Skip to content
This repository has been archived by the owner on Sep 5, 2023. It is now read-only.

feat: add checksums in Secret Manager #244

Merged
merged 2 commits into from
Feb 3, 2022
Merged

feat: add checksums in Secret Manager #244

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
686d15f
chore: use gapic-generator-python 0.62.1
gcf-owl-bot[bot] Feb 3, 2022
22494e9
🦉 Updates from OwlBot
gcf-owl-bot[bot] Feb 3, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 12 additions & 12 deletions google/cloud/secretmanager_v1/services/secret_manager_service/async_client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -262,7 +262,7 @@ async def list_secrets(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([parent])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -368,7 +368,7 @@ async def create_secret(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([parent, secret_id, secret])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -457,7 +457,7 @@ async def add_secret_version(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([parent, payload])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -537,7 +537,7 @@ async def get_secret(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -622,7 +622,7 @@ async def update_secret(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([secret, update_mask])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -692,7 +692,7 @@ async def delete_secret(
sent along with the request as metadata.
"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -770,7 +770,7 @@ async def list_secret_versions(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([parent])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -857,7 +857,7 @@ async def get_secret_version(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -939,7 +939,7 @@ async def access_secret_version(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -1029,7 +1029,7 @@ async def disable_secret_version(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -1109,7 +1109,7 @@ async def enable_secret_version(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -1190,7 +1190,7 @@ async def destroy_secret_version(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down
24 changes: 12 additions & 12 deletions google/cloud/secretmanager_v1/services/secret_manager_service/client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -478,7 +478,7 @@ def list_secrets(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([parent])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -584,7 +584,7 @@ def create_secret(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([parent, secret_id, secret])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -673,7 +673,7 @@ def add_secret_version(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([parent, payload])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -753,7 +753,7 @@ def get_secret(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -838,7 +838,7 @@ def update_secret(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([secret, update_mask])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -908,7 +908,7 @@ def delete_secret(
sent along with the request as metadata.
"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -986,7 +986,7 @@ def list_secret_versions(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([parent])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -1073,7 +1073,7 @@ def get_secret_version(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -1155,7 +1155,7 @@ def access_secret_version(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -1235,7 +1235,7 @@ def disable_secret_version(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -1315,7 +1315,7 @@ def enable_secret_version(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down Expand Up @@ -1396,7 +1396,7 @@ def destroy_secret_version(

"""
# Create or coerce a protobuf request object.
# Sanity check: If we got a request object, we should *not* have
# Quick check: If we got a request object, we should *not* have
# gotten any keyword arguments that map to the request.
has_flattened_params = any([name])
if request is not None and has_flattened_params:
Expand Down
5 changes: 4 additions & 1 deletion google/cloud/secretmanager_v1/services/secret_manager_service/transports/grpc.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -168,8 +168,11 @@ def __init__(
if not self._grpc_channel:
self._grpc_channel = type(self).create_channel(
self._host,
# use the credentials which are saved
credentials=self._credentials,
credentials_file=credentials_file,
# Set ``credentials_file`` to ``None`` here as
# the credentials that we saved earlier should be used.
credentials_file=None,
scopes=self._scopes,
ssl_credentials=self._ssl_channel_credentials,
quota_project_id=quota_project_id,
Expand Down
5 changes: 4 additions & 1 deletion google/cloud/secretmanager_v1/services/secret_manager_service/transports/grpc_asyncio.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -213,8 +213,11 @@ def __init__(
if not self._grpc_channel:
self._grpc_channel = type(self).create_channel(
self._host,
# use the credentials which are saved
credentials=self._credentials,
credentials_file=credentials_file,
# Set ``credentials_file`` to ``None`` here as
# the credentials that we saved earlier should be used.
credentials_file=None,
scopes=self._scopes,
ssl_credentials=self._ssl_channel_credentials,
quota_project_id=quota_project_id,
Expand Down
34 changes: 32 additions & 2 deletions google/cloud/secretmanager_v1/types/resources.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,13 @@ class SecretVersion(proto.Message):
etag (str):
Output only. Etag of the currently stored
[SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
client_specified_payload_checksum (bool):
Output only. True if payload checksum specified in
[SecretPayload][google.cloud.secretmanager.v1.SecretPayload]
object has been received by
[SecretManagerService][google.cloud.secretmanager.v1.SecretManagerService]
on
[SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion].
"""

class State(proto.Enum):
Expand All @@ -176,6 +183,7 @@ class State(proto.Enum):
proto.MESSAGE, number=5, message="ReplicationStatus",
)
etag = proto.Field(proto.STRING, number=6,)
client_specified_payload_checksum = proto.Field(proto.BOOL, number=7,)


class Replication(proto.Message):
Expand Down Expand Up @@ -281,8 +289,8 @@ class Replica(proto.Message):


class CustomerManagedEncryption(proto.Message):
r"""Configuration for encrypting secret payloads using customer-
anaged encryption keys (CMEK).
r"""Configuration for encrypting secret payloads using
customer-managed encryption keys (CMEK).

Attributes:
kms_key_name (str):
Expand Down Expand Up @@ -490,9 +498,31 @@ class SecretPayload(proto.Message):
data (bytes):
The secret data. Must be no larger than
64KiB.
data_crc32c (int):
Optional. If specified,
[SecretManagerService][google.cloud.secretmanager.v1.SecretManagerService]
will verify the integrity of the received
[data][google.cloud.secretmanager.v1.SecretPayload.data] on
[SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion]
calls using the crc32c checksum and store it to include in
future
[SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion]
responses. If a checksum is not provided in the
[SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion]
request, the
[SecretManagerService][google.cloud.secretmanager.v1.SecretManagerService]
will generate and store one for you.

The CRC32C value is encoded as a Int64 for compatibility,
and can be safely downconverted to uint32 in languages that
support this type.
https://cloud.google.com/apis/design/design_patterns#integer_types

This field is a member of `oneof`_ ``_data_crc32c``.
"""

data = proto.Field(proto.BYTES, number=1,)
data_crc32c = proto.Field(proto.INT64, number=2, optional=True,)


__all__ = tuple(sorted(__protobuf__.manifest))
Loading