diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/.coveragerc b/owl-bot-staging/google-cloud-secret-manager/v1/.coveragerc new file mode 100644 index 000000000000..ba39b6e150d0 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/.coveragerc @@ -0,0 +1,13 @@ +[run] +branch = True + +[report] +show_missing = True +omit = + google/cloud/secretmanager/__init__.py + google/cloud/secretmanager/gapic_version.py +exclude_lines = + # Re-enable the standard pragma + pragma: NO COVER + # Ignore debug-only repr + def __repr__ diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/.flake8 b/owl-bot-staging/google-cloud-secret-manager/v1/.flake8 new file mode 100644 index 000000000000..29227d4cf419 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/.flake8 @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generated by synthtool. DO NOT EDIT! +[flake8] +ignore = E203, E266, E501, W503 +exclude = + # Exclude generated code. + **/proto/** + **/gapic/** + **/services/** + **/types/** + *_pb2.py + + # Standard linting exemptions. + **/.nox/** + __pycache__, + .git, + *.pyc, + conf.py diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/MANIFEST.in b/owl-bot-staging/google-cloud-secret-manager/v1/MANIFEST.in new file mode 100644 index 000000000000..3f781d40f260 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/MANIFEST.in @@ -0,0 +1,2 @@ +recursive-include google/cloud/secretmanager *.py +recursive-include google/cloud/secretmanager_v1 *.py diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/README.rst b/owl-bot-staging/google-cloud-secret-manager/v1/README.rst new file mode 100644 index 000000000000..358776dacd39 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/README.rst @@ -0,0 +1,49 @@ +Python Client for Google Cloud Secretmanager API +================================================= + +Quick Start +----------- + +In order to use this library, you first need to go through the following steps: + +1. `Select or create a Cloud Platform project.`_ +2. `Enable billing for your project.`_ +3. Enable the Google Cloud Secretmanager API. +4. `Setup Authentication.`_ + +.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project +.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project +.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html + +Installation +~~~~~~~~~~~~ + +Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to +create isolated Python environments. The basic problem it addresses is one of +dependencies and versions, and indirectly permissions. + +With `virtualenv`_, it's possible to install this library without needing system +install permissions, and without clashing with the installed system +dependencies. + +.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ + + +Mac/Linux +^^^^^^^^^ + +.. code-block:: console + + python3 -m venv + source /bin/activate + /bin/pip install /path/to/library + + +Windows +^^^^^^^ + +.. code-block:: console + + python3 -m venv + \Scripts\activate + \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/docs/_static/custom.css b/owl-bot-staging/google-cloud-secret-manager/v1/docs/_static/custom.css new file mode 100644 index 000000000000..06423be0b592 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/docs/_static/custom.css @@ -0,0 +1,3 @@ +dl.field-list > dt { + min-width: 100px +} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/docs/conf.py b/owl-bot-staging/google-cloud-secret-manager/v1/docs/conf.py new file mode 100644 index 000000000000..e34176b66b99 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/docs/conf.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# google-cloud-secret-manager documentation build configuration file +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys +import os +import shlex + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +sys.path.insert(0, os.path.abspath("..")) + +__version__ = "0.1.0" + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = "4.0.1" + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + "sphinx.ext.autodoc", + "sphinx.ext.autosummary", + "sphinx.ext.intersphinx", + "sphinx.ext.coverage", + "sphinx.ext.napoleon", + "sphinx.ext.todo", + "sphinx.ext.viewcode", +] + +# autodoc/autosummary flags +autoclass_content = "both" +autodoc_default_flags = ["members"] +autosummary_generate = True + + +# Add any paths that contain templates here, relative to this directory. +templates_path = ["_templates"] + +# Allow markdown includes (so releases.md can include CHANGLEOG.md) +# http://www.sphinx-doc.org/en/master/markdown.html +source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +source_suffix = [".rst", ".md"] + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The root toctree document. +root_doc = "index" + +# General information about the project. +project = u"google-cloud-secret-manager" +copyright = u"2023, Google, LLC" +author = u"Google APIs" # TODO: autogenerate this bit + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The full version, including alpha/beta/rc tags. +release = __version__ +# The short X.Y version. +version = ".".join(release.split(".")[0:2]) + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = 'en' + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ["_build"] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = "sphinx" + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = True + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = "alabaster" + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +html_theme_options = { + "description": "Google Cloud Client Libraries for Python", + "github_user": "googleapis", + "github_repo": "google-cloud-python", + "github_banner": True, + "font_family": "'Roboto', Georgia, sans", + "head_font_family": "'Roboto', Georgia, serif", + "code_font_family": "'Roboto Mono', 'Consolas', monospace", +} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ["_static"] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = "google-cloud-secret-manager-doc" + +# -- Options for warnings ------------------------------------------------------ + + +suppress_warnings = [ + # Temporarily suppress this to avoid "more than one target found for + # cross-reference" warning, which are intractable for us to avoid while in + # a mono-repo. + # See https://github.com/sphinx-doc/sphinx/blob + # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 + "ref.python" +] + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ( + root_doc, + "google-cloud-secret-manager.tex", + u"google-cloud-secret-manager Documentation", + author, + "manual", + ) +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ( + root_doc, + "google-cloud-secret-manager", + u"Google Cloud Secretmanager Documentation", + [author], + 1, + ) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ( + root_doc, + "google-cloud-secret-manager", + u"google-cloud-secret-manager Documentation", + author, + "google-cloud-secret-manager", + "GAPIC library for Google Cloud Secretmanager API", + "APIs", + ) +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = { + "python": ("http://python.readthedocs.org/en/latest/", None), + "gax": ("https://gax-python.readthedocs.org/en/latest/", None), + "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), + "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), + "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), + "grpc": ("https://grpc.io/grpc/python/", None), + "requests": ("http://requests.kennethreitz.org/en/stable/", None), + "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), +} + + +# Napoleon settings +napoleon_google_docstring = True +napoleon_numpy_docstring = True +napoleon_include_private_with_doc = False +napoleon_include_special_with_doc = True +napoleon_use_admonition_for_examples = False +napoleon_use_admonition_for_notes = False +napoleon_use_admonition_for_references = False +napoleon_use_ivar = False +napoleon_use_param = True +napoleon_use_rtype = True diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/docs/index.rst b/owl-bot-staging/google-cloud-secret-manager/v1/docs/index.rst new file mode 100644 index 000000000000..9072a8c008e8 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/docs/index.rst @@ -0,0 +1,7 @@ +API Reference +------------- +.. toctree:: + :maxdepth: 2 + + secretmanager_v1/services + secretmanager_v1/types diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/docs/secretmanager_v1/secret_manager_service.rst b/owl-bot-staging/google-cloud-secret-manager/v1/docs/secretmanager_v1/secret_manager_service.rst new file mode 100644 index 000000000000..2aa590e3f83e --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/docs/secretmanager_v1/secret_manager_service.rst @@ -0,0 +1,10 @@ +SecretManagerService +-------------------------------------- + +.. automodule:: google.cloud.secretmanager_v1.services.secret_manager_service + :members: + :inherited-members: + +.. automodule:: google.cloud.secretmanager_v1.services.secret_manager_service.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/docs/secretmanager_v1/services_.rst b/owl-bot-staging/google-cloud-secret-manager/v1/docs/secretmanager_v1/services_.rst new file mode 100644 index 000000000000..aac8f75c5cf5 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/docs/secretmanager_v1/services_.rst @@ -0,0 +1,6 @@ +Services for Google Cloud Secretmanager v1 API +============================================== +.. toctree:: + :maxdepth: 2 + + secret_manager_service diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/docs/secretmanager_v1/types_.rst b/owl-bot-staging/google-cloud-secret-manager/v1/docs/secretmanager_v1/types_.rst new file mode 100644 index 000000000000..580720f951db --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/docs/secretmanager_v1/types_.rst @@ -0,0 +1,6 @@ +Types for Google Cloud Secretmanager v1 API +=========================================== + +.. automodule:: google.cloud.secretmanager_v1.types + :members: + :show-inheritance: diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager/__init__.py new file mode 100644 index 000000000000..eeffea45868e --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager/__init__.py @@ -0,0 +1,75 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.secretmanager import gapic_version as package_version + +__version__ = package_version.__version__ + + +from google.cloud.secretmanager_v1.services.secret_manager_service.client import SecretManagerServiceClient +from google.cloud.secretmanager_v1.services.secret_manager_service.async_client import SecretManagerServiceAsyncClient + +from google.cloud.secretmanager_v1.types.resources import CustomerManagedEncryption +from google.cloud.secretmanager_v1.types.resources import CustomerManagedEncryptionStatus +from google.cloud.secretmanager_v1.types.resources import Replication +from google.cloud.secretmanager_v1.types.resources import ReplicationStatus +from google.cloud.secretmanager_v1.types.resources import Rotation +from google.cloud.secretmanager_v1.types.resources import Secret +from google.cloud.secretmanager_v1.types.resources import SecretPayload +from google.cloud.secretmanager_v1.types.resources import SecretVersion +from google.cloud.secretmanager_v1.types.resources import Topic +from google.cloud.secretmanager_v1.types.service import AccessSecretVersionRequest +from google.cloud.secretmanager_v1.types.service import AccessSecretVersionResponse +from google.cloud.secretmanager_v1.types.service import AddSecretVersionRequest +from google.cloud.secretmanager_v1.types.service import CreateSecretRequest +from google.cloud.secretmanager_v1.types.service import DeleteSecretRequest +from google.cloud.secretmanager_v1.types.service import DestroySecretVersionRequest +from google.cloud.secretmanager_v1.types.service import DisableSecretVersionRequest +from google.cloud.secretmanager_v1.types.service import EnableSecretVersionRequest +from google.cloud.secretmanager_v1.types.service import GetSecretRequest +from google.cloud.secretmanager_v1.types.service import GetSecretVersionRequest +from google.cloud.secretmanager_v1.types.service import ListSecretsRequest +from google.cloud.secretmanager_v1.types.service import ListSecretsResponse +from google.cloud.secretmanager_v1.types.service import ListSecretVersionsRequest +from google.cloud.secretmanager_v1.types.service import ListSecretVersionsResponse +from google.cloud.secretmanager_v1.types.service import UpdateSecretRequest + +__all__ = ('SecretManagerServiceClient', + 'SecretManagerServiceAsyncClient', + 'CustomerManagedEncryption', + 'CustomerManagedEncryptionStatus', + 'Replication', + 'ReplicationStatus', + 'Rotation', + 'Secret', + 'SecretPayload', + 'SecretVersion', + 'Topic', + 'AccessSecretVersionRequest', + 'AccessSecretVersionResponse', + 'AddSecretVersionRequest', + 'CreateSecretRequest', + 'DeleteSecretRequest', + 'DestroySecretVersionRequest', + 'DisableSecretVersionRequest', + 'EnableSecretVersionRequest', + 'GetSecretRequest', + 'GetSecretVersionRequest', + 'ListSecretsRequest', + 'ListSecretsResponse', + 'ListSecretVersionsRequest', + 'ListSecretVersionsResponse', + 'UpdateSecretRequest', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager/gapic_version.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager/gapic_version.py new file mode 100644 index 000000000000..558c8aab67c5 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.0.0" # {x-release-please-version} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager/py.typed b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager/py.typed new file mode 100644 index 000000000000..7eaaed39becb --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-secret-manager package uses inline types. diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/__init__.py new file mode 100644 index 000000000000..ba6488b3cd16 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/__init__.py @@ -0,0 +1,76 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.secretmanager_v1 import gapic_version as package_version + +__version__ = package_version.__version__ + + +from .services.secret_manager_service import SecretManagerServiceClient +from .services.secret_manager_service import SecretManagerServiceAsyncClient + +from .types.resources import CustomerManagedEncryption +from .types.resources import CustomerManagedEncryptionStatus +from .types.resources import Replication +from .types.resources import ReplicationStatus +from .types.resources import Rotation +from .types.resources import Secret +from .types.resources import SecretPayload +from .types.resources import SecretVersion +from .types.resources import Topic +from .types.service import AccessSecretVersionRequest +from .types.service import AccessSecretVersionResponse +from .types.service import AddSecretVersionRequest +from .types.service import CreateSecretRequest +from .types.service import DeleteSecretRequest +from .types.service import DestroySecretVersionRequest +from .types.service import DisableSecretVersionRequest +from .types.service import EnableSecretVersionRequest +from .types.service import GetSecretRequest +from .types.service import GetSecretVersionRequest +from .types.service import ListSecretsRequest +from .types.service import ListSecretsResponse +from .types.service import ListSecretVersionsRequest +from .types.service import ListSecretVersionsResponse +from .types.service import UpdateSecretRequest + +__all__ = ( + 'SecretManagerServiceAsyncClient', +'AccessSecretVersionRequest', +'AccessSecretVersionResponse', +'AddSecretVersionRequest', +'CreateSecretRequest', +'CustomerManagedEncryption', +'CustomerManagedEncryptionStatus', +'DeleteSecretRequest', +'DestroySecretVersionRequest', +'DisableSecretVersionRequest', +'EnableSecretVersionRequest', +'GetSecretRequest', +'GetSecretVersionRequest', +'ListSecretVersionsRequest', +'ListSecretVersionsResponse', +'ListSecretsRequest', +'ListSecretsResponse', +'Replication', +'ReplicationStatus', +'Rotation', +'Secret', +'SecretManagerServiceClient', +'SecretPayload', +'SecretVersion', +'Topic', +'UpdateSecretRequest', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/gapic_metadata.json b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/gapic_metadata.json new file mode 100644 index 000000000000..115998dc2e86 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/gapic_metadata.json @@ -0,0 +1,253 @@ + { + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "python", + "libraryPackage": "google.cloud.secretmanager_v1", + "protoPackage": "google.cloud.secretmanager.v1", + "schema": "1.0", + "services": { + "SecretManagerService": { + "clients": { + "grpc": { + "libraryClient": "SecretManagerServiceClient", + "rpcs": { + "AccessSecretVersion": { + "methods": [ + "access_secret_version" + ] + }, + "AddSecretVersion": { + "methods": [ + "add_secret_version" + ] + }, + "CreateSecret": { + "methods": [ + "create_secret" + ] + }, + "DeleteSecret": { + "methods": [ + "delete_secret" + ] + }, + "DestroySecretVersion": { + "methods": [ + "destroy_secret_version" + ] + }, + "DisableSecretVersion": { + "methods": [ + "disable_secret_version" + ] + }, + "EnableSecretVersion": { + "methods": [ + "enable_secret_version" + ] + }, + "GetIamPolicy": { + "methods": [ + "get_iam_policy" + ] + }, + "GetSecret": { + "methods": [ + "get_secret" + ] + }, + "GetSecretVersion": { + "methods": [ + "get_secret_version" + ] + }, + "ListSecretVersions": { + "methods": [ + "list_secret_versions" + ] + }, + "ListSecrets": { + "methods": [ + "list_secrets" + ] + }, + "SetIamPolicy": { + "methods": [ + "set_iam_policy" + ] + }, + "TestIamPermissions": { + "methods": [ + "test_iam_permissions" + ] + }, + "UpdateSecret": { + "methods": [ + "update_secret" + ] + } + } + }, + "grpc-async": { + "libraryClient": "SecretManagerServiceAsyncClient", + "rpcs": { + "AccessSecretVersion": { + "methods": [ + "access_secret_version" + ] + }, + "AddSecretVersion": { + "methods": [ + "add_secret_version" + ] + }, + "CreateSecret": { + "methods": [ + "create_secret" + ] + }, + "DeleteSecret": { + "methods": [ + "delete_secret" + ] + }, + "DestroySecretVersion": { + "methods": [ + "destroy_secret_version" + ] + }, + "DisableSecretVersion": { + "methods": [ + "disable_secret_version" + ] + }, + "EnableSecretVersion": { + "methods": [ + "enable_secret_version" + ] + }, + "GetIamPolicy": { + "methods": [ + "get_iam_policy" + ] + }, + "GetSecret": { + "methods": [ + "get_secret" + ] + }, + "GetSecretVersion": { + "methods": [ + "get_secret_version" + ] + }, + "ListSecretVersions": { + "methods": [ + "list_secret_versions" + ] + }, + "ListSecrets": { + "methods": [ + "list_secrets" + ] + }, + "SetIamPolicy": { + "methods": [ + "set_iam_policy" + ] + }, + "TestIamPermissions": { + "methods": [ + "test_iam_permissions" + ] + }, + "UpdateSecret": { + "methods": [ + "update_secret" + ] + } + } + }, + "rest": { + "libraryClient": "SecretManagerServiceClient", + "rpcs": { + "AccessSecretVersion": { + "methods": [ + "access_secret_version" + ] + }, + "AddSecretVersion": { + "methods": [ + "add_secret_version" + ] + }, + "CreateSecret": { + "methods": [ + "create_secret" + ] + }, + "DeleteSecret": { + "methods": [ + "delete_secret" + ] + }, + "DestroySecretVersion": { + "methods": [ + "destroy_secret_version" + ] + }, + "DisableSecretVersion": { + "methods": [ + "disable_secret_version" + ] + }, + "EnableSecretVersion": { + "methods": [ + "enable_secret_version" + ] + }, + "GetIamPolicy": { + "methods": [ + "get_iam_policy" + ] + }, + "GetSecret": { + "methods": [ + "get_secret" + ] + }, + "GetSecretVersion": { + "methods": [ + "get_secret_version" + ] + }, + "ListSecretVersions": { + "methods": [ + "list_secret_versions" + ] + }, + "ListSecrets": { + "methods": [ + "list_secrets" + ] + }, + "SetIamPolicy": { + "methods": [ + "set_iam_policy" + ] + }, + "TestIamPermissions": { + "methods": [ + "test_iam_permissions" + ] + }, + "UpdateSecret": { + "methods": [ + "update_secret" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/gapic_version.