Merge pull request #2874 from GoogleCloudPlatform/nodejs-secret-manager-migration

migrate code from googleapis/nodejs-secret-manager

Author: ahrarmonsur

.github/workflows/secret-manager.yaml

@@ -0,0 +1,68 @@
+name: secret-manager
+on:
+  push:
+    branches:
+    - main
+    paths:
+    - 'secret-manager/**'
+  pull_request:
+    paths:
+    - 'secret-manager/**'
+  pull_request_target:
+    types: [labeled]
+    paths:
+    - 'secret-manager/**'
+  schedule:
+  - cron:  '0 0 * * 0'
+jobs:
+  test:
+    if: ${{ github.event.action != 'labeled' || github.event.label.name == 'actions:force-run' }}
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    permissions:
+      contents: 'write'
+      pull-requests: 'write'
+      id-token: 'write'
+    steps:
+    - uses: actions/checkout@v3.1.0
+      with:
+        ref: ${{github.event.pull_request.head.sha}}
+    - uses: 'google-github-actions/auth@v1.0.0'
+      with:
+        workload_identity_provider: 'projects/1046198160504/locations/global/workloadIdentityPools/github-actions-pool/providers/github-actions-provider'
+        service_account: 'kokoro-system-test@long-door-651.iam.gserviceaccount.com'
+        create_credentials_file: 'true'
+        access_token_lifetime: 600s
+    - uses: actions/setup-node@v3.5.1
+      with:
+        node-version: 16
+    - run: npm install
+      working-directory: secret-manager
+    - run: npm test
+      working-directory: secret-manager
+      env:
+        MOCHA_REPORTER_SUITENAME: secret_manager
+        MOCHA_REPORTER_OUTPUT: secret_manager_sponge_log.xml
+        MOCHA_REPORTER: xunit
+    - if: ${{ github.event.action == 'labeled' && github.event.label.name == 'actions:force-run' }}
+      uses: actions/github-script@v6
+      with:
+        github-token: ${{ secrets.GITHUB_TOKEN }}
+        script: |
+          try {
+            await github.rest.issues.removeLabel({
+              name: 'actions:force-run',
+              owner: 'GoogleCloudPlatform',
+              repo: 'nodejs-docs-samples',
+              issue_number: context.payload.pull_request.number
+            });
+          } catch (e) {
+            if (!e.message.includes('Label does not exist')) {
+              throw e;
+            }
+          }
+    - if: ${{ github.event_name == 'schedule'}}
+      run: |
+        curl https://github.com/googleapis/repo-automation-bots/releases/download/flakybot-1.1.0/flakybot -o flakybot -s -L
+        chmod +x ./flakybot
+        ./flakybot --repo GoogleCloudPlatform/nodejs-docs-samples --commit_hash ${{github.sha}} --build_url https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}

.github/workflows/workflows.json

@@ -59,6 +59,7 @@
   "datastore/functions",
   "service-directory/snippets",
   "scheduler",
+  "secret-manager",
   "speech",
   "talent",
   "texttospeech",

secret-manager/accessSecretVersion.js

@@ -0,0 +1,49 @@
+// Copyright 2019 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+async function main(name = 'projects/my-project/secrets/my-secret/versions/1') {
+  // [START secretmanager_access_secret_version]
+  /**
+   * TODO(developer): Uncomment these variables before running the sample.
+   */
+  // const name = 'projects/my-project/secrets/my-secret/versions/5';
+  // const name = 'projects/my-project/secrets/my-secret/versions/latest';
+
+  // Imports the Secret Manager library
+  const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');
+
+  // Instantiates a client
+  const client = new SecretManagerServiceClient();
+
+  async function accessSecretVersion() {
+    const [version] = await client.accessSecretVersion({
+      name: name,
+    });
+
+    // Extract the payload as a string.
+    const payload = version.payload.data.toString();
+
+    // WARNING: Do not print the secret in a production environment - this
+    // snippet is showing how to access the secret material.
+    console.info(`Payload: ${payload}`);
+  }
+
+  accessSecretVersion();
+  // [END secretmanager_access_secret_version]
+}
+
+const args = process.argv.slice(2);
+main(...args).catch(console.error);

