From 14202bee21f70a878754d99ad4959d375b97c917 Mon Sep 17 00:00:00 2001 From: Seth Vargo Date: Fri, 27 Dec 2019 17:28:41 -0500 Subject: [PATCH 1/6] Add initial Secret Manager samples --- secretmanager/api-client/README.rst | 395 ++++++++++++++++++ secretmanager/api-client/README.rst.in | 52 +++ .../api-client/access_secret_version.py | 61 +++ .../api-client/add_secret_version.py | 61 +++ secretmanager/api-client/create_secret.py | 61 +++ secretmanager/api-client/delete_secret.py | 50 +++ .../api-client/destroy_secret_version.py | 56 +++ .../api-client/disable_secret_version.py | 56 +++ .../api-client/enable_secret_version.py | 56 +++ secretmanager/api-client/get_secret.py | 65 +++ .../api-client/get_secret_version.py | 59 +++ .../api-client/list_secret_versions.py | 52 +++ secretmanager/api-client/list_secrets.py | 50 +++ secretmanager/api-client/quickstart.py | 66 +++ secretmanager/api-client/quickstart_test.py | 21 + secretmanager/api-client/requirements.txt | 1 + secretmanager/api-client/snippets_test.py | 166 ++++++++ secretmanager/api-client/update_secret.py | 54 +++ 18 files changed, 1382 insertions(+) create mode 100644 secretmanager/api-client/README.rst create mode 100644 secretmanager/api-client/README.rst.in create mode 100644 secretmanager/api-client/access_secret_version.py create mode 100644 secretmanager/api-client/add_secret_version.py create mode 100644 secretmanager/api-client/create_secret.py create mode 100644 secretmanager/api-client/delete_secret.py create mode 100644 secretmanager/api-client/destroy_secret_version.py create mode 100644 secretmanager/api-client/disable_secret_version.py create mode 100644 secretmanager/api-client/enable_secret_version.py create mode 100644 secretmanager/api-client/get_secret.py create mode 100644 secretmanager/api-client/get_secret_version.py create mode 100644 secretmanager/api-client/list_secret_versions.py create mode 100644 secretmanager/api-client/list_secrets.py create mode 100644 secretmanager/api-client/quickstart.py create mode 100644 secretmanager/api-client/quickstart_test.py create mode 100644 secretmanager/api-client/requirements.txt create mode 100644 secretmanager/api-client/snippets_test.py create mode 100644 secretmanager/api-client/update_secret.py diff --git a/secretmanager/api-client/README.rst b/secretmanager/api-client/README.rst new file mode 100644 index 000000000000..865cab4268ab --- /dev/null +++ b/secretmanager/api-client/README.rst @@ -0,0 +1,395 @@ +.. This file is automatically generated. Do not edit this file directly. + +Google Secret Manager Python Samples +=============================================================================== + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/README.rst + + +This directory contains samples for Google Secret Manager. `Google Secret Manager` is a service that allows you to store, manage, and secure access to application secrets. + + + + +.. _Google Secret Manager: https://cloud.google.com/secret-manager + +Setup +------------------------------------------------------------------------------- + + +Authentication +++++++++++++++ + +This sample requires you to have authentication setup. Refer to the +`Authentication Getting Started Guide`_ for instructions on setting up +credentials for applications. + +.. _Authentication Getting Started Guide: + https://cloud.google.com/docs/authentication/getting-started + +Install Dependencies +++++++++++++++++++++ + +#. Clone python-docs-samples and change directory to the sample directory you want to use. + + .. code-block:: bash + + $ git clone https://github.com/GoogleCloudPlatform/python-docs-samples.git + +#. Install `pip`_ and `virtualenv`_ if you do not already have them. You may want to refer to the `Python Development Environment Setup Guide`_ for Google Cloud Platform for instructions. + + .. _Python Development Environment Setup Guide: + https://cloud.google.com/python/setup + +#. Create a virtualenv. Samples are compatible with Python 2.7 and 3.4+. + + .. code-block:: bash + + $ virtualenv env + $ source env/bin/activate + +#. Install the dependencies needed to run the samples. + + .. code-block:: bash + + $ pip install -r requirements.txt + +.. _pip: https://pip.pypa.io/ +.. _virtualenv: https://virtualenv.pypa.io/ + +Samples +------------------------------------------------------------------------------- + +Quickstart ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/quickstart.py,secretmanager/api-client/README.rst + + + + +To run this sample: + +.. code-block:: bash + + $ python quickstart.py + + +Access Secret Version ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/access_secret_version.py,secretmanager/api-client/README.rst + + + + +To run this sample: + +.. code-block:: bash + + $ python access_secret_version.py + + usage: access_secret_version.py [-h] project_id secret_id version_id + + command line application and sample code for accessing a secret version. + + positional arguments: + project_id id of the GCP project + secret_id id of the secret to access + version_id version to access + + optional arguments: + -h, --help show this help message and exit + + + +Add Secret Version ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/add_secret_version.py,secretmanager/api-client/README.rst + + + + +To run this sample: + +.. code-block:: bash + + $ python add_secret_version.py + + usage: add_secret_version.py [-h] project_id secret_id payload + + command line application and sample code for adding a secret version with the + specified payload to an existing secret. + + positional arguments: + project_id id of the GCP project + secret_id id of the secret in