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/gapic_version.py new file mode 100644 index 000000000000..558c8aab67c5 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.0.0" # {x-release-please-version} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/py.typed b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/py.typed new file mode 100644 index 000000000000..7eaaed39becb --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-secret-manager package uses inline types. diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/__init__.py new file mode 100644 index 000000000000..8f6cf068242c --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/__init__.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/__init__.py new file mode 100644 index 000000000000..8a012b7ce26e --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import SecretManagerServiceClient +from .async_client import SecretManagerServiceAsyncClient + +__all__ = ( + 'SecretManagerServiceClient', + 'SecretManagerServiceAsyncClient', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/async_client.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/async_client.py new file mode 100644 index 000000000000..d3c65da6f6c7 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/async_client.py @@ -0,0 +1,2108 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union + +from google.cloud.secretmanager_v1 import gapic_version as package_version + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry_async as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.AsyncRetry, gapic_v1.method._MethodDefault, None] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.AsyncRetry, object, None] # type: ignore + +from google.cloud.location import locations_pb2 # type: ignore +from google.cloud.secretmanager_v1.services.secret_manager_service import pagers +from google.cloud.secretmanager_v1.types import resources +from google.cloud.secretmanager_v1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import duration_pb2 # type: ignore +from google.protobuf import field_mask_pb2 # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import SecretManagerServiceGrpcAsyncIOTransport +from .client import SecretManagerServiceClient + + +class SecretManagerServiceAsyncClient: + """Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secretmanager.v1.Secret] + - [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + """ + + _client: SecretManagerServiceClient + + # Copy defaults from the synchronous client for use here. + # Note: DEFAULT_ENDPOINT is deprecated. Use _DEFAULT_ENDPOINT_TEMPLATE instead. + DEFAULT_ENDPOINT = SecretManagerServiceClient.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + _DEFAULT_ENDPOINT_TEMPLATE = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE + _DEFAULT_UNIVERSE = SecretManagerServiceClient._DEFAULT_UNIVERSE + + secret_path = staticmethod(SecretManagerServiceClient.secret_path) + parse_secret_path = staticmethod(SecretManagerServiceClient.parse_secret_path) + secret_version_path = staticmethod(SecretManagerServiceClient.secret_version_path) + parse_secret_version_path = staticmethod(SecretManagerServiceClient.parse_secret_version_path) + topic_path = staticmethod(SecretManagerServiceClient.topic_path) + parse_topic_path = staticmethod(SecretManagerServiceClient.parse_topic_path) + common_billing_account_path = staticmethod(SecretManagerServiceClient.common_billing_account_path) + parse_common_billing_account_path = staticmethod(SecretManagerServiceClient.parse_common_billing_account_path) + common_folder_path = staticmethod(SecretManagerServiceClient.common_folder_path) + parse_common_folder_path = staticmethod(SecretManagerServiceClient.parse_common_folder_path) + common_organization_path = staticmethod(SecretManagerServiceClient.common_organization_path) + parse_common_organization_path = staticmethod(SecretManagerServiceClient.parse_common_organization_path) + common_project_path = staticmethod(SecretManagerServiceClient.common_project_path) + parse_common_project_path = staticmethod(SecretManagerServiceClient.parse_common_project_path) + common_location_path = staticmethod(SecretManagerServiceClient.common_location_path) + parse_common_location_path = staticmethod(SecretManagerServiceClient.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecretManagerServiceAsyncClient: The constructed client. + """ + return SecretManagerServiceClient.from_service_account_info.__func__(SecretManagerServiceAsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecretManagerServiceAsyncClient: The constructed client. + """ + return SecretManagerServiceClient.from_service_account_file.__func__(SecretManagerServiceAsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variable is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return SecretManagerServiceClient.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> SecretManagerServiceTransport: + """Returns the transport used by the client instance. + + Returns: + SecretManagerServiceTransport: The transport used by the client instance. + """ + return self._client.transport + + @property + def api_endpoint(self): + """Return the API endpoint used by the client instance. + + Returns: + str: The API endpoint used by the client instance. + """ + return self._client._api_endpoint + + @property + def universe_domain(self) -> str: + """Return the universe domain used by the client instance. + + Returns: + str: The universe domain used + by the client instance. + """ + return self._client._universe_domain + + get_transport_class = functools.partial(type(SecretManagerServiceClient).get_transport_class, type(SecretManagerServiceClient)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, SecretManagerServiceTransport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the secret manager service async client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.SecretManagerServiceTransport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): + Custom options for the client. + + 1. The ``api_endpoint`` property can be used to override the + default endpoint provided by the client when ``transport`` is + not explicitly provided. Only if this property is not set and + ``transport`` was not explicitly provided, the endpoint is + determined by the GOOGLE_API_USE_MTLS_ENDPOINT environment + variable, which have one of the following values: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto-switch to the + default mTLS endpoint if client certificate is present; this is + the default value). + + 2. If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide a client certificate for mTLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + 3. The ``universe_domain`` property can be used to override the + default "googleapis.com" universe. Note that ``api_endpoint`` + property still takes precedence; and ``universe_domain`` is + currently not supported for mTLS. + + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = SecretManagerServiceClient( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def list_secrets(self, + request: Optional[Union[service.ListSecretsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListSecretsAsyncPager: + r"""Lists [Secrets][google.cloud.secretmanager.v1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + async def sample_list_secrets(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.ListSecretsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secrets(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1.types.ListSecretsRequest, dict]]): + The request object. Request message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1.SecretManagerService.ListSecrets]. + parent (:class:`str`): + Required. The resource name of the project associated + with the + [Secrets][google.cloud.secretmanager.v1.Secret], in the + format ``projects/*`` or ``projects/*/locations/*`` + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.services.secret_manager_service.pagers.ListSecretsAsyncPager: + Response message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1.SecretManagerService.ListSecrets]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListSecretsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_secrets, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListSecretsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def create_secret(self, + request: Optional[Union[service.CreateSecretRequest, dict]] = None, + *, + parent: Optional[str] = None, + secret_id: Optional[str] = None, + secret: Optional[resources.Secret] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Creates a new [Secret][google.cloud.secretmanager.v1.Secret] + containing no + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + async def sample_create_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.CreateSecretRequest( + parent="parent_value", + secret_id="secret_id_value", + ) + + # Make the request + response = await client.create_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1.types.CreateSecretRequest, dict]]): + The request object. Request message for + [SecretManagerService.CreateSecret][google.cloud.secretmanager.v1.SecretManagerService.CreateSecret]. + parent (:class:`str`): + Required. The resource name of the project to associate + with the [Secret][google.cloud.secretmanager.v1.Secret], + in the format ``projects/*`` or + ``projects/*/locations/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + secret_id (:class:`str`): + Required. This must be unique within the project. + + A secret ID is a string with a maximum length of 255 + characters and can contain uppercase and lowercase + letters, numerals, and the hyphen (``-``) and underscore + (``_``) characters. + + This corresponds to the ``secret_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + secret (:class:`google.cloud.secretmanager_v1.types.Secret`): + Required. A + [Secret][google.cloud.secretmanager.v1.Secret] with + initial field values. + + This corresponds to the ``secret`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.Secret: + A [Secret][google.cloud.secretmanager.v1.Secret] is a logical secret whose + value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, secret_id, secret]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.CreateSecretRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if secret_id is not None: + request.secret_id = secret_id + if secret is not None: + request.secret = secret + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.create_secret, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def add_secret_version(self, + request: Optional[Union[service.AddSecretVersionRequest, dict]] = None, + *, + parent: Optional[str] = None, + payload: Optional[resources.SecretPayload] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Creates a new + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + containing secret data and attaches it to an existing + [Secret][google.cloud.secretmanager.v1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + async def sample_add_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.AddSecretVersionRequest( + parent="parent_value", + ) + + # Make the request + response = await client.add_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1.types.AddSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion]. + parent (:class:`str`): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret] to + associate with the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + in the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + payload (:class:`google.cloud.secretmanager_v1.types.SecretPayload`): + Required. The secret payload of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + This corresponds to the ``payload`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, payload]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.AddSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if payload is not None: + request.payload = payload + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.add_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_secret(self, + request: Optional[Union[service.GetSecretRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Gets metadata for a given + [Secret][google.cloud.secretmanager.v1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + async def sample_get_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.GetSecretRequest( + name="name_value", + ) + + # Make the request + response = await client.get_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1.types.GetSecretRequest, dict]]): + The request object. Request message for + [SecretManagerService.GetSecret][google.cloud.secretmanager.v1.SecretManagerService.GetSecret]. + name (:class:`str`): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret], in the + format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.Secret: + A [Secret][google.cloud.secretmanager.v1.Secret] is a logical secret whose + value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSecretRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_secret, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_secret(self, + request: Optional[Union[service.UpdateSecretRequest, dict]] = None, + *, + secret: Optional[resources.Secret] = None, + update_mask: Optional[field_mask_pb2.FieldMask] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Updates metadata of an existing + [Secret][google.cloud.secretmanager.v1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + async def sample_update_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.UpdateSecretRequest( + ) + + # Make the request + response = await client.update_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1.types.UpdateSecretRequest, dict]]): + The request object. Request message for + [SecretManagerService.UpdateSecret][google.cloud.secretmanager.v1.SecretManagerService.UpdateSecret]. + secret (:class:`google.cloud.secretmanager_v1.types.Secret`): + Required. [Secret][google.cloud.secretmanager.v1.Secret] + with updated field values. + + This corresponds to the ``secret`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + update_mask (:class:`google.protobuf.field_mask_pb2.FieldMask`): + Required. Specifies the fields to be + updated. + + This corresponds to the ``update_mask`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.Secret: + A [Secret][google.cloud.secretmanager.v1.Secret] is a logical secret whose + value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([secret, update_mask]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdateSecretRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if secret is not None: + request.secret = secret + if update_mask is not None: + request.update_mask = update_mask + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_secret, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("secret.name", request.secret.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def delete_secret(self, + request: Optional[Union[service.DeleteSecretRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes a [Secret][google.cloud.secretmanager.v1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + async def sample_delete_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.DeleteSecretRequest( + name="name_value", + ) + + # Make the request + await client.delete_secret(request=request) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1.types.DeleteSecretRequest, dict]]): + The request object. Request message for + [SecretManagerService.DeleteSecret][google.cloud.secretmanager.v1.SecretManagerService.DeleteSecret]. + name (:class:`str`): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret] to delete + in the format ``projects/*/secrets/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DeleteSecretRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.delete_secret, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + async def list_secret_versions(self, + request: Optional[Union[service.ListSecretVersionsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListSecretVersionsAsyncPager: + r"""Lists + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. + This call does not return secret data. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + async def sample_list_secret_versions(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.ListSecretVersionsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secret_versions(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1.types.ListSecretVersionsRequest, dict]]): + The request object. Request message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1.SecretManagerService.ListSecretVersions]. + parent (:class:`str`): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret] + associated with the + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + to list, in the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.services.secret_manager_service.pagers.ListSecretVersionsAsyncPager: + Response message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1.SecretManagerService.ListSecretVersions]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListSecretVersionsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_secret_versions, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListSecretVersionsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_secret_version(self, + request: Optional[Union[service.GetSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Gets metadata for a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + async def sample_get_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.GetSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.get_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1.types.GetSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.GetSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.GetSecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + ``projects/*/secrets/*/versions/latest`` or + ``projects/*/locations/*/secrets/*/versions/latest`` is + an alias to the most recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def access_secret_version(self, + request: Optional[Union[service.AccessSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.AccessSecretVersionResponse: + r"""Accesses a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + This call returns the secret data. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + async def sample_access_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.AccessSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.access_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1.types.AccessSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + ``projects/*/secrets/*/versions/latest`` or + ``projects/*/locations/*/secrets/*/versions/latest`` is + an alias to the most recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.AccessSecretVersionResponse: + Response message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion]. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.AccessSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.access_secret_version, + default_retry=retries.AsyncRetry( +initial=2.0,maximum=60.0,multiplier=2.0, predicate=retries.if_exception_type( + core_exceptions.ResourceExhausted, + core_exceptions.ServiceUnavailable, + ), + deadline=60.0, + ), + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def disable_secret_version(self, + request: Optional[Union[service.DisableSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Disables a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1.SecretVersion.state] of + the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to + [DISABLED][google.cloud.secretmanager.v1.SecretVersion.State.DISABLED]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + async def sample_disable_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.DisableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.disable_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1.types.DisableSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.DisableSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.DisableSecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to disable in the format + ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DisableSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.disable_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def enable_secret_version(self, + request: Optional[Union[service.EnableSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Enables a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1.SecretVersion.state] of + the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to + [ENABLED][google.cloud.secretmanager.v1.SecretVersion.State.ENABLED]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + async def sample_enable_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.EnableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.enable_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1.types.EnableSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.EnableSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.EnableSecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to enable in the format + ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.EnableSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.enable_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def destroy_secret_version(self, + request: Optional[Union[service.DestroySecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Destroys a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1.SecretVersion.state] of + the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to + [DESTROYED][google.cloud.secretmanager.v1.SecretVersion.State.DESTROYED] + and irrevocably destroys the secret data. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + async def sample_destroy_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.DestroySecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.destroy_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1.types.DestroySecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.DestroySecretVersion][google.cloud.secretmanager.v1.SecretManagerService.DestroySecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to destroy in the format + ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DestroySecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.destroy_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def set_iam_policy(self, + request: Optional[Union[iam_policy_pb2.SetIamPolicyRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> policy_pb2.Policy: + r"""Sets the access control policy on the specified secret. Replaces + any existing policy. + + Permissions on + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + are enforced according to the policy set on the associated + [Secret][google.cloud.secretmanager.v1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + async def sample_set_iam_policy(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.SetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = await client.set_iam_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]]): + The request object. Request message for ``SetIamPolicy`` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. + + A Policy is a collection of bindings. A binding binds + one or more members, or principals, to a single role. + Principals can be user accounts, service accounts, + Google groups, and domains (such as G Suite). A role + is a named list of permissions; each role can be an + IAM predefined role or a user-created custom role. + + For some types of Google Cloud resources, a binding + can also specify a condition, which is a logical + expression that allows access to a resource only if + the expression evaluates to true. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the [IAM + documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). + + **JSON example:** + + :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` + + **YAML example:** + + :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` + + For a description of IAM and its features, see the + [IAM + documentation](\ https://cloud.google.com/iam/docs/). + + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = iam_policy_pb2.SetIamPolicyRequest(**request) + elif not request: + request = iam_policy_pb2.SetIamPolicyRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.set_iam_policy, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_iam_policy(self, + request: Optional[Union[iam_policy_pb2.GetIamPolicyRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> policy_pb2.Policy: + r"""Gets the access control policy for a secret. + Returns empty policy if the secret exists and does not + have a policy set. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + async def sample_get_iam_policy(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.GetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = await client.get_iam_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]]): + The request object. Request message for ``GetIamPolicy`` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. + + A Policy is a collection of bindings. A binding binds + one or more members, or principals, to a single role. + Principals can be user accounts, service accounts, + Google groups, and domains (such as G Suite). A role + is a named list of permissions; each role can be an + IAM predefined role or a user-created custom role. + + For some types of Google Cloud resources, a binding + can also specify a condition, which is a logical + expression that allows access to a resource only if + the expression evaluates to true. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the [IAM + documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). + + **JSON example:** + + :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` + + **YAML example:** + + :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` + + For a description of IAM and its features, see the + [IAM + documentation](\ https://cloud.google.com/iam/docs/). + + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = iam_policy_pb2.GetIamPolicyRequest(**request) + elif not request: + request = iam_policy_pb2.GetIamPolicyRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_iam_policy, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def test_iam_permissions(self, + request: Optional[Union[iam_policy_pb2.TestIamPermissionsRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> iam_policy_pb2.TestIamPermissionsResponse: + r"""Returns permissions that a caller has for the specified secret. + If the secret does not exist, this call returns an empty set of + permissions, not a NOT_FOUND error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without + warning. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + async def sample_test_iam_permissions(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.TestIamPermissionsRequest( + resource="resource_value", + permissions=['permissions_value1', 'permissions_value2'], + ) + + # Make the request + response = await client.test_iam_permissions(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]]): + The request object. Request message for ``TestIamPermissions`` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse: + Response message for TestIamPermissions method. + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = iam_policy_pb2.TestIamPermissionsRequest(**request) + elif not request: + request = iam_policy_pb2.TestIamPermissionsRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.test_iam_permissions, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_location( + self, + request: Optional[locations_pb2.GetLocationRequest] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> locations_pb2.Location: + r"""Gets information about a location. + + Args: + request (:class:`~.location_pb2.GetLocationRequest`): + The request object. Request message for + `GetLocation` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, + if any, should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + Returns: + ~.location_pb2.Location: + Location object. + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = locations_pb2.GetLocationRequest(**request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_location, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata( + (("name", request.name),)), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, retry=retry, timeout=timeout, metadata=metadata,) + + # Done; return the response. + return response + + async def list_locations( + self, + request: Optional[locations_pb2.ListLocationsRequest] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> locations_pb2.ListLocationsResponse: + r"""Lists information about the supported locations for this service. + + Args: + request (:class:`~.location_pb2.ListLocationsRequest`): + The request object. Request message for + `ListLocations` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, + if any, should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + Returns: + ~.location_pb2.ListLocationsResponse: + Response message for ``ListLocations`` method. + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = locations_pb2.ListLocationsRequest(**request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_locations, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata( + (("name", request.name),)), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, retry=retry, timeout=timeout, metadata=metadata,) + + # Done; return the response. + return response + + async def __aenter__(self) -> "SecretManagerServiceAsyncClient": + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +__all__ = ( + "SecretManagerServiceAsyncClient", +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/client.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/client.py new file mode 100644 index 000000000000..3b7404a9b364 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/client.py @@ -0,0 +1,2457 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import warnings + +from google.cloud.secretmanager_v1 import gapic_version as package_version + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault, None] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object, None] # type: ignore + +from google.cloud.location import locations_pb2 # type: ignore +from google.cloud.secretmanager_v1.services.secret_manager_service import pagers +from google.cloud.secretmanager_v1.types import resources +from google.cloud.secretmanager_v1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import duration_pb2 # type: ignore +from google.protobuf import field_mask_pb2 # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO +from .transports.grpc import SecretManagerServiceGrpcTransport +from .transports.grpc_asyncio import SecretManagerServiceGrpcAsyncIOTransport +from .transports.rest import SecretManagerServiceRestTransport + + +class SecretManagerServiceClientMeta(type): + """Metaclass for the SecretManagerService client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[SecretManagerServiceTransport]] + _transport_registry["grpc"] = SecretManagerServiceGrpcTransport + _transport_registry["grpc_asyncio"] = SecretManagerServiceGrpcAsyncIOTransport + _transport_registry["rest"] = SecretManagerServiceRestTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[SecretManagerServiceTransport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class SecretManagerServiceClient(metaclass=SecretManagerServiceClientMeta): + """Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secretmanager.v1.Secret] + - [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + # Note: DEFAULT_ENDPOINT is deprecated. Use _DEFAULT_ENDPOINT_TEMPLATE instead. + DEFAULT_ENDPOINT = "secretmanager.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + _DEFAULT_ENDPOINT_TEMPLATE = "secretmanager.{UNIVERSE_DOMAIN}" + _DEFAULT_UNIVERSE = "googleapis.com" + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecretManagerServiceClient: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecretManagerServiceClient: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> SecretManagerServiceTransport: + """Returns the transport used by the client instance. + + Returns: + SecretManagerServiceTransport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def secret_path(project: str,secret: str,) -> str: + """Returns a fully-qualified secret string.""" + return "projects/{project}/secrets/{secret}".format(project=project, secret=secret, ) + + @staticmethod + def parse_secret_path(path: str) -> Dict[str,str]: + """Parses a secret path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/secrets/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def secret_version_path(project: str,secret: str,secret_version: str,) -> str: + """Returns a fully-qualified secret_version string.""" + return "projects/{project}/secrets/{secret}/versions/{secret_version}".format(project=project, secret=secret, secret_version=secret_version, ) + + @staticmethod + def parse_secret_version_path(path: str) -> Dict[str,str]: + """Parses a secret_version path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/secrets/(?P.+?)/versions/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def topic_path(project: str,topic: str,) -> str: + """Returns a fully-qualified topic string.""" + return "projects/{project}/topics/{topic}".format(project=project, topic=topic, ) + + @staticmethod + def parse_topic_path(path: str) -> Dict[str,str]: + """Parses a topic path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/topics/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Deprecated. Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variable is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + + warnings.warn("get_mtls_endpoint_and_cert_source is deprecated. Use the api_endpoint property instead.", + DeprecationWarning) + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + @staticmethod + def _read_environment_variables(): + """Returns the environment variables used by the client. + + Returns: + Tuple[bool, str, str]: returns the GOOGLE_API_USE_CLIENT_CERTIFICATE, + GOOGLE_API_USE_MTLS_ENDPOINT, and GOOGLE_CLOUD_UNIVERSE_DOMAIN environment variables. + + Raises: + ValueError: If GOOGLE_API_USE_CLIENT_CERTIFICATE is not + any of ["true", "false"]. + google.auth.exceptions.MutualTLSChannelError: If GOOGLE_API_USE_MTLS_ENDPOINT + is not any of ["auto", "never", "always"]. + """ + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false").lower() + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto").lower() + universe_domain_env = os.getenv("GOOGLE_CLOUD_UNIVERSE_DOMAIN") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + return use_client_cert == "true", use_mtls_endpoint, universe_domain_env + + @staticmethod + def _get_client_cert_source(provided_cert_source, use_cert_flag): + """Return the client cert source to be used by the client. + + Args: + provided_cert_source (bytes): The client certificate source provided. + use_cert_flag (bool): A flag indicating whether to use the client certificate. + + Returns: + bytes or None: The client cert source to be used by the client. + """ + client_cert_source = None + if use_cert_flag: + if provided_cert_source: + client_cert_source = provided_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + return client_cert_source + + @staticmethod + def _get_api_endpoint(api_override, client_cert_source, universe_domain, use_mtls_endpoint): + """Return the API endpoint used by the client. + + Args: + api_override (str): The API endpoint override. If specified, this is always + the return value of this function and the other arguments are not used. + client_cert_source (bytes): The client certificate source used by the client. + universe_domain (str): The universe domain used by the client. + use_mtls_endpoint (str): How to use the mTLS endpoint, which depends also on the other parameters. + Possible values are "always", "auto", or "never". + + Returns: + str: The API endpoint to be used by the client. + """ + if api_override is not None: + api_endpoint = api_override + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + _default_universe = SecretManagerServiceClient._DEFAULT_UNIVERSE + if universe_domain != _default_universe: + raise MutualTLSChannelError(f"mTLS is not supported in any universe other than {_default_universe}.") + api_endpoint = SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=universe_domain) + return api_endpoint + + @staticmethod + def _get_universe_domain(client_universe_domain: Optional[str], universe_domain_env: Optional[str]) -> str: + """Return the universe domain used by the client. + + Args: + client_universe_domain (Optional[str]): The universe domain configured via the client options. + universe_domain_env (Optional[str]): The universe domain configured via the "GOOGLE_CLOUD_UNIVERSE_DOMAIN" environment variable. + + Returns: + str: The universe domain to be used by the client. + + Raises: + ValueError: If the universe domain is an empty string. + """ + universe_domain = SecretManagerServiceClient._DEFAULT_UNIVERSE + if client_universe_domain is not None: + universe_domain = client_universe_domain + elif universe_domain_env is not None: + universe_domain = universe_domain_env + if len(universe_domain.strip()) == 0: + raise ValueError("Universe Domain cannot be an empty string.") + return universe_domain + + @staticmethod + def _compare_universes(client_universe: str, + credentials: ga_credentials.Credentials) -> bool: + """Returns True iff the universe domains used by the client and credentials match. + + Args: + client_universe (str): The universe domain configured via the client options. + credentials (ga_credentials.Credentials): The credentials being used in the client. + + Returns: + bool: True iff client_universe matches the universe in credentials. + + Raises: + ValueError: when client_universe does not match the universe in credentials. + """ + + default_universe = SecretManagerServiceClient._DEFAULT_UNIVERSE + credentials_universe = getattr(credentials, "universe_domain", default_universe) + + if client_universe != credentials_universe: + raise ValueError("The configured universe domain " + f"({client_universe}) does not match the universe domain " + f"found in the credentials ({credentials_universe}). " + "If you haven't configured the universe domain explicitly, " + f"`{default_universe}` is the default.") + return True + + def _validate_universe_domain(self): + """Validates client's and credentials' universe domains are consistent. + + Returns: + bool: True iff the configured universe domain is valid. + + Raises: + ValueError: If the configured universe domain is not valid. + """ + self._is_universe_domain_valid = (self._is_universe_domain_valid or + SecretManagerServiceClient._compare_universes(self.universe_domain, self.transport._credentials)) + return self._is_universe_domain_valid + + @property + def api_endpoint(self): + """Return the API endpoint used by the client instance. + + Returns: + str: The API endpoint used by the client instance. + """ + return self._api_endpoint + + @property + def universe_domain(self) -> str: + """Return the universe domain used by the client instance. + + Returns: + str: The universe domain used by the client instance. + """ + return self._universe_domain + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, SecretManagerServiceTransport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the secret manager service client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, SecretManagerServiceTransport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): + Custom options for the client. + + 1. The ``api_endpoint`` property can be used to override the + default endpoint provided by the client when ``transport`` is + not explicitly provided. Only if this property is not set and + ``transport`` was not explicitly provided, the endpoint is + determined by the GOOGLE_API_USE_MTLS_ENDPOINT environment + variable, which have one of the following values: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto-switch to the + default mTLS endpoint if client certificate is present; this is + the default value). + + 2. If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide a client certificate for mTLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + 3. The ``universe_domain`` property can be used to override the + default "googleapis.com" universe. Note that the ``api_endpoint`` + property still takes precedence; and ``universe_domain`` is + currently not supported for mTLS. + + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client_options = client_options + if isinstance(self._client_options, dict): + self._client_options = client_options_lib.from_dict(self._client_options) + if self._client_options is None: + self._client_options = client_options_lib.ClientOptions() + self._client_options = cast(client_options_lib.ClientOptions, self._client_options) + + universe_domain_opt = getattr(self._client_options, 'universe_domain', None) + + self._use_client_cert, self._use_mtls_endpoint, self._universe_domain_env = SecretManagerServiceClient._read_environment_variables() + self._client_cert_source = SecretManagerServiceClient._get_client_cert_source(self._client_options.client_cert_source, self._use_client_cert) + self._universe_domain = SecretManagerServiceClient._get_universe_domain(universe_domain_opt, self._universe_domain_env) + self._api_endpoint = None # updated below, depending on `transport` + + # Initialize the universe domain validation. + self._is_universe_domain_valid = False + + api_key_value = getattr(self._client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + transport_provided = isinstance(transport, SecretManagerServiceTransport) + if transport_provided: + # transport is a SecretManagerServiceTransport instance. + if credentials or self._client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if self._client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = cast(SecretManagerServiceTransport, transport) + self._api_endpoint = self._transport.host + + self._api_endpoint = (self._api_endpoint or + SecretManagerServiceClient._get_api_endpoint( + self._client_options.api_endpoint, + self._client_cert_source, + self._universe_domain, + self._use_mtls_endpoint)) + + if not transport_provided: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(cast(str, transport)) + self._transport = Transport( + credentials=credentials, + credentials_file=self._client_options.credentials_file, + host=self._api_endpoint, + scopes=self._client_options.scopes, + client_cert_source_for_mtls=self._client_cert_source, + quota_project_id=self._client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=self._client_options.api_audience, + ) + + def list_secrets(self, + request: Optional[Union[service.ListSecretsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListSecretsPager: + r"""Lists [Secrets][google.cloud.secretmanager.v1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + def sample_list_secrets(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.ListSecretsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secrets(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1.types.ListSecretsRequest, dict]): + The request object. Request message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1.SecretManagerService.ListSecrets]. + parent (str): + Required. The resource name of the project associated + with the + [Secrets][google.cloud.secretmanager.v1.Secret], in the + format ``projects/*`` or ``projects/*/locations/*`` + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.services.secret_manager_service.pagers.ListSecretsPager: + Response message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1.SecretManagerService.ListSecrets]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListSecretsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListSecretsRequest): + request = service.ListSecretsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_secrets] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListSecretsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def create_secret(self, + request: Optional[Union[service.CreateSecretRequest, dict]] = None, + *, + parent: Optional[str] = None, + secret_id: Optional[str] = None, + secret: Optional[resources.Secret] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Creates a new [Secret][google.cloud.secretmanager.v1.Secret] + containing no + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + def sample_create_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.CreateSecretRequest( + parent="parent_value", + secret_id="secret_id_value", + ) + + # Make the request + response = client.create_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1.types.CreateSecretRequest, dict]): + The request object. Request message for + [SecretManagerService.CreateSecret][google.cloud.secretmanager.v1.SecretManagerService.CreateSecret]. + parent (str): + Required. The resource name of the project to associate + with the [Secret][google.cloud.secretmanager.v1.Secret], + in the format ``projects/*`` or + ``projects/*/locations/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + secret_id (str): + Required. This must be unique within the project. + + A secret ID is a string with a maximum length of 255 + characters and can contain uppercase and lowercase + letters, numerals, and the hyphen (``-``) and underscore + (``_``) characters. + + This corresponds to the ``secret_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + secret (google.cloud.secretmanager_v1.types.Secret): + Required. A + [Secret][google.cloud.secretmanager.v1.Secret] with + initial field values. + + This corresponds to the ``secret`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.Secret: + A [Secret][google.cloud.secretmanager.v1.Secret] is a logical secret whose + value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, secret_id, secret]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.CreateSecretRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.CreateSecretRequest): + request = service.CreateSecretRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if secret_id is not None: + request.secret_id = secret_id + if secret is not None: + request.secret = secret + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.create_secret] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def add_secret_version(self, + request: Optional[Union[service.AddSecretVersionRequest, dict]] = None, + *, + parent: Optional[str] = None, + payload: Optional[resources.SecretPayload] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Creates a new + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + containing secret data and attaches it to an existing + [Secret][google.cloud.secretmanager.v1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + def sample_add_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.AddSecretVersionRequest( + parent="parent_value", + ) + + # Make the request + response = client.add_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1.types.AddSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion]. + parent (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret] to + associate with the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + in the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + payload (google.cloud.secretmanager_v1.types.SecretPayload): + Required. The secret payload of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + This corresponds to the ``payload`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, payload]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.AddSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.AddSecretVersionRequest): + request = service.AddSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if payload is not None: + request.payload = payload + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.add_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_secret(self, + request: Optional[Union[service.GetSecretRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Gets metadata for a given + [Secret][google.cloud.secretmanager.v1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + def sample_get_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.GetSecretRequest( + name="name_value", + ) + + # Make the request + response = client.get_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1.types.GetSecretRequest, dict]): + The request object. Request message for + [SecretManagerService.GetSecret][google.cloud.secretmanager.v1.SecretManagerService.GetSecret]. + name (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret], in the + format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.Secret: + A [Secret][google.cloud.secretmanager.v1.Secret] is a logical secret whose + value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSecretRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSecretRequest): + request = service.GetSecretRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_secret] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_secret(self, + request: Optional[Union[service.UpdateSecretRequest, dict]] = None, + *, + secret: Optional[resources.Secret] = None, + update_mask: Optional[field_mask_pb2.FieldMask] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Updates metadata of an existing + [Secret][google.cloud.secretmanager.v1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + def sample_update_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.UpdateSecretRequest( + ) + + # Make the request + response = client.update_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1.types.UpdateSecretRequest, dict]): + The request object. Request message for + [SecretManagerService.UpdateSecret][google.cloud.secretmanager.v1.SecretManagerService.UpdateSecret]. + secret (google.cloud.secretmanager_v1.types.Secret): + Required. [Secret][google.cloud.secretmanager.v1.Secret] + with updated field values. + + This corresponds to the ``secret`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + update_mask (google.protobuf.field_mask_pb2.FieldMask): + Required. Specifies the fields to be + updated. + + This corresponds to the ``update_mask`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.Secret: + A [Secret][google.cloud.secretmanager.v1.Secret] is a logical secret whose + value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([secret, update_mask]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdateSecretRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdateSecretRequest): + request = service.UpdateSecretRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if secret is not None: + request.secret = secret + if update_mask is not None: + request.update_mask = update_mask + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_secret] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("secret.name", request.secret.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def delete_secret(self, + request: Optional[Union[service.DeleteSecretRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes a [Secret][google.cloud.secretmanager.v1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + def sample_delete_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.DeleteSecretRequest( + name="name_value", + ) + + # Make the request + client.delete_secret(request=request) + + Args: + request (Union[google.cloud.secretmanager_v1.types.DeleteSecretRequest, dict]): + The request object. Request message for + [SecretManagerService.DeleteSecret][google.cloud.secretmanager.v1.SecretManagerService.DeleteSecret]. + name (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret] to delete + in the format ``projects/*/secrets/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DeleteSecretRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DeleteSecretRequest): + request = service.DeleteSecretRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.delete_secret] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + def list_secret_versions(self, + request: Optional[Union[service.ListSecretVersionsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListSecretVersionsPager: + r"""Lists + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. + This call does not return secret data. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + def sample_list_secret_versions(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.ListSecretVersionsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secret_versions(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1.types.ListSecretVersionsRequest, dict]): + The request object. Request message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1.SecretManagerService.ListSecretVersions]. + parent (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret] + associated with the + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + to list, in the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.services.secret_manager_service.pagers.ListSecretVersionsPager: + Response message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1.SecretManagerService.ListSecretVersions]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListSecretVersionsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListSecretVersionsRequest): + request = service.ListSecretVersionsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_secret_versions] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListSecretVersionsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_secret_version(self, + request: Optional[Union[service.GetSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Gets metadata for a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + def sample_get_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.GetSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.get_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1.types.GetSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.GetSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.GetSecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + ``projects/*/secrets/*/versions/latest`` or + ``projects/*/locations/*/secrets/*/versions/latest`` is + an alias to the most recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSecretVersionRequest): + request = service.GetSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def access_secret_version(self, + request: Optional[Union[service.AccessSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.AccessSecretVersionResponse: + r"""Accesses a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + This call returns the secret data. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + def sample_access_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.AccessSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.access_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1.types.AccessSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + ``projects/*/secrets/*/versions/latest`` or + ``projects/*/locations/*/secrets/*/versions/latest`` is + an alias to the most recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.AccessSecretVersionResponse: + Response message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion]. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.AccessSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.AccessSecretVersionRequest): + request = service.AccessSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.access_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def disable_secret_version(self, + request: Optional[Union[service.DisableSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Disables a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1.SecretVersion.state] of + the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to + [DISABLED][google.cloud.secretmanager.v1.SecretVersion.State.DISABLED]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + def sample_disable_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.DisableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.disable_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1.types.DisableSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.DisableSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.DisableSecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to disable in the format + ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DisableSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DisableSecretVersionRequest): + request = service.DisableSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.disable_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def enable_secret_version(self, + request: Optional[Union[service.EnableSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Enables a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1.SecretVersion.state] of + the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to + [ENABLED][google.cloud.secretmanager.v1.SecretVersion.State.ENABLED]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + def sample_enable_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.EnableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.enable_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1.types.EnableSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.EnableSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.EnableSecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to enable in the format + ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.EnableSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.EnableSecretVersionRequest): + request = service.EnableSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.enable_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def destroy_secret_version(self, + request: Optional[Union[service.DestroySecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Destroys a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1.SecretVersion.state] of + the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to + [DESTROYED][google.cloud.secretmanager.v1.SecretVersion.State.DESTROYED] + and irrevocably destroys the secret data. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + + def sample_destroy_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.DestroySecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.destroy_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1.types.DestroySecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.DestroySecretVersion][google.cloud.secretmanager.v1.SecretManagerService.DestroySecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to destroy in the format + ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DestroySecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DestroySecretVersionRequest): + request = service.DestroySecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.destroy_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def set_iam_policy(self, + request: Optional[Union[iam_policy_pb2.SetIamPolicyRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> policy_pb2.Policy: + r"""Sets the access control policy on the specified secret. Replaces + any existing policy. + + Permissions on + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + are enforced according to the policy set on the associated + [Secret][google.cloud.secretmanager.v1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + def sample_set_iam_policy(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.SetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = client.set_iam_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]): + The request object. Request message for ``SetIamPolicy`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. + + A Policy is a collection of bindings. A binding binds + one or more members, or principals, to a single role. + Principals can be user accounts, service accounts, + Google groups, and domains (such as G Suite). A role + is a named list of permissions; each role can be an + IAM predefined role or a user-created custom role. + + For some types of Google Cloud resources, a binding + can also specify a condition, which is a logical + expression that allows access to a resource only if + the expression evaluates to true. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the [IAM + documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). + + **JSON example:** + + :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` + + **YAML example:** + + :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` + + For a description of IAM and its features, see the + [IAM + documentation](\ https://cloud.google.com/iam/docs/). + + """ + # Create or coerce a protobuf request object. + if isinstance(request, dict): + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + request = iam_policy_pb2.SetIamPolicyRequest(**request) + elif not request: + # Null request, just make one. + request = iam_policy_pb2.SetIamPolicyRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.set_iam_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_iam_policy(self, + request: Optional[Union[iam_policy_pb2.GetIamPolicyRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> policy_pb2.Policy: + r"""Gets the access control policy for a secret. + Returns empty policy if the secret exists and does not + have a policy set. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + def sample_get_iam_policy(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.GetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = client.get_iam_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]): + The request object. Request message for ``GetIamPolicy`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. + + A Policy is a collection of bindings. A binding binds + one or more members, or principals, to a single role. + Principals can be user accounts, service accounts, + Google groups, and domains (such as G Suite). A role + is a named list of permissions; each role can be an + IAM predefined role or a user-created custom role. + + For some types of Google Cloud resources, a binding + can also specify a condition, which is a logical + expression that allows access to a resource only if + the expression evaluates to true. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the [IAM + documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). + + **JSON example:** + + :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` + + **YAML example:** + + :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` + + For a description of IAM and its features, see the + [IAM + documentation](\ https://cloud.google.com/iam/docs/). + + """ + # Create or coerce a protobuf request object. + if isinstance(request, dict): + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + request = iam_policy_pb2.GetIamPolicyRequest(**request) + elif not request: + # Null request, just make one. + request = iam_policy_pb2.GetIamPolicyRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_iam_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def test_iam_permissions(self, + request: Optional[Union[iam_policy_pb2.TestIamPermissionsRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> iam_policy_pb2.TestIamPermissionsResponse: + r"""Returns permissions that a caller has for the specified secret. + If the secret does not exist, this call returns an empty set of + permissions, not a NOT_FOUND error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without + warning. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + def sample_test_iam_permissions(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.TestIamPermissionsRequest( + resource="resource_value", + permissions=['permissions_value1', 'permissions_value2'], + ) + + # Make the request + response = client.test_iam_permissions(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]): + The request object. Request message for ``TestIamPermissions`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse: + Response message for TestIamPermissions method. + """ + # Create or coerce a protobuf request object. + if isinstance(request, dict): + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + request = iam_policy_pb2.TestIamPermissionsRequest(**request) + elif not request: + # Null request, just make one. + request = iam_policy_pb2.TestIamPermissionsRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.test_iam_permissions] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self) -> "SecretManagerServiceClient": + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + def get_location( + self, + request: Optional[locations_pb2.GetLocationRequest] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> locations_pb2.Location: + r"""Gets information about a location. + + Args: + request (:class:`~.location_pb2.GetLocationRequest`): + The request object. Request message for + `GetLocation` method. + retry (google.api_core.retry.Retry): Designation of what errors, + if any, should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + Returns: + ~.location_pb2.Location: + Location object. + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = locations_pb2.GetLocationRequest(**request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method.wrap_method( + self._transport.get_location, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata( + (("name", request.name),)), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, retry=retry, timeout=timeout, metadata=metadata,) + + # Done; return the response. + return response + + def list_locations( + self, + request: Optional[locations_pb2.ListLocationsRequest] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> locations_pb2.ListLocationsResponse: + r"""Lists information about the supported locations for this service. + + Args: + request (:class:`~.location_pb2.ListLocationsRequest`): + The request object. Request message for + `ListLocations` method. + retry (google.api_core.retry.Retry): Designation of what errors, + if any, should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + Returns: + ~.location_pb2.ListLocationsResponse: + Response message for ``ListLocations`` method. + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = locations_pb2.ListLocationsRequest(**request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method.wrap_method( + self._transport.list_locations, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata( + (("name", request.name),)), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, retry=retry, timeout=timeout, metadata=metadata,) + + # Done; return the response. + return response + + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +__all__ = ( + "SecretManagerServiceClient", +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/pagers.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/pagers.py new file mode 100644 index 000000000000..fe7868045e7b --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/pagers.py @@ -0,0 +1,261 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.secretmanager_v1.types import resources +from google.cloud.secretmanager_v1.types import service + + +class ListSecretsPager: + """A pager for iterating through ``list_secrets`` requests. + + This class thinly wraps an initial + :class:`google.cloud.secretmanager_v1.types.ListSecretsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``secrets`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListSecrets`` requests and continue to iterate + through the ``secrets`` field on the + corresponding responses. + + All the usual :class:`google.cloud.secretmanager_v1.types.ListSecretsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListSecretsResponse], + request: service.ListSecretsRequest, + response: service.ListSecretsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.secretmanager_v1.types.ListSecretsRequest): + The initial request object. + response (google.cloud.secretmanager_v1.types.ListSecretsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListSecretsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListSecretsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.Secret]: + for page in self.pages: + yield from page.secrets + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListSecretsAsyncPager: + """A pager for iterating through ``list_secrets`` requests. + + This class thinly wraps an initial + :class:`google.cloud.secretmanager_v1.types.ListSecretsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``secrets`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListSecrets`` requests and continue to iterate + through the ``secrets`` field on the + corresponding responses. + + All the usual :class:`google.cloud.secretmanager_v1.types.ListSecretsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListSecretsResponse]], + request: service.ListSecretsRequest, + response: service.ListSecretsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.secretmanager_v1.types.ListSecretsRequest): + The initial request object. + response (google.cloud.secretmanager_v1.types.ListSecretsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListSecretsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListSecretsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.Secret]: + async def async_generator(): + async for page in self.pages: + for response in page.secrets: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListSecretVersionsPager: + """A pager for iterating through ``list_secret_versions`` requests. + + This class thinly wraps an initial + :class:`google.cloud.secretmanager_v1.types.ListSecretVersionsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``versions`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListSecretVersions`` requests and continue to iterate + through the ``versions`` field on the + corresponding responses. + + All the usual :class:`google.cloud.secretmanager_v1.types.ListSecretVersionsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListSecretVersionsResponse], + request: service.ListSecretVersionsRequest, + response: service.ListSecretVersionsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.secretmanager_v1.types.ListSecretVersionsRequest): + The