feat(cloudkms): add samples for CryptoKey/CryptoKeyVersion deletion and get/lists RetiredResources

[yasharel]

Description

Fixes #

Note: Before submitting a pull request, please open an issue for discussion if you are not associated with Google.

Checklist

• I have followed Sample Format Guide
• pom.xml parent set to latest shared-configuration
• Appropriate changes to README are included in PR
• These samples need a new API enabled in testing projects to pass (let us know which ones)
• These samples need a new/updated env vars in testing projects set to pass (let us know which ones)
• Tests pass: mvn clean verify required
• Lint passes: mvn -P lint checkstyle:check required
• Static Analysis: mvn -P lint clean compile pmd:cpd-check spotbugs:check advisory only
• This sample adds a new sample directory, and I updated the CODEOWNERS file with the codeowners for this sample
• This sample adds a new Product API, and I updated the Blunderbuss issue/PR auto-assigner with the codeowners for this sample
• Please merge this PR for me once it is approved

[snippet-bot]

Here is the summary of changes.

You are about to add 4 region tags.

• kms/src/main/java/kms/DeleteKey.java:19, tag kms_delete_key
• kms/src/main/java/kms/DeleteKeyVersion.java:19, tag kms_delete_key_version
• kms/src/main/java/kms/GetRetiredResource.java:19, tag kms_get_retired_resource
• kms/src/main/java/kms/ListRetiredResources.java:19, tag kms_list_retired_resources

---

This comment is generated by snippet-bot.
If you find problems with this result, please file an issue at:
https://github.com/googleapis/repo-automation-bots/issues.
To update this comment, add snippet-bot:force-run label or use the checkbox below:

• Refresh this comment

[gemini-code-assist]

Summary of Changes

Hello @yasharel, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a suite of new samples for Google Cloud Key Management Service (KMS), demonstrating how to programmatically delete CryptoKeys and CryptoKeyVersions, as well as how to retrieve and list retired resources. It also includes essential updates to project dependencies and refines the existing IAM member removal utility to ensure robust policy management.

Highlights

• New KMS Samples for Deletion: Added new samples demonstrating how to schedule the deletion of a CryptoKey and a CryptoKeyVersion within Google Cloud KMS.
• New KMS Samples for Retired Resources: Introduced new samples to retrieve a specific retired resource and to list all retired resources in a given location.
• Dependency Updates: Updated the libraries-bom version and specified explicit versions for google-cloud-kms, proto-google-cloud-kms-v1, and protobuf-java dependencies in pom.xml.
• IAM Policy Member Removal Improvement: Refactored the IamRemoveMember utility to correctly handle immutable lists when removing a member from an IAM policy binding, ensuring proper policy updates.
• Enhanced Integration Tests: Updated integration tests (SnippetsIT.java) to include coverage for the new deletion and retired resource samples, and improved test setup for existing keys.

Changelog

• kms/pom.xml
  • Updated libraries-bom to version 26.50.0.
  • Specified google-cloud-kms dependency version 2.88.0.
  • Added proto-google-cloud-kms-v1 dependency with version 0.179.0.
  • Updated protobuf-java and protobuf-java-util dependencies to version 4.33.2.
• kms/src/main/java/kms/DeleteKey.java
  • Added a new sample demonstrating how to schedule a CryptoKey for deletion.
• kms/src/main/java/kms/DeleteKeyVersion.java
  • Added a new sample demonstrating how to schedule a CryptoKeyVersion for deletion.
• kms/src/main/java/kms/GetRetiredResource.java
  • Added a new sample demonstrating how to retrieve details of a specific retired resource.
• kms/src/main/java/kms/IamRemoveMember.java
  • Refactored the iamRemoveMember method to correctly handle immutable ProtocolStringList when removing a member from a binding, ensuring that empty bindings are not added back to the policy.
• kms/src/main/java/kms/ListRetiredResources.java
  • Added a new sample demonstrating how to list all retired resources within a given project and location.
• kms/src/test/java/kms/SnippetsIT.java
  • Added org.junit.Ignore import.
  • Modified beforeAll to use fixed key IDs and a new createKeyOrIgnore helper to prevent re-creation of existing keys.
  • Introduced stdErr capture for tests in beforeEach and afterEach.
  • Commented out a section in afterAll related to listing and destroying key versions.
  • Added new integration tests for DeleteKey, DeleteKeyVersion, GetRetiredResource, and ListRetiredResources.
  • Updated testGetKeyLabels to create a new key for its test.

Activity

• The author has followed the Sample Format Guide.
• The pom.xml parent has been set to the latest shared-configuration.
• All tests pass (mvn clean verify).
• Lint checks pass (mvn -P lint checkstyle:check).
• Static analysis (mvn -P lint clean compile pmd:cpd-check spotbugs:check) was performed.
• The author has requested that the PR be merged once approved.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request adds several new samples for Cloud KMS operations, including deleting keys and key versions, and listing/getting retired resources. The changes also include updates to dependencies and improvements to the integration test setup.

My review found a critical bug in IamRemoveMember.java where an incorrect policy object was being used, preventing the intended IAM change. I also found some code duplication in the new DeleteKeyVersion.java sample and a potential for a flaky test in SnippetsIT.java due to test dependencies. Please see my detailed comments for suggestions.