secret-manager/addSecretVersion.js

@@ -0,0 +1,49 @@
+// Copyright 2019 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+async function main(parent = 'projects/my-project/secrets/my-secret') {
+  // [START secretmanager_add_secret_version]
+  /**
+   * TODO(developer): Uncomment these variables before running the sample.
+   */
+  // const parent = 'projects/my-project/secrets/my-secret';
+
+  // Imports the Secret Manager library
+  const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');
+
+  // Instantiates a client
+  const client = new SecretManagerServiceClient();
+
+  // Payload is the plaintext data to store in the secret
+  const payload = Buffer.from('my super secret data', 'utf8');
+
+  async function addSecretVersion() {
+    const [version] = await client.addSecretVersion({
+      parent: parent,
+      payload: {
+        data: payload,
+      },
+    });
+
+    console.log(`Added secret version ${version.name}`);
+  }
+
+  addSecretVersion();
+  // [END secretmanager_add_secret_version]
+}
+
+const args = process.argv.slice(2);
+main(...args).catch(console.error);

secret-manager/createSecret.js

@@ -0,0 +1,50 @@
+// Copyright 2019 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+async function main(parent = 'projects/my-project', secretId = 'my-secret') {
+  // [START secretmanager_create_secret]
+  /**
+   * TODO(developer): Uncomment these variables before running the sample.
+   */
+  // const parent = 'projects/my-project';
+  // const secretId = 'my-secret';
+
+  // Imports the Secret Manager library
+  const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');
+
+  // Instantiates a client
+  const client = new SecretManagerServiceClient();
+
+  async function createSecret() {
+    const [secret] = await client.createSecret({
+      parent: parent,
+      secretId: secretId,
+      secret: {
+        replication: {
+          automatic: {},
+        },
+      },
+    });
+
+    console.log(`Created secret ${secret.name}`);
+  }
+
+  createSecret();
+  // [END secretmanager_create_secret]
+}
+
+const args = process.argv.slice(2);
+main(...args).catch(console.error);

secret-manager/createUmmrSecret.js

@@ -0,0 +1,57 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+async function main(
+  parent = 'projects/my-project',
+  secretId = 'my-secret',
+  ...locations
+) {
+  /**
+   * TODO(developer): Uncomment these variables before running the sample.
+   */
+  // const parent = 'projects/my-project';
+  // const secretId = 'my-secret';
+  // const locations = ['us-east1', 'us-east4', 'us-west1'];
+
+  // Imports the Secret Manager library
+  const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');
+
+  // Instantiates a client
+  const client = new SecretManagerServiceClient();
+
+  async function createSecret() {
+    const [secret] = await client.createSecret({
+      parent: parent,
+      secretId: secretId,
+      secret: {
+        replication: {
+          userManaged: {
+            replicas: locations.map(x => {
+              return {location: x};
+            }),
+          },
+        },
+      },
+    });
+
+    console.log(`Created secret ${secret.name}`);
+  }
+
+  createSecret();
+}
+
+const args = process.argv.slice(2);
+main(...args).catch(console.error);

secret-manager/deleteSecret.js

@@ -0,0 +1,43 @@
+// Copyright 2019 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+async function main(name = 'projects/my-project/secrets/my-secret') {
+  // [START secretmanager_delete_secret]
+  /**
+   * TODO(developer): Uncomment these variables before running the sample.
+   */
+  // const name = 'projects/my-project/secrets/my-secret';
+
+  // Imports the Secret Manager library
+  const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');
+
+  // Instantiates a client
+  const client = new SecretManagerServiceClient();
+
+  async function deleteSecret() {
+    await client.deleteSecret({
+      name: name,
+    });
+
+    console.log(`Deleted secret ${name}`);
+  }
+
+  deleteSecret();
+  // [END secretmanager_delete_secret]
+}
+
+const args = process.argv.slice(2);
+main(...args).catch(console.error);

secret-manager/destroySecretVersion.js

@@ -0,0 +1,43 @@
+// Copyright 2019 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+async function main(name = 'projects/my-project/secrets/my-secret/versions/1') {
+  // [START secretmanager_destroy_secret_version]
+  /**
+   * TODO(developer): Uncomment these variables before running the sample.
+   */
+  // const name = 'projects/my-project/secrets/my-secret/versions/5';
+
+  // Imports the Secret Manager library
+  const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');
+
+  // Instantiates a client
+  const client = new SecretManagerServiceClient();
+
+  async function destroySecretVersion() {
+    const [version] = await client.destroySecretVersion({
+      name: name,
+    });
+
+    console.info(`Destroyed ${version.name}`);
+  }
+
+  destroySecretVersion();
+  // [END secretmanager_destroy_secret_version]
+}
+
+const args = process.argv.slice(2);
+main(...args).catch(console.error);