which to add + payload secret material payload + + optional arguments: + -h, --help show this help message and exit + + + +Create Secret ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/create_secret.py,secretmanager/api-client/README.rst + + + + +To run this sample: + +.. code-block:: bash + + $ python create_secret.py + + usage: create_secret.py [-h] project_id secret_id + + command line application and sample code for creating a new secret. + + positional arguments: + project_id id of the GCP project + secret_id id of the secret to create + + optional arguments: + -h, --help show this help message and exit + + + +Delete Secret ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/delete_secret.py,secretmanager/api-client/README.rst + + + + +To run this sample: + +.. code-block:: bash + + $ python delete_secret.py + + usage: delete_secret.py [-h] project_id secret_id + + command line application and sample code for deleting an existing secret. + + positional arguments: + project_id id of the GCP project + secret_id id of the secret to delete + + optional arguments: + -h, --help show this help message and exit + + + +Destroy Secret Version ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/destroy_secret_version.py,secretmanager/api-client/README.rst + + + + +To run this sample: + +.. code-block:: bash + + $ python destroy_secret_version.py + + usage: destroy_secret_version.py [-h] project_id secret_id version_id + + command line application and sample code for destroying a secret verison. + + positional arguments: + project_id id of the GCP project + secret_id id of the secret from which to act + version_id id of the version to destroy + + optional arguments: + -h, --help show this help message and exit + + + +Enable Secret Version ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/enable_secret_version.py,secretmanager/api-client/README.rst + + + + +To run this sample: + +.. code-block:: bash + + $ python enable_secret_version.py + + usage: enable_secret_version.py [-h] project_id secret_id version_id + + command line application and sample code for enabling a secret version. + + positional arguments: + project_id id of the GCP project + secret_id id of the secret from which to act + version_id id of the version to enable + + optional arguments: + -h, --help show this help message and exit + + + +Get Secret Version ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/get_secret_version.py,secretmanager/api-client/README.rst + + + + +To run this sample: + +.. code-block:: bash + + $ python get_secret_version.py + + usage: get_secret_version.py [-h] project_id secret_id version_id + + command line application and sample code for getting metdata about a secret + version, but not the secret payload. + + positional arguments: + project_id id of the GCP project + secret_id id of the secret from which to act + version_id id of the version to get + + optional arguments: + -h, --help show this help message and exit + + + +Get Secret ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/get_secret.py,secretmanager/api-client/README.rst + + + + +To run this sample: + +.. code-block:: bash + + $ python get_secret.py + + usage: get_secret.py [-h] project_id secret_id + + command line application and sample code for getting metadata about a secret. + + positional arguments: + project_id id of the GCP project + secret_id id of the secret to get + + optional arguments: + -h, --help show this help message and exit + + + +List Secret Versions ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/list_secret_versions.py,secretmanager/api-client/README.rst + + + + +To run this sample: + +.. code-block:: bash + + $ python list_secret_versions.py + + usage: list_secret_versions.py [-h] project_id secret_id + + command line application and sample code for listing secret versions of a + secret. + + positional arguments: + project_id id of the GCP project + secret_id id of the secret in which to list + + optional arguments: + -h, --help show this help message and exit + + + +List Secrets ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/list_secrets.py,secretmanager/api-client/README.rst + + + + +To run this sample: + +.. code-block:: bash + + $ python list_secrets.py + + usage: list_secrets.py [-h] project_id + + command line application and sample code for listing secrets in a project. + + positional arguments: + project_id id of the GCP project + + optional arguments: + -h, --help show this help message and exit + + + +Update Secret ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. image:: https://gstatic.com/cloudssh/images/open-btn.png + :target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=secretmanager/api-client/update_secret.py,secretmanager/api-client/README.rst + + + + +To run this sample: + +.. code-block:: bash + + $ python update_secret.py + + usage: update_secret.py [-h] --secret-id SECRET_ID project_id + + positional arguments: + project_id id of the GCP project + + optional arguments: + -h, --help show this help message and exit + --secret-id SECRET_ID + + + + + +.. _Google Cloud SDK: https://cloud.google.com/sdk/ \ No newline at end of file diff --git a/secretmanager/api-client/README.rst.in b/secretmanager/api-client/README.rst.in new file mode 100644 index 000000000000..06718579571a --- /dev/null +++ b/secretmanager/api-client/README.rst.in @@ -0,0 +1,52 @@ +# This file is used to generate README.rst + +product: + name: Google Secret Manager + short_name: Secret Manager + url: https://cloud.google.com/secret-manager + description: > + `Google Secret Manager` is a service that allows you to store, manage, + and secure access to application secrets. + +setup: +- auth +- install_deps + +samples: +- name: Quickstart + file: quickstart.py +- name: Access Secret Version + file: access_secret_version.py + show_help: True +- name: Add Secret Version + file: add_secret_version.py + show_help: True +- name: Create Secret + file: create_secret.py + show_help: True +- name: Delete Secret + file: delete_secret.py + show_help: True +- name: Destroy Secret Version + file: destroy_secret_version.py + show_help: True +- name: Enable Secret Version + file: enable_secret_version.py + show_help: True +- name: Get Secret Version + file: get_secret_version.py + show_help: True +- name: Get Secret + file: get_secret.py + show_help: True +- name: List Secret Versions + file: list_secret_versions.py + show_help: True +- name: List Secrets + file: list_secrets.py + show_help: True +- name: Update Secret + file: update_secret.py + show_help: True + +folder: secretmanager/api-client diff --git a/secretmanager/api-client/access_secret_version.py b/secretmanager/api-client/access_secret_version.py new file mode 100644 index 000000000000..6c64fbad1c44 --- /dev/null +++ b/secretmanager/api-client/access_secret_version.py @@ -0,0 +1,61 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +""" +command line application and sample code for accessing a secret version. +""" + +import argparse + + +# [START secretmanager_access_secret_version] +def access_secret_version(project_id, secret_id, version_id): + """ + Access the payload for the given secret version if one exists. The version + can be a version number as a string (e.g. "5") or an alias (e.g. "latest"). + """ + + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the resource name of the secret version. + name = client.secret_version_path(project_id, secret_id, version_id) + + # Access the secret version. + response = client.access_secret_version(name) + + # Print the secret payload. + # + # WARNING: Do not print the secret in a production environment - this + # snippet is showing how to access the secret material. + payload = response.payload.data.decode('UTF-8') + print('Plaintext: {}'.format(payload)) +# [END secretmanager_access_secret_version] + + return response + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('project_id', help='id of the GCP project') + parser.add_argument('secret_id', help='id of the secret to access') + parser.add_argument('version_id', help='version to access') + args = parser.parse_args() + + access_secret_version(args.project_id, args.secret_id, args.version_id) diff --git a/secretmanager/api-client/add_secret_version.py b/secretmanager/api-client/add_secret_version.py new file mode 100644 index 000000000000..30e3794e62cb --- /dev/null +++ b/secretmanager/api-client/add_secret_version.py @@ -0,0 +1,61 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +""" +command line application and sample code for adding a secret version with the +specified payload to an existing secret. +""" + +import argparse + + +# [START secretmanager_add_secret_version] +def add_secret_version(project_id, secret_id, payload): + """ + Add a new secret version to the given secret with the provided payload. + """ + + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the resource name of the parent secret. + parent = client.secret_path(project_id, secret_id) + + # Convert the string payload into a bytes. This step can be omitted if you + # pass in bytes instead of a str for the payload argument. + payload = payload.encode('UTF-8') + + # Add the secret version. + response = client.add_secret_version(parent, {'data': payload}) + + # Print the new secret version name. + print('Added secret version: {}'.format(response.name)) +# [END secretmanager_add_secret_version] + + return response + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('project_id', help='id of the GCP project') + parser.add_argument('secret_id', help='id of the secret in which to add') + parser.add_argument('payload', help='secret material payload') + args = parser.parse_args() + + add_secret_version(args.project_id, args.secret_id, args.payload) diff --git a/secretmanager/api-client/create_secret.py b/secretmanager/api-client/create_secret.py new file mode 100644 index 000000000000..9f85957e1f1c --- /dev/null +++ b/secretmanager/api-client/create_secret.py @@ -0,0 +1,61 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +""" +command line application and sample code for creating a new secret. +""" + +import argparse + + +# [START secretmanager_create_secret] +def create_secret(project_id, secret_id): + """ + Create a new secret with the given name. A secret is a logical wrapper + around a collection of secret versions. Secret versions hold the actual + secret material. + """ + + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the resource name of the parent project. + parent = client.project_path(project_id) + + # Create the secret. + response = client.create_secret(parent, secret_id, { + 'replication': { + 'automatic': {}, + }, + }) + + # Print the new secret name. + print('Created secret: {}'.format(response.name)) +# [END secretmanager_create_secret] + + return response + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('project_id', help='id of the GCP project') + parser.add_argument('secret_id', help='id of the secret to create') + args = parser.parse_args() + + create_secret(args.project_id, args.secret_id) diff --git a/secretmanager/api-client/delete_secret.py b/secretmanager/api-client/delete_secret.py new file mode 100644 index 000000000000..7ed2dd183c7f --- /dev/null +++ b/secretmanager/api-client/delete_secret.py @@ -0,0 +1,50 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +""" +command line application and sample code for deleting an existing secret. +""" + +import argparse + + +# [START secretmanager_delete_secret] +def delete_secret(project_id, secret_id): + """ + Delete the secret with the given name and all of its versions. + """ + + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the resource name of the secret. + name = client.secret_path(project_id, secret_id) + + # Delete the secret. + client.delete_secret(name) +# [END secretmanager_delete_secret] + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('project_id', help='id of the GCP project') + parser.add_argument('secret_id', help='id of the secret to delete') + args = parser.parse_args() + + delete_secret(args.project_id, args.secret_id) diff --git a/secretmanager/api-client/destroy_secret_version.py b/secretmanager/api-client/destroy_secret_version.py new file mode 100644 index 000000000000..770272d91ef2 --- /dev/null +++ b/secretmanager/api-client/destroy_secret_version.py @@ -0,0 +1,56 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +""" +command line application and sample code for destroying a secret verison. +""" + +import argparse + + +# [START secretmanager_destroy_secret_version] +def destroy_secret_version(project_id, secret_id, version_id): + """ + Destroy the given secret version, making the payload irrecoverable. Other + secrets versions are unaffected. + """ + + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the resource name of the secret version + name = client.secret_version_path(project_id, secret_id, version_id) + + # Destroy the secret version. + response = client.destroy_secret_version(name) + + print('Destroyed secret version: {}'.format(response.name)) +# [END secretmanager_destroy_secret_version] + + return response + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('project_id', help='id of the GCP project') + parser.add_argument('secret_id', help='id of the secret from which to act') + parser.add_argument('version_id', help='id of the version to destroy') + args = parser.parse_args() + + destroy_secret_version(args.project_id, args.secret_id, args.version_id) diff --git a/secretmanager/api-client/disable_secret_version.py b/secretmanager/api-client/disable_secret_version.py new file mode 100644 index 000000000000..3b696725f5dc --- /dev/null +++ b/secretmanager/api-client/disable_secret_version.py @@ -0,0 +1,56 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +""" +command line application and sample code for disabling a secret version. +""" + +import argparse + + +# [START secretmanager_disable_secret_version] +def disable_secret_version(project_id, secret_id, version_id): + """ + Disable the given secret version. Future requests will throw an error until + the secret version is enabled. Other secrets versions are unaffected. + """ + + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the resource name of the secret version + name = client.secret_version_path(project_id, secret_id, version_id) + + # Disable the secret version. + response = client.disable_secret_version(name) + + print('Disabled secret version: {}'.format(response.name)) +# [END secretmanager_disable_secret_version] + + return response + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('project_id', help='id of the GCP project') + parser.add_argument('secret_id', help='id of the secret from which to act') + parser.add_argument('version_id', help='id of the version to disable') + args = parser.parse_args() + + disable_secret_version(args.project_id, args.secret_id, args.version_id) diff --git a/secretmanager/api-client/enable_secret_version.py b/secretmanager/api-client/enable_secret_version.py new file mode 100644 index 000000000000..2969f4342796 --- /dev/null +++ b/secretmanager/api-client/enable_secret_version.py @@ -0,0 +1,56 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +""" +command line application and sample code for enabling a secret version. +""" + +import argparse + + +# [START secretmanager_enable_secret_version] +def enable_secret_version(project_id, secret_id, version_id): + """ + Enable the given secret version, enabling it to be accessed after + previously being disabled. Other secrets versions are unaffected. + """ + + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the resource name of the secret version + name = client.secret_version_path(project_id, secret_id, version_id) + + # Disable the secret version. + response = client.enable_secret_version(name) + + print('Enabled secret version: {}'.format(response.name)) +# [END secretmanager_enable_secret_version] + + return response + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('project_id', help='id of the GCP project') + parser.add_argument('secret_id', help='id of the secret from which to act') + parser.add_argument('version_id', help='id of the version to enable') + args = parser.parse_args() + + enable_secret_version(args.project_id, args.secret_id, args.version_id) diff --git a/secretmanager/api-client/get_secret.py b/secretmanager/api-client/get_secret.py new file mode 100644 index 000000000000..03f4026092f9 --- /dev/null +++ b/secretmanager/api-client/get_secret.py @@ -0,0 +1,65 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +""" +command line application and sample code for getting metadata about a secret. +""" + +import argparse + + +# [START secretmanager_get_secret] +def get_secret(project_id, secret_id): + """ + Get information about the given secret. This only returns metadata about + the secret container, not any secret material. + """ + + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the resource name of the secret. + name = client.secret_path(project_id, secret_id) + + # Delete the secret. + response = client.get_secret(name) + + # Get the replication policy. + if response.replication.automatic: + replication = 'AUTOMATIC' + elif response.replication.user_managed: + replication = 'MANAGED' + else: + raise 'Unknown replication {}'.format(response.replication) + + # Print data about the secret. + print('Got secret {} with replication policy {}'.format( + response.name, replication)) +# [END secretmanager_get_secret] + + return response + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('project_id', help='id of the GCP project') + parser.add_argument('secret_id', help='id of the secret to get') + args = parser.parse_args() + + get_secret(args.project_id, args.secret_id) diff --git a/secretmanager/api-client/get_secret_version.py b/secretmanager/api-client/get_secret_version.py new file mode 100644 index 000000000000..b6cd0bcdb6fa --- /dev/null +++ b/secretmanager/api-client/get_secret_version.py @@ -0,0 +1,59 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +""" +command line application and sample code for getting metdata about a secret +version, but not the secret payload. +""" + +import argparse + + +# [START secretmanager_get_secret_version] +def get_secret_version(project_id, secret_id, version_id): + """ + Get information about the given secret version. It does not include the + payload data. + """ + + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the resource name of the secret version. + name = client.secret_version_path(project_id, secret_id, version_id) + + # Get the secret version. + response = client.get_secret_version(name) + + # Print information about the secret version. + state = response.State.Name(response.state) + print('Got secret version {} with state {}'.format(response.name, state)) +# [END secretmanager_get_secret_version] + + return response + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('project_id', help='id of the GCP project') + parser.add_argument('secret_id', help='id of the secret from which to act') + parser.add_argument('version_id', help='id of the version to get') + args = parser.parse_args() + + get_secret_version(args.project_id, args.secret_id, args.version_id) diff --git a/secretmanager/api-client/list_secret_versions.py b/secretmanager/api-client/list_secret_versions.py new file mode 100644 index 000000000000..382f43afd3c1 --- /dev/null +++ b/secretmanager/api-client/list_secret_versions.py @@ -0,0 +1,52 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +""" +command line application and sample code for listing secret versions of a +secret. +""" + +import argparse + + +# [START secretmanager_list_secret_versions] +def list_secret_versions(project_id, secret_id): + """ + List all secret versions in the given secret and their metadata. + """ + + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the resource name of the parent secret. + parent = client.secret_path(project_id, secret_id) + + # List all secret versions. + for version in client.list_secret_versions(parent): + print('Found secret version: {}'.format(version.name)) +# [END secretmanager_list_secret_versions] + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('project_id', help='id of the GCP project') + parser.add_argument('secret_id', help='id of the secret in which to list') + args = parser.parse_args() + + list_secret_versions(args.project_id, args.secret_id) diff --git a/secretmanager/api-client/list_secrets.py b/secretmanager/api-client/list_secrets.py new file mode 100644 index 000000000000..da97f16049d8 --- /dev/null +++ b/secretmanager/api-client/list_secrets.py @@ -0,0 +1,50 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +""" +command line application and sample code for listing secrets in a project. +""" + +import argparse + + +# [START secretmanager_list_secrets] +def list_secrets(project_id): + """ + List all secrets in the given project. + """ + + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the resource name of the parent project. + parent = client.project_path(project_id) + + # List all secrets. + for secret in client.list_secrets(parent): + print('Found secret: {}'.format(secret.name)) +# [END secretmanager_list_secrets] + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('project_id', help='id of the GCP project') + args = parser.parse_args() + + list_secrets(args.project_id) diff --git a/secretmanager/api-client/quickstart.py b/secretmanager/api-client/quickstart.py new file mode 100644 index 000000000000..c2aacb693a20 --- /dev/null +++ b/secretmanager/api-client/quickstart.py @@ -0,0 +1,66 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +""" +command line application and sample code for creating an accessing a secret. +""" + +import os + + +def run_quickstart(): + # [START secretmanager_quickstart] + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # GCP project in which to store secrets in Secret Manager. + project_id = 'YOUR_PROJECT_ID' + + # ID of the secret to create. + secret_id = 'YOUR_SECRET_ID' + + # [END secretmanager_quickstart] + project_id = os.environ['GCLOUD_PROJECT'] + secret_id = os.environ['SECRETMANAGER_SECRET_ID'] + # [START secretmanager_quickstart] + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the parent name from the project. + parent = client.project_path(project_id) + + # Create the parent secret. + secret = client.create_secret(parent, secret_id, { + 'replication': { + 'automatic': {}, + }, + }) + + # Add the secret version. + version = client.add_secret_version(secret.name, {'data': b'hello world!'}) + + # Access the secret version. + response = client.access_secret_version(version.name) + + # Print the secret payload. + # + # WARNING: Do not print the secret in a production environment - this + # snippet is showing how to access the secret material. + payload = response.payload.data.decode('UTF-8') + print('Plaintext: {}'.format(payload)) + # [END secretmanager_quickstart] + + +if __name__ == '__main__': + run_quickstart() diff --git a/secretmanager/api-client/quickstart_test.py b/secretmanager/api-client/quickstart_test.py new file mode 100644 index 000000000000..c9863db02e9e --- /dev/null +++ b/secretmanager/api-client/quickstart_test.py @@ -0,0 +1,21 @@ +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and + +# import os + +# import quickstart + + +# def test_quickstart(): +# os.environ['SECRETMANAGER_SECRET_ID'] = 'todo' +# quickstart.run_quickstart() diff --git a/secretmanager/api-client/requirements.txt b/secretmanager/api-client/requirements.txt new file mode 100644 index 000000000000..d9c4f694488f --- /dev/null +++ b/secretmanager/api-client/requirements.txt @@ -0,0 +1 @@ +google-cloud-secret-manager>=0.1 diff --git a/secretmanager/api-client/snippets_test.py b/secretmanager/api-client/snippets_test.py new file mode 100644 index 000000000000..e1124b9d753a --- /dev/null +++ b/secretmanager/api-client/snippets_test.py @@ -0,0 +1,166 @@ +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and + +import os +import pytest +import uuid + +from access_secret_version import access_secret_version +from add_secret_version import add_secret_version +from create_secret import create_secret +from delete_secret import delete_secret +from destroy_secret_version import destroy_secret_version +from disable_secret_version import disable_secret_version +from enable_secret_version import enable_secret_version +from get_secret_version import get_secret_version +from get_secret import get_secret +from list_secret_versions import list_secret_versions +from list_secrets import list_secrets +from update_secret import update_secret + +from google.api_core import exceptions +from google.cloud import secretmanager_v1beta1 as secretmanager + + +@pytest.fixture() +def client(): + return secretmanager.SecretManagerServiceClient() + + +@pytest.fixture() +def project_id(): + return os.environ['GCLOUD_PROJECT'] + + +@pytest.fixture() +def secret(client, project_id): + parent = client.project_path(project_id) + secret_id = 'python-secret-{}'.format(uuid.uuid4()) + + print('creating secret {}'.format(secret_id)) + secret = client.create_secret(parent, secret_id, { + 'replication': { + 'automatic': {}, + }, + }) + + yield project_id, secret_id + + print('deleting secret {}'.format(secret_id)) + try: + client.delete_secret(secret.name) + except exceptions.NotFound: + # Secret was already deleted, probably in the test + pass + + +another_secret = secret + + +@pytest.fixture() +def secret_version(client, secret): + project_id, secret_id = secret + + print('adding secret version to {}'.format(secret_id)) + parent = client.secret_path(project_id, secret_id) + payload = 'hello world!'.encode('UTF-8') + version = client.add_secret_version(parent, {'data': payload}) + + yield project_id, secret_id, version.name.rsplit('/', 1)[-1] + + +another_secret_version = secret_version + + +def test_access_secret_version(secret_version): + project_id, secret_id, version_id = secret_version + version = access_secret_version(project_id, secret_id, version_id) + assert version.payload.data == b'hello world!' + + +def test_add_secret_version(secret): + project_id, secret_id = secret + payload = 'test123' + version = add_secret_version(project_id, secret_id, payload) + assert secret_id in version.name + + +def test_create_secret(client, project_id): + secret_id = 'python-secret-{}'.format(uuid.uuid4()) + secret = create_secret(project_id, secret_id) + assert secret_id in secret.name + client.delete_secret(secret.name) + + +def test_delete_secret(client, secret): + project_id, secret_id = secret + delete_secret(project_id, secret_id) + with pytest.raises(exceptions.NotFound): + print('{}'.format(client)) + name = client.secret_version_path(project_id, secret_id, 'latest') + client.access_secret_version(name) + + +def test_destroy_secret_version(client, secret_version): + project_id, secret_id, version_id = secret_version + version = destroy_secret_version(project_id, secret_id, version_id) + assert version.destroy_time + + +def test_enable_disable_secret_version(client, secret_version): + project_id, secret_id, version_id = secret_version + version = disable_secret_version(project_id, secret_id, version_id) + assert version.state == secretmanager.enums.SecretVersion.State.DISABLED + + version = enable_secret_version(project_id, secret_id, version_id) + assert version.state == secretmanager.enums.SecretVersion.State.ENABLED + + +def test_get_secret_version(client, secret_version): + project_id, secret_id, version_id = secret_version + version = get_secret_version(project_id, secret_id, version_id) + assert secret_id in version.name + assert version_id in version.name + + +def test_get_secret(client, secret): + project_id, secret_id = secret + snippet_secret = get_secret(project_id, secret_id) + assert secret_id in snippet_secret.name + + +def test_list_secret_versions(capsys, secret_version, another_secret_version): + project_id, secret_id, version_id = secret_version + _, _, another_version_id = another_secret_version + list_secret_versions(project_id, secret_id) + + out, _ = capsys.readouterr() + assert secret_id in out + assert version_id in out + assert another_version_id in out + + +def test_list_secrets(capsys, secret, another_secret): + project_id, secret_id = secret + _, another_secret_id = another_secret + list_secrets(project_id) + + out, _ = capsys.readouterr() + assert secret_id in out + assert another_secret_id in out + + +def test_update_secret(secret): + project_id, secret_id = secret + secret = update_secret(project_id, secret_id) + assert secret.labels['secretmanager'] == 'rocks' diff --git a/secretmanager/api-client/update_secret.py b/secretmanager/api-client/update_secret.py new file mode 100644 index 000000000000..e9b964a35904 --- /dev/null +++ b/secretmanager/api-client/update_secret.py @@ -0,0 +1,54 @@ +#!/usr/bin/env python + +# Copyright 2019 Google, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and + +import argparse + + +# [START secretmanager_update_secret] +def update_secret(project_id, secret_id): + """ + Update the metadata about an existing secret. + """ + + # Import the Secret Manager client library. + from google.cloud import secretmanager_v1beta1 as secretmanager + + # Create the Secret Manager client. + client = secretmanager.SecretManagerServiceClient() + + # Build the resource name of the secret. + name = client.secret_path(project_id, secret_id) + + # Update the secret. + secret = {'name': name, 'labels': {'secretmanager': 'rocks'}} + update_mask = {'paths': ['labels']} + response = client.update_secret(secret, update_mask) + + # Print the new secret name. + print('Updated secret: {}'.format(response.name)) +# [END secretmanager_update_secret] + + return response + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description=__doc__, + formatter_class=argparse.RawDescriptionHelpFormatter) + parser.add_argument('project_id', help='id of the GCP project') + parser.add_argument('--secret-id', required=True) + args = parser.parse_args() + + update_secret(args.project_id, args.secret_id) From 688e2bcccc67cfa5a854d8677134d571d3e8eac1 Mon Sep 17 00:00:00 2001 From: Seth Vargo Date: Sat, 28 Dec 2019 11:26:21 -0500 Subject: [PATCH 2/6] Fix quickstart tests --- secretmanager/api-client/quickstart.py | 8 ++++---- secretmanager/api-client/quickstart_test.py | 21 --------------------- secretmanager/api-client/snippets_test.py | 6 ++++++ 3 files changed, 10 insertions(+), 25 deletions(-) delete mode 100644 secretmanager/api-client/quickstart_test.py diff --git a/secretmanager/api-client/quickstart.py b/secretmanager/api-client/quickstart.py index c2aacb693a20..c69b12ce625e 100644 --- a/secretmanager/api-client/quickstart.py +++ b/secretmanager/api-client/quickstart.py @@ -19,7 +19,7 @@ import os -def run_quickstart(): +def quickstart(_project_id=None, _secret_id=None): # [START secretmanager_quickstart] # Import the Secret Manager client library. from google.cloud import secretmanager_v1beta1 as secretmanager @@ -31,8 +31,8 @@ def run_quickstart(): secret_id = 'YOUR_SECRET_ID' # [END secretmanager_quickstart] - project_id = os.environ['GCLOUD_PROJECT'] - secret_id = os.environ['SECRETMANAGER_SECRET_ID'] + project_id = _project_id + secret_id = _secret_id # [START secretmanager_quickstart] # Create the Secret Manager client. client = secretmanager.SecretManagerServiceClient() @@ -63,4 +63,4 @@ def run_quickstart(): if __name__ == '__main__': - run_quickstart() + quickstart() diff --git a/secretmanager/api-client/quickstart_test.py b/secretmanager/api-client/quickstart_test.py deleted file mode 100644 index c9863db02e9e..000000000000 --- a/secretmanager/api-client/quickstart_test.py +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright 2019 Google, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and - -# import os - -# import quickstart - - -# def test_quickstart(): -# os.environ['SECRETMANAGER_SECRET_ID'] = 'todo' -# quickstart.run_quickstart() diff --git a/secretmanager/api-client/snippets_test.py b/secretmanager/api-client/snippets_test.py index e1124b9d753a..11484749432a 100644 --- a/secretmanager/api-client/snippets_test.py +++ b/secretmanager/api-client/snippets_test.py @@ -15,6 +15,7 @@ import pytest import uuid +from quickstart import quickstart from access_secret_version import access_secret_version from add_secret_version import add_secret_version from create_secret import create_secret @@ -82,6 +83,11 @@ def secret_version(client, secret): another_secret_version = secret_version +def test_quickstart(project_id): + secret_id = 'python-secret-{}'.format(uuid.uuid4()) + quickstart(project_id, secret_id) + + def test_access_secret_version(secret_version): project_id, secret_id, version_id = secret_version version = access_secret_version(project_id, secret_id, version_id) From 148de1b3f51f14a1021cde0bcdc881d1fb269dc0 Mon Sep 17 00:00:00 2001 From: Seth Vargo Date: Sat, 28 Dec 2019 11:26:28 -0500 Subject: [PATCH 3/6] Pin to a specific version secretmanager version --- secretmanager/api-client/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/secretmanager/api-client/requirements.txt b/secretmanager/api-client/requirements.txt index d9c4f694488f..b4de702c8e82 100644 --- a/secretmanager/api-client/requirements.txt +++ b/secretmanager/api-client/requirements.txt @@ -1 +1 @@ -google-cloud-secret-manager>=0.1 +google-cloud-secret-manager==0.1.0 From 0c8aee603a204db6254f52a68f385eecb43419a5 Mon Sep 17 00:00:00 2001 From: Seth Vargo Date: Sat, 28 Dec 2019 11:26:59 -0500 Subject: [PATCH 4/6] Fix indentation --- secretmanager/api-client/update_secret.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/secretmanager/api-client/update_secret.py b/secretmanager/api-client/update_secret.py index e9b964a35904..fba68ac4e794 100644 --- a/secretmanager/api-client/update_secret.py +++ b/secretmanager/api-client/update_secret.py @@ -38,7 +38,7 @@ def update_secret(project_id, secret_id): # Print the new secret name. print('Updated secret: {}'.format(response.name)) -# [END secretmanager_update_secret] + # [END secretmanager_update_secret] return response From dbbd2ce2752ac3ff55a169be432b59771f10ea7b Mon Sep 17 00:00:00 2001 From: Seth Vargo Date: Sat, 28 Dec 2019 11:27:44 -0500 Subject: [PATCH 5/6] Update copyright header to LLC --- secretmanager/api-client/access_secret_version.py | 2 +- secretmanager/api-client/add_secret_version.py | 2 +- secretmanager/api-client/create_secret.py | 2 +- secretmanager/api-client/delete_secret.py | 2 +- secretmanager/api-client/destroy_secret_version.py | 2 +- secretmanager/api-client/disable_secret_version.py | 2 +- secretmanager/api-client/enable_secret_version.py | 2 +- secretmanager/api-client/get_secret.py | 2 +- secretmanager/api-client/get_secret_version.py | 2 +- secretmanager/api-client/list_secret_versions.py | 2 +- secretmanager/api-client/list_secrets.py | 2 +- secretmanager/api-client/quickstart.py | 2 +- secretmanager/api-client/snippets_test.py | 2 +- secretmanager/api-client/update_secret.py | 2 +- 14 files changed, 14 insertions(+), 14 deletions(-) diff --git a/secretmanager/api-client/access_secret_version.py b/secretmanager/api-client/access_secret_version.py index 6c64fbad1c44..ceaa9b4d43d6 100644 --- a/secretmanager/api-client/access_secret_version.py +++ b/secretmanager/api-client/access_secret_version.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/add_secret_version.py b/secretmanager/api-client/add_secret_version.py index 30e3794e62cb..147e2c3ba7de 100644 --- a/secretmanager/api-client/add_secret_version.py +++ b/secretmanager/api-client/add_secret_version.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/create_secret.py b/secretmanager/api-client/create_secret.py index 9f85957e1f1c..06ec1d57d6a8 100644 --- a/secretmanager/api-client/create_secret.py +++ b/secretmanager/api-client/create_secret.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/delete_secret.py b/secretmanager/api-client/delete_secret.py index 7ed2dd183c7f..d6c0fb8a1570 100644 --- a/secretmanager/api-client/delete_secret.py +++ b/secretmanager/api-client/delete_secret.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/destroy_secret_version.py b/secretmanager/api-client/destroy_secret_version.py index 770272d91ef2..f705417d19cb 100644 --- a/secretmanager/api-client/destroy_secret_version.py +++ b/secretmanager/api-client/destroy_secret_version.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/disable_secret_version.py b/secretmanager/api-client/disable_secret_version.py index 3b696725f5dc..a6563318807f 100644 --- a/secretmanager/api-client/disable_secret_version.py +++ b/secretmanager/api-client/disable_secret_version.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/enable_secret_version.py b/secretmanager/api-client/enable_secret_version.py index 2969f4342796..472157cd776d 100644 --- a/secretmanager/api-client/enable_secret_version.py +++ b/secretmanager/api-client/enable_secret_version.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/get_secret.py b/secretmanager/api-client/get_secret.py index 03f4026092f9..3d9bf49cb1f4 100644 --- a/secretmanager/api-client/get_secret.py +++ b/secretmanager/api-client/get_secret.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/get_secret_version.py b/secretmanager/api-client/get_secret_version.py index b6cd0bcdb6fa..ed4dd89263ff 100644 --- a/secretmanager/api-client/get_secret_version.py +++ b/secretmanager/api-client/get_secret_version.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/list_secret_versions.py b/secretmanager/api-client/list_secret_versions.py index 382f43afd3c1..d727d3cb07e5 100644 --- a/secretmanager/api-client/list_secret_versions.py +++ b/secretmanager/api-client/list_secret_versions.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/list_secrets.py b/secretmanager/api-client/list_secrets.py index da97f16049d8..1d6981efef7f 100644 --- a/secretmanager/api-client/list_secrets.py +++ b/secretmanager/api-client/list_secrets.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/quickstart.py b/secretmanager/api-client/quickstart.py index c69b12ce625e..985b94257063 100644 --- a/secretmanager/api-client/quickstart.py +++ b/secretmanager/api-client/quickstart.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/snippets_test.py b/secretmanager/api-client/snippets_test.py index 11484749432a..62692865a53e 100644 --- a/secretmanager/api-client/snippets_test.py +++ b/secretmanager/api-client/snippets_test.py @@ -1,4 +1,4 @@ -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/secretmanager/api-client/update_secret.py b/secretmanager/api-client/update_secret.py index fba68ac4e794..10e3241ee50d 100644 --- a/secretmanager/api-client/update_secret.py +++ b/secretmanager/api-client/update_secret.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -# Copyright 2019 Google, Inc +# Copyright 2019 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. From 286ba29fb15c8af62e20e13169015f8f46b5a796 Mon Sep 17 00:00:00 2001 From: Seth Vargo Date: Mon, 30 Dec 2019 14:57:43 -0600 Subject: [PATCH 6/6] Remove unused import --- secretmanager/api-client/quickstart.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/secretmanager/api-client/quickstart.py b/secretmanager/api-client/quickstart.py index 985b94257063..5ebaba97b80d 100644 --- a/secretmanager/api-client/quickstart.py +++ b/secretmanager/api-client/quickstart.py @@ -16,8 +16,6 @@ command line application and sample code for creating an accessing a secret. """ -import os - def quickstart(_project_id=None, _secret_id=None): # [START secretmanager_quickstart]