initial request object. + response (google.cloud.secretmanager_v1.types.ListSecretVersionsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListSecretVersionsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListSecretVersionsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.SecretVersion]: + for page in self.pages: + yield from page.versions + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListSecretVersionsAsyncPager: + """A pager for iterating through ``list_secret_versions`` requests. + + This class thinly wraps an initial + :class:`google.cloud.secretmanager_v1.types.ListSecretVersionsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``versions`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListSecretVersions`` requests and continue to iterate + through the ``versions`` field on the + corresponding responses. + + All the usual :class:`google.cloud.secretmanager_v1.types.ListSecretVersionsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListSecretVersionsResponse]], + request: service.ListSecretVersionsRequest, + response: service.ListSecretVersionsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.secretmanager_v1.types.ListSecretVersionsRequest): + The initial request object. + response (google.cloud.secretmanager_v1.types.ListSecretVersionsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListSecretVersionsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListSecretVersionsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.SecretVersion]: + async def async_generator(): + async for page in self.pages: + for response in page.versions: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/__init__.py new file mode 100644 index 000000000000..f9c5d1564d99 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/__init__.py @@ -0,0 +1,38 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import SecretManagerServiceTransport +from .grpc import SecretManagerServiceGrpcTransport +from .grpc_asyncio import SecretManagerServiceGrpcAsyncIOTransport +from .rest import SecretManagerServiceRestTransport +from .rest import SecretManagerServiceRestInterceptor + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[SecretManagerServiceTransport]] +_transport_registry['grpc'] = SecretManagerServiceGrpcTransport +_transport_registry['grpc_asyncio'] = SecretManagerServiceGrpcAsyncIOTransport +_transport_registry['rest'] = SecretManagerServiceRestTransport + +__all__ = ( + 'SecretManagerServiceTransport', + 'SecretManagerServiceGrpcTransport', + 'SecretManagerServiceGrpcAsyncIOTransport', + 'SecretManagerServiceRestTransport', + 'SecretManagerServiceRestInterceptor', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/base.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/base.py new file mode 100644 index 000000000000..1558a77b089d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/base.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union + +from google.cloud.secretmanager_v1 import gapic_version as package_version + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.location import locations_pb2 # type: ignore +from google.cloud.secretmanager_v1.types import resources +from google.cloud.secretmanager_v1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import empty_pb2 # type: ignore + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +class SecretManagerServiceTransport(abc.ABC): + """Abstract transport class for SecretManagerService.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'secretmanager.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to (default: 'secretmanager.googleapis.com'). + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + @property + def host(self): + return self._host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.list_secrets: gapic_v1.method.wrap_method( + self.list_secrets, + default_timeout=60.0, + client_info=client_info, + ), + self.create_secret: gapic_v1.method.wrap_method( + self.create_secret, + default_timeout=60.0, + client_info=client_info, + ), + self.add_secret_version: gapic_v1.method.wrap_method( + self.add_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.get_secret: gapic_v1.method.wrap_method( + self.get_secret, + default_timeout=60.0, + client_info=client_info, + ), + self.update_secret: gapic_v1.method.wrap_method( + self.update_secret, + default_timeout=60.0, + client_info=client_info, + ), + self.delete_secret: gapic_v1.method.wrap_method( + self.delete_secret, + default_timeout=60.0, + client_info=client_info, + ), + self.list_secret_versions: gapic_v1.method.wrap_method( + self.list_secret_versions, + default_timeout=60.0, + client_info=client_info, + ), + self.get_secret_version: gapic_v1.method.wrap_method( + self.get_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.access_secret_version: gapic_v1.method.wrap_method( + self.access_secret_version, + default_retry=retries.Retry( +initial=2.0,maximum=60.0,multiplier=2.0, predicate=retries.if_exception_type( + core_exceptions.ResourceExhausted, + core_exceptions.ServiceUnavailable, + ), + deadline=60.0, + ), + default_timeout=60.0, + client_info=client_info, + ), + self.disable_secret_version: gapic_v1.method.wrap_method( + self.disable_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.enable_secret_version: gapic_v1.method.wrap_method( + self.enable_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.destroy_secret_version: gapic_v1.method.wrap_method( + self.destroy_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.set_iam_policy: gapic_v1.method.wrap_method( + self.set_iam_policy, + default_timeout=60.0, + client_info=client_info, + ), + self.get_iam_policy: gapic_v1.method.wrap_method( + self.get_iam_policy, + default_timeout=60.0, + client_info=client_info, + ), + self.test_iam_permissions: gapic_v1.method.wrap_method( + self.test_iam_permissions, + default_timeout=60.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def list_secrets(self) -> Callable[ + [service.ListSecretsRequest], + Union[ + service.ListSecretsResponse, + Awaitable[service.ListSecretsResponse] + ]]: + raise NotImplementedError() + + @property + def create_secret(self) -> Callable[ + [service.CreateSecretRequest], + Union[ + resources.Secret, + Awaitable[resources.Secret] + ]]: + raise NotImplementedError() + + @property + def add_secret_version(self) -> Callable[ + [service.AddSecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def get_secret(self) -> Callable[ + [service.GetSecretRequest], + Union[ + resources.Secret, + Awaitable[resources.Secret] + ]]: + raise NotImplementedError() + + @property + def update_secret(self) -> Callable[ + [service.UpdateSecretRequest], + Union[ + resources.Secret, + Awaitable[resources.Secret] + ]]: + raise NotImplementedError() + + @property + def delete_secret(self) -> Callable[ + [service.DeleteSecretRequest], + Union[ + empty_pb2.Empty, + Awaitable[empty_pb2.Empty] + ]]: + raise NotImplementedError() + + @property + def list_secret_versions(self) -> Callable[ + [service.ListSecretVersionsRequest], + Union[ + service.ListSecretVersionsResponse, + Awaitable[service.ListSecretVersionsResponse] + ]]: + raise NotImplementedError() + + @property + def get_secret_version(self) -> Callable[ + [service.GetSecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def access_secret_version(self) -> Callable[ + [service.AccessSecretVersionRequest], + Union[ + service.AccessSecretVersionResponse, + Awaitable[service.AccessSecretVersionResponse] + ]]: + raise NotImplementedError() + + @property + def disable_secret_version(self) -> Callable[ + [service.DisableSecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def enable_secret_version(self) -> Callable[ + [service.EnableSecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def destroy_secret_version(self) -> Callable[ + [service.DestroySecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def set_iam_policy(self) -> Callable[ + [iam_policy_pb2.SetIamPolicyRequest], + Union[ + policy_pb2.Policy, + Awaitable[policy_pb2.Policy] + ]]: + raise NotImplementedError() + + @property + def get_iam_policy(self) -> Callable[ + [iam_policy_pb2.GetIamPolicyRequest], + Union[ + policy_pb2.Policy, + Awaitable[policy_pb2.Policy] + ]]: + raise NotImplementedError() + + @property + def test_iam_permissions(self) -> Callable[ + [iam_policy_pb2.TestIamPermissionsRequest], + Union[ + iam_policy_pb2.TestIamPermissionsResponse, + Awaitable[iam_policy_pb2.TestIamPermissionsResponse] + ]]: + raise NotImplementedError() + + @property + def get_location(self, + ) -> Callable[ + [locations_pb2.GetLocationRequest], + Union[locations_pb2.Location, Awaitable[locations_pb2.Location]], + ]: + raise NotImplementedError() + + @property + def list_locations(self, + ) -> Callable[ + [locations_pb2.ListLocationsRequest], + Union[locations_pb2.ListLocationsResponse, Awaitable[locations_pb2.ListLocationsResponse]], + ]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'SecretManagerServiceTransport', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/grpc.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/grpc.py new file mode 100644 index 000000000000..a6a728133ae6 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/grpc.py @@ -0,0 +1,732 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.location import locations_pb2 # type: ignore +from google.cloud.secretmanager_v1.types import resources +from google.cloud.secretmanager_v1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import empty_pb2 # type: ignore +from .base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO + + +class SecretManagerServiceGrpcTransport(SecretManagerServiceTransport): + """gRPC backend transport for SecretManagerService. + + Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secretmanager.v1.Secret] + - [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to (default: 'secretmanager.googleapis.com'). + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def list_secrets(self) -> Callable[ + [service.ListSecretsRequest], + service.ListSecretsResponse]: + r"""Return a callable for the list secrets method over gRPC. + + Lists [Secrets][google.cloud.secretmanager.v1.Secret]. + + Returns: + Callable[[~.ListSecretsRequest], + ~.ListSecretsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_secrets' not in self._stubs: + self._stubs['list_secrets'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/ListSecrets', + request_serializer=service.ListSecretsRequest.serialize, + response_deserializer=service.ListSecretsResponse.deserialize, + ) + return self._stubs['list_secrets'] + + @property + def create_secret(self) -> Callable[ + [service.CreateSecretRequest], + resources.Secret]: + r"""Return a callable for the create secret method over gRPC. + + Creates a new [Secret][google.cloud.secretmanager.v1.Secret] + containing no + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. + + Returns: + Callable[[~.CreateSecretRequest], + ~.Secret]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_secret' not in self._stubs: + self._stubs['create_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/CreateSecret', + request_serializer=service.CreateSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['create_secret'] + + @property + def add_secret_version(self) -> Callable[ + [service.AddSecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the add secret version method over gRPC. + + Creates a new + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + containing secret data and attaches it to an existing + [Secret][google.cloud.secretmanager.v1.Secret]. + + Returns: + Callable[[~.AddSecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'add_secret_version' not in self._stubs: + self._stubs['add_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/AddSecretVersion', + request_serializer=service.AddSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['add_secret_version'] + + @property + def get_secret(self) -> Callable[ + [service.GetSecretRequest], + resources.Secret]: + r"""Return a callable for the get secret method over gRPC. + + Gets metadata for a given + [Secret][google.cloud.secretmanager.v1.Secret]. + + Returns: + Callable[[~.GetSecretRequest], + ~.Secret]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_secret' not in self._stubs: + self._stubs['get_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/GetSecret', + request_serializer=service.GetSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['get_secret'] + + @property + def update_secret(self) -> Callable[ + [service.UpdateSecretRequest], + resources.Secret]: + r"""Return a callable for the update secret method over gRPC. + + Updates metadata of an existing + [Secret][google.cloud.secretmanager.v1.Secret]. + + Returns: + Callable[[~.UpdateSecretRequest], + ~.Secret]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_secret' not in self._stubs: + self._stubs['update_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/UpdateSecret', + request_serializer=service.UpdateSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['update_secret'] + + @property + def delete_secret(self) -> Callable[ + [service.DeleteSecretRequest], + empty_pb2.Empty]: + r"""Return a callable for the delete secret method over gRPC. + + Deletes a [Secret][google.cloud.secretmanager.v1.Secret]. + + Returns: + Callable[[~.DeleteSecretRequest], + ~.Empty]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_secret' not in self._stubs: + self._stubs['delete_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/DeleteSecret', + request_serializer=service.DeleteSecretRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_secret'] + + @property + def list_secret_versions(self) -> Callable[ + [service.ListSecretVersionsRequest], + service.ListSecretVersionsResponse]: + r"""Return a callable for the list secret versions method over gRPC. + + Lists + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. + This call does not return secret data. + + Returns: + Callable[[~.ListSecretVersionsRequest], + ~.ListSecretVersionsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_secret_versions' not in self._stubs: + self._stubs['list_secret_versions'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/ListSecretVersions', + request_serializer=service.ListSecretVersionsRequest.serialize, + response_deserializer=service.ListSecretVersionsResponse.deserialize, + ) + return self._stubs['list_secret_versions'] + + @property + def get_secret_version(self) -> Callable[ + [service.GetSecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the get secret version method over gRPC. + + Gets metadata for a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Returns: + Callable[[~.GetSecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_secret_version' not in self._stubs: + self._stubs['get_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/GetSecretVersion', + request_serializer=service.GetSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['get_secret_version'] + + @property + def access_secret_version(self) -> Callable[ + [service.AccessSecretVersionRequest], + service.AccessSecretVersionResponse]: + r"""Return a callable for the access secret version method over gRPC. + + Accesses a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + This call returns the secret data. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Returns: + Callable[[~.AccessSecretVersionRequest], + ~.AccessSecretVersionResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'access_secret_version' not in self._stubs: + self._stubs['access_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/AccessSecretVersion', + request_serializer=service.AccessSecretVersionRequest.serialize, + response_deserializer=service.AccessSecretVersionResponse.deserialize, + ) + return self._stubs['access_secret_version'] + + @property + def disable_secret_version(self) -> Callable[ + [service.DisableSecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the disable secret version method over gRPC. + + Disables a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1.SecretVersion.state] of + the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to + [DISABLED][google.cloud.secretmanager.v1.SecretVersion.State.DISABLED]. + + Returns: + Callable[[~.DisableSecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'disable_secret_version' not in self._stubs: + self._stubs['disable_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/DisableSecretVersion', + request_serializer=service.DisableSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['disable_secret_version'] + + @property + def enable_secret_version(self) -> Callable[ + [service.EnableSecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the enable secret version method over gRPC. + + Enables a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1.SecretVersion.state] of + the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to + [ENABLED][google.cloud.secretmanager.v1.SecretVersion.State.ENABLED]. + + Returns: + Callable[[~.EnableSecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'enable_secret_version' not in self._stubs: + self._stubs['enable_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/EnableSecretVersion', + request_serializer=service.EnableSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['enable_secret_version'] + + @property + def destroy_secret_version(self) -> Callable[ + [service.DestroySecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the destroy secret version method over gRPC. + + Destroys a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1.SecretVersion.state] of + the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to + [DESTROYED][google.cloud.secretmanager.v1.SecretVersion.State.DESTROYED] + and irrevocably destroys the secret data. + + Returns: + Callable[[~.DestroySecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'destroy_secret_version' not in self._stubs: + self._stubs['destroy_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/DestroySecretVersion', + request_serializer=service.DestroySecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['destroy_secret_version'] + + @property + def set_iam_policy(self) -> Callable[ + [iam_policy_pb2.SetIamPolicyRequest], + policy_pb2.Policy]: + r"""Return a callable for the set iam policy method over gRPC. + + Sets the access control policy on the specified secret. Replaces + any existing policy. + + Permissions on + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + are enforced according to the policy set on the associated + [Secret][google.cloud.secretmanager.v1.Secret]. + + Returns: + Callable[[~.SetIamPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'set_iam_policy' not in self._stubs: + self._stubs['set_iam_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/SetIamPolicy', + request_serializer=iam_policy_pb2.SetIamPolicyRequest.SerializeToString, + response_deserializer=policy_pb2.Policy.FromString, + ) + return self._stubs['set_iam_policy'] + + @property + def get_iam_policy(self) -> Callable[ + [iam_policy_pb2.GetIamPolicyRequest], + policy_pb2.Policy]: + r"""Return a callable for the get iam policy method over gRPC. + + Gets the access control policy for a secret. + Returns empty policy if the secret exists and does not + have a policy set. + + Returns: + Callable[[~.GetIamPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_iam_policy' not in self._stubs: + self._stubs['get_iam_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/GetIamPolicy', + request_serializer=iam_policy_pb2.GetIamPolicyRequest.SerializeToString, + response_deserializer=policy_pb2.Policy.FromString, + ) + return self._stubs['get_iam_policy'] + + @property + def test_iam_permissions(self) -> Callable[ + [iam_policy_pb2.TestIamPermissionsRequest], + iam_policy_pb2.TestIamPermissionsResponse]: + r"""Return a callable for the test iam permissions method over gRPC. + + Returns permissions that a caller has for the specified secret. + If the secret does not exist, this call returns an empty set of + permissions, not a NOT_FOUND error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without + warning. + + Returns: + Callable[[~.TestIamPermissionsRequest], + ~.TestIamPermissionsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'test_iam_permissions' not in self._stubs: + self._stubs['test_iam_permissions'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/TestIamPermissions', + request_serializer=iam_policy_pb2.TestIamPermissionsRequest.SerializeToString, + response_deserializer=iam_policy_pb2.TestIamPermissionsResponse.FromString, + ) + return self._stubs['test_iam_permissions'] + + def close(self): + self.grpc_channel.close() + + @property + def list_locations( + self, + ) -> Callable[[locations_pb2.ListLocationsRequest], locations_pb2.ListLocationsResponse]: + r"""Return a callable for the list locations method over gRPC. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if "list_locations" not in self._stubs: + self._stubs["list_locations"] = self.grpc_channel.unary_unary( + "/google.cloud.location.Locations/ListLocations", + request_serializer=locations_pb2.ListLocationsRequest.SerializeToString, + response_deserializer=locations_pb2.ListLocationsResponse.FromString, + ) + return self._stubs["list_locations"] + + @property + def get_location( + self, + ) -> Callable[[locations_pb2.GetLocationRequest], locations_pb2.Location]: + r"""Return a callable for the list locations method over gRPC. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if "get_location" not in self._stubs: + self._stubs["get_location"] = self.grpc_channel.unary_unary( + "/google.cloud.location.Locations/GetLocation", + request_serializer=locations_pb2.GetLocationRequest.SerializeToString, + response_deserializer=locations_pb2.Location.FromString, + ) + return self._stubs["get_location"] + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'SecretManagerServiceGrpcTransport', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/grpc_asyncio.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/grpc_asyncio.py new file mode 100644 index 000000000000..d7ce4a72c46b --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/grpc_asyncio.py @@ -0,0 +1,731 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.location import locations_pb2 # type: ignore +from google.cloud.secretmanager_v1.types import resources +from google.cloud.secretmanager_v1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import empty_pb2 # type: ignore +from .base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO +from .grpc import SecretManagerServiceGrpcTransport + + +class SecretManagerServiceGrpcAsyncIOTransport(SecretManagerServiceTransport): + """gRPC AsyncIO backend transport for SecretManagerService. + + Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secretmanager.v1.Secret] + - [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to (default: 'secretmanager.googleapis.com'). + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def list_secrets(self) -> Callable[ + [service.ListSecretsRequest], + Awaitable[service.ListSecretsResponse]]: + r"""Return a callable for the list secrets method over gRPC. + + Lists [Secrets][google.cloud.secretmanager.v1.Secret]. + + Returns: + Callable[[~.ListSecretsRequest], + Awaitable[~.ListSecretsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_secrets' not in self._stubs: + self._stubs['list_secrets'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/ListSecrets', + request_serializer=service.ListSecretsRequest.serialize, + response_deserializer=service.ListSecretsResponse.deserialize, + ) + return self._stubs['list_secrets'] + + @property + def create_secret(self) -> Callable[ + [service.CreateSecretRequest], + Awaitable[resources.Secret]]: + r"""Return a callable for the create secret method over gRPC. + + Creates a new [Secret][google.cloud.secretmanager.v1.Secret] + containing no + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. + + Returns: + Callable[[~.CreateSecretRequest], + Awaitable[~.Secret]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_secret' not in self._stubs: + self._stubs['create_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/CreateSecret', + request_serializer=service.CreateSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['create_secret'] + + @property + def add_secret_version(self) -> Callable[ + [service.AddSecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the add secret version method over gRPC. + + Creates a new + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + containing secret data and attaches it to an existing + [Secret][google.cloud.secretmanager.v1.Secret]. + + Returns: + Callable[[~.AddSecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'add_secret_version' not in self._stubs: + self._stubs['add_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/AddSecretVersion', + request_serializer=service.AddSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['add_secret_version'] + + @property + def get_secret(self) -> Callable[ + [service.GetSecretRequest], + Awaitable[resources.Secret]]: + r"""Return a callable for the get secret method over gRPC. + + Gets metadata for a given + [Secret][google.cloud.secretmanager.v1.Secret]. + + Returns: + Callable[[~.GetSecretRequest], + Awaitable[~.Secret]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_secret' not in self._stubs: + self._stubs['get_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/GetSecret', + request_serializer=service.GetSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['get_secret'] + + @property + def update_secret(self) -> Callable[ + [service.UpdateSecretRequest], + Awaitable[resources.Secret]]: + r"""Return a callable for the update secret method over gRPC. + + Updates metadata of an existing + [Secret][google.cloud.secretmanager.v1.Secret]. + + Returns: + Callable[[~.UpdateSecretRequest], + Awaitable[~.Secret]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_secret' not in self._stubs: + self._stubs['update_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/UpdateSecret', + request_serializer=service.UpdateSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['update_secret'] + + @property + def delete_secret(self) -> Callable[ + [service.DeleteSecretRequest], + Awaitable[empty_pb2.Empty]]: + r"""Return a callable for the delete secret method over gRPC. + + Deletes a [Secret][google.cloud.secretmanager.v1.Secret]. + + Returns: + Callable[[~.DeleteSecretRequest], + Awaitable[~.Empty]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_secret' not in self._stubs: + self._stubs['delete_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/DeleteSecret', + request_serializer=service.DeleteSecretRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_secret'] + + @property + def list_secret_versions(self) -> Callable[ + [service.ListSecretVersionsRequest], + Awaitable[service.ListSecretVersionsResponse]]: + r"""Return a callable for the list secret versions method over gRPC. + + Lists + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. + This call does not return secret data. + + Returns: + Callable[[~.ListSecretVersionsRequest], + Awaitable[~.ListSecretVersionsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_secret_versions' not in self._stubs: + self._stubs['list_secret_versions'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/ListSecretVersions', + request_serializer=service.ListSecretVersionsRequest.serialize, + response_deserializer=service.ListSecretVersionsResponse.deserialize, + ) + return self._stubs['list_secret_versions'] + + @property + def get_secret_version(self) -> Callable[ + [service.GetSecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the get secret version method over gRPC. + + Gets metadata for a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Returns: + Callable[[~.GetSecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_secret_version' not in self._stubs: + self._stubs['get_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/GetSecretVersion', + request_serializer=service.GetSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['get_secret_version'] + + @property + def access_secret_version(self) -> Callable[ + [service.AccessSecretVersionRequest], + Awaitable[service.AccessSecretVersionResponse]]: + r"""Return a callable for the access secret version method over gRPC. + + Accesses a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + This call returns the secret data. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Returns: + Callable[[~.AccessSecretVersionRequest], + Awaitable[~.AccessSecretVersionResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'access_secret_version' not in self._stubs: + self._stubs['access_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/AccessSecretVersion', + request_serializer=service.AccessSecretVersionRequest.serialize, + response_deserializer=service.AccessSecretVersionResponse.deserialize, + ) + return self._stubs['access_secret_version'] + + @property + def disable_secret_version(self) -> Callable[ + [service.DisableSecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the disable secret version method over gRPC. + + Disables a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1.SecretVersion.state] of + the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to + [DISABLED][google.cloud.secretmanager.v1.SecretVersion.State.DISABLED]. + + Returns: + Callable[[~.DisableSecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'disable_secret_version' not in self._stubs: + self._stubs['disable_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/DisableSecretVersion', + request_serializer=service.DisableSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['disable_secret_version'] + + @property + def enable_secret_version(self) -> Callable[ + [service.EnableSecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the enable secret version method over gRPC. + + Enables a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1.SecretVersion.state] of + the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to + [ENABLED][google.cloud.secretmanager.v1.SecretVersion.State.ENABLED]. + + Returns: + Callable[[~.EnableSecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'enable_secret_version' not in self._stubs: + self._stubs['enable_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/EnableSecretVersion', + request_serializer=service.EnableSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['enable_secret_version'] + + @property + def destroy_secret_version(self) -> Callable[ + [service.DestroySecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the destroy secret version method over gRPC. + + Destroys a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1.SecretVersion.state] of + the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to + [DESTROYED][google.cloud.secretmanager.v1.SecretVersion.State.DESTROYED] + and irrevocably destroys the secret data. + + Returns: + Callable[[~.DestroySecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'destroy_secret_version' not in self._stubs: + self._stubs['destroy_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/DestroySecretVersion', + request_serializer=service.DestroySecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['destroy_secret_version'] + + @property + def set_iam_policy(self) -> Callable[ + [iam_policy_pb2.SetIamPolicyRequest], + Awaitable[policy_pb2.Policy]]: + r"""Return a callable for the set iam policy method over gRPC. + + Sets the access control policy on the specified secret. Replaces + any existing policy. + + Permissions on + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + are enforced according to the policy set on the associated + [Secret][google.cloud.secretmanager.v1.Secret]. + + Returns: + Callable[[~.SetIamPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'set_iam_policy' not in self._stubs: + self._stubs['set_iam_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/SetIamPolicy', + request_serializer=iam_policy_pb2.SetIamPolicyRequest.SerializeToString, + response_deserializer=policy_pb2.Policy.FromString, + ) + return self._stubs['set_iam_policy'] + + @property + def get_iam_policy(self) -> Callable[ + [iam_policy_pb2.GetIamPolicyRequest], + Awaitable[policy_pb2.Policy]]: + r"""Return a callable for the get iam policy method over gRPC. + + Gets the access control policy for a secret. + Returns empty policy if the secret exists and does not + have a policy set. + + Returns: + Callable[[~.GetIamPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_iam_policy' not in self._stubs: + self._stubs['get_iam_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/GetIamPolicy', + request_serializer=iam_policy_pb2.GetIamPolicyRequest.SerializeToString, + response_deserializer=policy_pb2.Policy.FromString, + ) + return self._stubs['get_iam_policy'] + + @property + def test_iam_permissions(self) -> Callable[ + [iam_policy_pb2.TestIamPermissionsRequest], + Awaitable[iam_policy_pb2.TestIamPermissionsResponse]]: + r"""Return a callable for the test iam permissions method over gRPC. + + Returns permissions that a caller has for the specified secret. + If the secret does not exist, this call returns an empty set of + permissions, not a NOT_FOUND error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without + warning. + + Returns: + Callable[[~.TestIamPermissionsRequest], + Awaitable[~.TestIamPermissionsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'test_iam_permissions' not in self._stubs: + self._stubs['test_iam_permissions'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1.SecretManagerService/TestIamPermissions', + request_serializer=iam_policy_pb2.TestIamPermissionsRequest.SerializeToString, + response_deserializer=iam_policy_pb2.TestIamPermissionsResponse.FromString, + ) + return self._stubs['test_iam_permissions'] + + def close(self): + return self.grpc_channel.close() + + @property + def list_locations( + self, + ) -> Callable[[locations_pb2.ListLocationsRequest], locations_pb2.ListLocationsResponse]: + r"""Return a callable for the list locations method over gRPC. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if "list_locations" not in self._stubs: + self._stubs["list_locations"] = self.grpc_channel.unary_unary( + "/google.cloud.location.Locations/ListLocations", + request_serializer=locations_pb2.ListLocationsRequest.SerializeToString, + response_deserializer=locations_pb2.ListLocationsResponse.FromString, + ) + return self._stubs["list_locations"] + + @property + def get_location( + self, + ) -> Callable[[locations_pb2.GetLocationRequest], locations_pb2.Location]: + r"""Return a callable for the list locations method over gRPC. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if "get_location" not in self._stubs: + self._stubs["get_location"] = self.grpc_channel.unary_unary( + "/google.cloud.location.Locations/GetLocation", + request_serializer=locations_pb2.GetLocationRequest.SerializeToString, + response_deserializer=locations_pb2.Location.FromString, + ) + return self._stubs["get_location"] + + +__all__ = ( + 'SecretManagerServiceGrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/rest.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/rest.py new file mode 100644 index 000000000000..bc9ed057075e --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/services/secret_manager_service/transports/rest.py @@ -0,0 +1,2302 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +from google.auth.transport.requests import AuthorizedSession # type: ignore +import json # type: ignore +import grpc # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.api_core import exceptions as core_exceptions +from google.api_core import retry as retries +from google.api_core import rest_helpers +from google.api_core import rest_streaming +from google.api_core import path_template +from google.api_core import gapic_v1 + +from google.protobuf import json_format +from google.cloud.location import locations_pb2 # type: ignore +from requests import __version__ as requests_version +import dataclasses +import re +from typing import Any, Callable, Dict, List, Optional, Sequence, Tuple, Union +import warnings + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault, None] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object, None] # type: ignore + + +from google.cloud.secretmanager_v1.types import resources +from google.cloud.secretmanager_v1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import empty_pb2 # type: ignore + +from .base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO as BASE_DEFAULT_CLIENT_INFO + + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=BASE_DEFAULT_CLIENT_INFO.gapic_version, + grpc_version=None, + rest_version=requests_version, +) + + +class SecretManagerServiceRestInterceptor: + """Interceptor for SecretManagerService. + + Interceptors are used to manipulate requests, request metadata, and responses + in arbitrary ways. + Example use cases include: + * Logging + * Verifying requests according to service or custom semantics + * Stripping extraneous information from responses + + These use cases and more can be enabled by injecting an + instance of a custom subclass when constructing the SecretManagerServiceRestTransport. + + .. code-block:: python + class MyCustomSecretManagerServiceInterceptor(SecretManagerServiceRestInterceptor): + def pre_access_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_access_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_add_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_add_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_create_secret(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_create_secret(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_delete_secret(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def pre_destroy_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_destroy_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_disable_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_disable_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_enable_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_enable_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_get_iam_policy(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_get_iam_policy(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_get_secret(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_get_secret(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_get_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_get_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_list_secrets(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_list_secrets(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_list_secret_versions(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_list_secret_versions(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_set_iam_policy(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_set_iam_policy(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_test_iam_permissions(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_test_iam_permissions(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_update_secret(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_update_secret(self, response): + logging.log(f"Received response: {response}") + return response + + transport = SecretManagerServiceRestTransport(interceptor=MyCustomSecretManagerServiceInterceptor()) + client = SecretManagerServiceClient(transport=transport) + + + """ + def pre_access_secret_version(self, request: service.AccessSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.AccessSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for access_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_access_secret_version(self, response: service.AccessSecretVersionResponse) -> service.AccessSecretVersionResponse: + """Post-rpc interceptor for access_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_add_secret_version(self, request: service.AddSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.AddSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for add_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_add_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for add_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_create_secret(self, request: service.CreateSecretRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.CreateSecretRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for create_secret + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_create_secret(self, response: resources.Secret) -> resources.Secret: + """Post-rpc interceptor for create_secret + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_delete_secret(self, request: service.DeleteSecretRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.DeleteSecretRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for delete_secret + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def pre_destroy_secret_version(self, request: service.DestroySecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.DestroySecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for destroy_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_destroy_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for destroy_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_disable_secret_version(self, request: service.DisableSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.DisableSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for disable_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_disable_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for disable_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_enable_secret_version(self, request: service.EnableSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.EnableSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for enable_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_enable_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for enable_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_get_iam_policy(self, request: iam_policy_pb2.GetIamPolicyRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[iam_policy_pb2.GetIamPolicyRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for get_iam_policy + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_get_iam_policy(self, response: policy_pb2.Policy) -> policy_pb2.Policy: + """Post-rpc interceptor for get_iam_policy + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_get_secret(self, request: service.GetSecretRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.GetSecretRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for get_secret + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_get_secret(self, response: resources.Secret) -> resources.Secret: + """Post-rpc interceptor for get_secret + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_get_secret_version(self, request: service.GetSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.GetSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for get_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_get_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for get_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_list_secrets(self, request: service.ListSecretsRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.ListSecretsRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for list_secrets + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_list_secrets(self, response: service.ListSecretsResponse) -> service.ListSecretsResponse: + """Post-rpc interceptor for list_secrets + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_list_secret_versions(self, request: service.ListSecretVersionsRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.ListSecretVersionsRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for list_secret_versions + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_list_secret_versions(self, response: service.ListSecretVersionsResponse) -> service.ListSecretVersionsResponse: + """Post-rpc interceptor for list_secret_versions + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_set_iam_policy(self, request: iam_policy_pb2.SetIamPolicyRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[iam_policy_pb2.SetIamPolicyRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for set_iam_policy + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_set_iam_policy(self, response: policy_pb2.Policy) -> policy_pb2.Policy: + """Post-rpc interceptor for set_iam_policy + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_test_iam_permissions(self, request: iam_policy_pb2.TestIamPermissionsRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[iam_policy_pb2.TestIamPermissionsRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for test_iam_permissions + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_test_iam_permissions(self, response: iam_policy_pb2.TestIamPermissionsResponse) -> iam_policy_pb2.TestIamPermissionsResponse: + """Post-rpc interceptor for test_iam_permissions + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_update_secret(self, request: service.UpdateSecretRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.UpdateSecretRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for update_secret + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_update_secret(self, response: resources.Secret) -> resources.Secret: + """Post-rpc interceptor for update_secret + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + + def pre_get_location( + self, request: locations_pb2.GetLocationRequest, metadata: Sequence[Tuple[str, str]] + ) -> Tuple[locations_pb2.GetLocationRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for get_location + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_get_location( + self, response: locations_pb2.Location + ) -> locations_pb2.Location: + """Post-rpc interceptor for get_location + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_list_locations( + self, request: locations_pb2.ListLocationsRequest, metadata: Sequence[Tuple[str, str]] + ) -> Tuple[locations_pb2.ListLocationsRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for list_locations + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_list_locations( + self, response: locations_pb2.ListLocationsResponse + ) -> locations_pb2.ListLocationsResponse: + """Post-rpc interceptor for list_locations + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + + +@dataclasses.dataclass +class SecretManagerServiceRestStub: + _session: AuthorizedSession + _host: str + _interceptor: SecretManagerServiceRestInterceptor + + +class SecretManagerServiceRestTransport(SecretManagerServiceTransport): + """REST backend transport for SecretManagerService. + + Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secretmanager.v1.Secret] + - [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends JSON representations of protocol buffers over HTTP/1.1 + + """ + + def __init__(self, *, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + client_cert_source_for_mtls: Optional[Callable[[ + ], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + url_scheme: str = 'https', + interceptor: Optional[SecretManagerServiceRestInterceptor] = None, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to (default: 'secretmanager.googleapis.com'). + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + client_cert_source_for_mtls (Callable[[], Tuple[bytes, bytes]]): Client + certificate to configure mutual TLS HTTP channel. It is ignored + if ``channel`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you are developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + url_scheme: the protocol scheme for the API endpoint. Normally + "https", but for testing or local servers, + "http" can be specified. + """ + # Run the base constructor + # TODO(yon-mg): resolve other ctor params i.e. scopes, quota, etc. + # TODO: When custom host (api_endpoint) is set, `scopes` must *also* be set on the + # credentials object + maybe_url_match = re.match("^(?Phttp(?:s)?://)?(?P.*)$", host) + if maybe_url_match is None: + raise ValueError(f"Unexpected hostname structure: {host}") # pragma: NO COVER + + url_match_items = maybe_url_match.groupdict() + + host = f"{url_scheme}://{host}" if not url_match_items["scheme"] else host + + super().__init__( + host=host, + credentials=credentials, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience + ) + self._session = AuthorizedSession( + self._credentials, default_host=self.DEFAULT_HOST) + if client_cert_source_for_mtls: + self._session.configure_mtls_channel(client_cert_source_for_mtls) + self._interceptor = interceptor or SecretManagerServiceRestInterceptor() + self._prep_wrapped_messages(client_info) + + class _AccessSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("AccessSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.AccessSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> service.AccessSecretVersionResponse: + r"""Call the access secret version method over HTTP. + + Args: + request (~.service.AccessSecretVersionRequest): + The request object. Request message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.service.AccessSecretVersionResponse: + Response message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion]. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1/{name=projects/*/secrets/*/versions/*}:access', + }, +{ + 'method': 'get', + 'uri': '/v1/{name=projects/*/locations/*/secrets/*/versions/*}:access', + }, + ] + request, metadata = self._interceptor.pre_access_secret_version(request, metadata) + pb_request = service.AccessSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = service.AccessSecretVersionResponse() + pb_resp = service.AccessSecretVersionResponse.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_access_secret_version(resp) + return resp + + class _AddSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("AddSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.AddSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the add secret version method over HTTP. + + Args: + request (~.service.AddSecretVersionRequest): + The request object. Request message for + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1/{parent=projects/*/secrets/*}:addVersion', + 'body': '*', + }, +{ + 'method': 'post', + 'uri': '/v1/{parent=projects/*/locations/*/secrets/*}:addVersion', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_add_secret_version(request, metadata) + pb_request = service.AddSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_add_secret_version(resp) + return resp + + class _CreateSecret(SecretManagerServiceRestStub): + def __hash__(self): + return hash("CreateSecret") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + "secretId" : "", } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.CreateSecretRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.Secret: + r"""Call the create secret method over HTTP. + + Args: + request (~.service.CreateSecretRequest): + The request object. Request message for + [SecretManagerService.CreateSecret][google.cloud.secretmanager.v1.SecretManagerService.CreateSecret]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.Secret: + A [Secret][google.cloud.secretmanager.v1.Secret] is a + logical secret whose value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1.Secret] is made + up of zero or more + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + that represent the secret data. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1/{parent=projects/*}/secrets', + 'body': 'secret', + }, +{ + 'method': 'post', + 'uri': '/v1/{parent=projects/*/locations/*}/secrets', + 'body': 'secret', + }, + ] + request, metadata = self._interceptor.pre_create_secret(request, metadata) + pb_request = service.CreateSecretRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.Secret() + pb_resp = resources.Secret.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_create_secret(resp) + return resp + + class _DeleteSecret(SecretManagerServiceRestStub): + def __hash__(self): + return hash("DeleteSecret") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.DeleteSecretRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ): + r"""Call the delete secret method over HTTP. + + Args: + request (~.service.DeleteSecretRequest): + The request object. Request message for + [SecretManagerService.DeleteSecret][google.cloud.secretmanager.v1.SecretManagerService.DeleteSecret]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'delete', + 'uri': '/v1/{name=projects/*/secrets/*}', + }, +{ + 'method': 'delete', + 'uri': '/v1/{name=projects/*/locations/*/secrets/*}', + }, + ] + request, metadata = self._interceptor.pre_delete_secret(request, metadata) + pb_request = service.DeleteSecretRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + class _DestroySecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("DestroySecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.DestroySecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the destroy secret version method over HTTP. + + Args: + request (~.service.DestroySecretVersionRequest): + The request object. Request message for + [SecretManagerService.DestroySecretVersion][google.cloud.secretmanager.v1.SecretManagerService.DestroySecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1/{name=projects/*/secrets/*/versions/*}:destroy', + 'body': '*', + }, +{ + 'method': 'post', + 'uri': '/v1/{name=projects/*/locations/*/secrets/*/versions/*}:destroy', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_destroy_secret_version(request, metadata) + pb_request = service.DestroySecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_destroy_secret_version(resp) + return resp + + class _DisableSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("DisableSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.DisableSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the disable secret version method over HTTP. + + Args: + request (~.service.DisableSecretVersionRequest): + The request object. