GoogleCloudPlatform
diff --git a/‎secretmanager/snippets/regional_samples/__init__.py
Lines changed: 10 additions & 0 deletions b/‎secretmanager/snippets/regional_samples/__init__.py
Lines changed: 10 additions & 0 deletions
diff --git a/‎secretmanager/snippets/regional_samples/access_regional_secret_version.py
Lines changed: 82 additions & 0 deletions b/‎secretmanager/snippets/regional_samples/access_regional_secret_version.py
Lines changed: 82 additions & 0 deletions
diff --git a/‎secretmanager/snippets/regional_samples/add_regional_secret_version.py
Lines changed: 87 additions & 0 deletions b/‎secretmanager/snippets/regional_samples/add_regional_secret_version.py
Lines changed: 87 additions & 0 deletions
diff --git a/‎secretmanager/snippets/regional_samples/create_regional_secret.py
Lines changed: 77 additions & 0 deletions b/‎secretmanager/snippets/regional_samples/create_regional_secret.py
Lines changed: 77 additions & 0 deletions
diff --git a/‎secretmanager/snippets/regional_samples/delete_regional_secret.py
Lines changed: 60 additions & 0 deletions b/‎secretmanager/snippets/regional_samples/delete_regional_secret.py
Lines changed: 60 additions & 0 deletions
diff --git a/‎secretmanager/snippets/regional_samples/delete_regional_secret_with_etag.py
Lines changed: 74 additions & 0 deletions b/‎secretmanager/snippets/regional_samples/delete_regional_secret_with_etag.py
Lines changed: 74 additions & 0 deletions
@@ -0,0 +1,10 @@
+import glob
+from os import path
+
+modules = glob.glob(path.join(path.dirname(__file__), "*.py"))
+__all__ = [
+    path.basename(f)[:-3]
+    for f in modules
+    if path.isfile(f)
+    and not (f.endswith("__init__.py") or f.endswith("snippets_test.py"))
+]
@@ -0,0 +1,82 @@
+#!/usr/bin/env python
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+"""
+Command line application and sample code for accessing a regional secret version.
+"""
+
+import argparse
+
+# [START secretmanager_access_regional_secret_version]
+from google.cloud import secretmanager_v1
+import google_crc32c
+
+
+def access_regional_secret_version(
+    project_id: str,
+    location_id: str,
+    secret_id: str,
+    version_id: str,
+) -> secretmanager_v1.AccessSecretVersionResponse:
+    """
+    Access the payload for the given secret version if one exists. The version
+    can be a version number as a string (e.g. "5") or an alias (e.g. "latest").
+    """
+
+    # Endpoint to call the regional secret manager sever.
+    api_endpoint = f"secretmanager.{location_id}.rep.googleapis.com"
+
+    # Create the Secret Manager client.
+    client = secretmanager_v1.SecretManagerServiceClient(
+        client_options={"api_endpoint": api_endpoint},
+    )
+
+    # Build the resource name of the secret version.
+    name = f"projects/{project_id}/locations/{location_id}/secrets/{secret_id}/versions/{version_id}"
+
+    # Access the secret version.
+    response = client.access_secret_version(request={"name": name})
+
+    # Verify payload checksum.
+    crc32c = google_crc32c.Checksum()
+    crc32c.update(response.payload.data)
+    if response.payload.data_crc32c != int(crc32c.hexdigest(), 16):
+        print("Data corruption detected.")
+        return response
+
+    # Print the secret payload.
+    #
+    # WARNING: Do not print the secret in a production environment - this
+    # snippet is showing how to access the secret material.
+    payload = response.payload.data.decode("UTF-8")
+    print(f"Plaintext: {payload}")
+
+    return response
+
+
+# [END secretmanager_access_regional_secret_version]
+
+if __name__ == "__main__":
+    parser = argparse.ArgumentParser(
+        description=__doc__, formatter_class=argparse.RawDescriptionHelpFormatter
+    )
+    parser.add_argument("project_id", help="id of the GCP project")
+    parser.add_argument("location_id", help="id of location where secret is stored")
+    parser.add_argument("secret_id", help="id of the secret to access")
+    parser.add_argument("version_id", help="version of the secret to access")
+    args = parser.parse_args()
+
+    access_regional_secret_version(
+        args.project_id, args.location_id, args.secret_id, args.version_id
+    )
@@ -0,0 +1,87 @@
+#!/usr/bin/env python
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+"""
+Command line application and sample code for adding a secret version to a
+regional secret with the specified payload to an existing regional secret.
+"""
+
+import argparse
+
+# [START secretmanager_v1_add_regional_secret_version]
+from google.cloud import secretmanager_v1
+import google_crc32c
+
+
+def add_regional_secret_version(
+    project_id: str,
+    location_id: str,
+    secret_id: str,
+    payload: str,
+) -> secretmanager_v1.SecretVersion:
+    """
+    Adds a new secret version to the given secret with the provided payload.
+    """
+
+    # Endpoint to call the regional secret manager sever.
+    api_endpoint = f"secretmanager.{location_id}.rep.googleapis.com"
+
+    # Create the Secret Manager client.
+    client = secretmanager_v1.SecretManagerServiceClient(
+        client_options={"api_endpoint": api_endpoint},
+    )
+
+    # Build the resource name of the parent secret.
+    parent = f"projects/{project_id}/locations/{location_id}/secrets/{secret_id}"
+
+    # Convert the string payload into a bytes. This step can be omitted if you
+    # pass in bytes instead of a str for the payload argument.
+    payload_bytes = payload.encode("UTF-8")
+
+    # Calculate payload checksum. Passing a checksum in add-version request
+    # is optional.
+    crc32c = google_crc32c.Checksum()
+    crc32c.update(payload_bytes)
+
+    # Add the secret version.
+    response = client.add_secret_version(
+        request={
+            "parent": parent,
+            "payload": {
+                "data": payload_bytes,
+                "data_crc32c": int(crc32c.hexdigest(), 16),
+            },
+        }
+    )
+
+    # Print the new secret version name.
+    print(f"Added secret version: {response.name}")
+    return response
+
+
+# [END secretmanager_v1_add_regional_secret_version]
+
+if __name__ == "__main__":
+    parser = argparse.ArgumentParser(
+        description=__doc__, formatter_class=argparse.RawDescriptionHelpFormatter
+    )
+    parser.add_argument("project_id", help="id of the GCP project")
+    parser.add_argument("location_id", help="id of location where secret is stored")
+    parser.add_argument("secret_id", help="id of the secret in which to add")
+    parser.add_argument("payload", help="secret material payload")
+    args = parser.parse_args()
+
+    add_regional_secret_version(
+        args.project_id, args.location_id, args.secret_id, args.payload
+    )
@@ -0,0 +1,77 @@
+#!/usr/bin/env python
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+"""
+Command line application and sample code for creating a new regional secret.
+"""
+
+import argparse
+from typing import Optional
+
+
+# [START secretmanager_v1_create_regional_secret]
+from google.cloud import secretmanager_v1
+
+
+def create_regional_secret(
+    project_id: str,
+    location_id: str,
+    secret_id: str,
+    ttl: Optional[str] = None,
+) -> secretmanager_v1.Secret:
+    """
+    Creates a new regional secret with the given name.
+    """
+
+    # Endpoint to call the regional secret manager sever
+    api_endpoint = f"secretmanager.{location_id}.rep.googleapis.com"
+
+    # Create the Secret Manager client.
+    client = secretmanager_v1.SecretManagerServiceClient(
+        client_options={"api_endpoint": api_endpoint},
+    )
+
+    # Build the resource name of the parent project.
+    parent = f"projects/{project_id}/locations/{location_id}"
+
+    # Create the secret.
+    response = client.create_secret(
+        request={
+            "parent": parent,
+            "secret_id": secret_id,
+            "secret": {"ttl": ttl},
+        }
+    )
+
+    # Print the new secret name.
+    print(f"Created secret: {response.name}")
+
+    return response
+
+
+# [END secretmanager_v1_create_regional_secret]
+
+if __name__ == "__main__":
+    parser = argparse.ArgumentParser(
+        description=__doc__, formatter_class=argparse.RawDescriptionHelpFormatter
+    )
+    parser.add_argument("project_id", help="id of the GCP project")
+    parser.add_argument(
+        "location_id", help="id of the location where secret is to be created"
+    )
+    parser.add_argument("secret_id", help="id of the secret to create")
+    parser.add_argument("ttl", help="time to live for secrets, f.e. '600s' ")
+    args = parser.parse_args()
+
+    create_regional_secret(args.project_id, args.location_id, args.secret_id, args.ttl)
@@ -0,0 +1,60 @@
+#!/usr/bin/env python
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+"""
+Command line application and sample code for deleting an existing regional
+secret.
+"""
+
+import argparse
+
+
+# [START secretmanager_v1_delete_regional_secret]
+# Import the Secret Manager client library.
+from google.cloud import secretmanager_v1
+
+
+def delete_regional_secret(project_id: str, location_id: str, secret_id: str) -> None:
+    """
+    Deletes the secret with the given name and all of its versions.
+    """
+
+    # Endpoint to call the regional secret manager sever
+    api_endpoint = f"secretmanager.{location_id}.rep.googleapis.com"
+
+    # Create the Secret Manager client.
+    client = secretmanager_v1.SecretManagerServiceClient(
+        client_options={"api_endpoint": api_endpoint},
+    )
+
+    # Build the resource name of the secret.
+    name = f"projects/{project_id}/locations/{location_id}/secrets/{secret_id}"
+
+    # Delete the secret.
+    client.delete_secret(request={"name": name})
+
+
+# [END secretmanager_v1_delete_regional_secret]
+
+
+if __name__ == "__main__":
+    parser = argparse.ArgumentParser(
+        description=__doc__, formatter_class=argparse.RawDescriptionHelpFormatter
+    )
+    parser.add_argument("project_id", help="id of the GCP project")
+    parser.add_argument("location_id", help="id of location where secret is stored")
+    parser.add_argument("secret_id", help="id of the secret to delete")
+    args = parser.parse_args()
+
+    delete_regional_secret(args.project_id, args.location_id, args.secret_id)
@@ -0,0 +1,74 @@
+#!/usr/bin/env python
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+"""
+Command line application and sample code for deleting an existing regional
+secret.
+"""
+
+import argparse
+
+
+# [START secretmanager_v1_delete_regional_secret_with_etag]
+# Import the Secret Manager client library and types.
+from google.cloud import secretmanager_v1
+
+
+def delete_regional_secret_with_etag(
+    project_id: str,
+    location_id: str,
+    secret_id: str,
+    etag: str,
+) -> None:
+    """
+    Deletes the regional secret with the given name, etag, and all of its versions.
+    """
+
+    # Endpoint to call the regional secret manager sever.
+    api_endpoint = f"secretmanager.{location_id}.rep.googleapis.com"
+
+    # Create the Secret Manager client.
+    client = secretmanager_v1.SecretManagerServiceClient(
+        client_options={"api_endpoint": api_endpoint},
+    )
+
+    # Build the resource name of the secret.
+    name = f"projects/{project_id}/locations/{location_id}/secrets/{secret_id}"
+
+    # Build the request
+    request = secretmanager_v1.types.service.DeleteSecretRequest(
+        name=name,
+        etag=etag,
+    )
+
+    # Delete the secret.
+    client.delete_secret(request=request)
+
+
+# [END secretmanager_v1_delete_regional_secret_with_etag]
+
+
+if __name__ == "__main__":
+    parser = argparse.ArgumentParser(
+        description=__doc__, formatter_class=argparse.RawDescriptionHelpFormatter
+    )
+    parser.add_argument("project_id", help="id of the GCP project")
+    parser.add_argument("location_id", help="id of location where secret is stored")
+    parser.add_argument("secret_id", help="id of the secret to delete")
+    parser.add_argument("etag", help="current etag of the secret to delete")
+    args = parser.parse_args()
+
+    delete_regional_secret_with_etag(
+        args.project_id, args.location_id, args.secret_id, args.etag
+    )