties.creation_timestamp}")
+    except Exception as error:
+        print(f"Error retrieving instance properties: {error}")
+
+def main():
+    """
+    This main function calls the `get_instance_properties` function to get google compute instance properties.
+    """
+
+    project_id = "UPDATE_ME"
+    zone = "UPDATE_ME"
+    instance_name = "UPDATE_ME"
+
+    get_instance_properties(project_id, zone, instance_name)
+
+if __name__ == "__main__":
+    main()

python/gcp-compute/get_instances_with_eips.py

@@ -0,0 +1,25 @@
+import argparse
+from google.cloud import compute_v1
+
+def get_gce_with_eips(project_id):
+    """ Prints all the instances with external IP in any of its network interface """
+
+    instance_client = compute_v1.InstancesClient()
+    agg_list = instance_client.aggregated_list(project=project_id)
+
+    for zone, response in agg_list:
+        if response.instances:
+            for instance in response.instances:
+                for interface in instance.network_interfaces:
+                    if interface.access_configs:
+                        print(f"Instance Name: {instance.name}, Instance ID: {instance.id}, Instance Zone: {zone}")
+                        break
+
+def main():
+    parser = argparse.ArgumentParser()
+    parser.add_argument("project_id", help="Your Google Cloud project ID.")
+    args = parser.parse_args()
+    get_gce_with_eips(args.project_id)
+
+if __name__ == "__main__":
+    main()

python/gcp-compute/get_unused_compute_disks.py

@@ -0,0 +1,20 @@
+from google.cloud import compute_v1
+
+def get_unused_compute_disks(project_id):
+    """
+    Prints the unused regional/zonal compute disks of a project.
+    """
+
+    addresses_client = compute_v1.DisksClient()
+    for zone, response in addresses_client.aggregated_list(project=project_id):
+        if response.disks:
+            for disk in response.disks:
+                if len(disk.users) == 0:
+                    print(f"Disk Name: {disk.name}, Disk Size: {disk.size_gb}, Disk Location: {zone}")
+
+def main(project_id):
+    get_unused_compute_disks(project_id)
+
+if __name__ == "__main__":
+    project_id = "UPDATE_ME"
+    main(project_id)

python/gcp-compute/get_unused_external_ips_1.py

@@ -0,0 +1,26 @@
+# from google.oauth2 import service_account
+from google.cloud import compute_v1
+
+# Use this, if authentication to be done via service account
+# credentials = service_account.Credentials.from_service_account_file('sa-key.json')
+# addresses_client = compute_v1.AddressesClient(credentials=credentials)
+
+def get_reserved_ips(project_ids):
+    addresses_client = compute_v1.AddressesClient()
+
+    for project_id in project_ids:
+        request = compute_v1.AggregatedListAddressesRequest()
+        request.project = project_id
+
+        for region, response in addresses_client.aggregated_list(request=request):
+            if response.addresses:
+                for address in response.addresses:
+                    if(address.address_type == "EXTERNAL" and address.status == "RESERVED"):
+                        print("External IP:", address.name, "Region:", region)
+
+def main():
+    project_ids = ["UPDATE_ME"]
+    get_reserved_ips(project_ids)
+
+if __name__ == "__main__":
+    main()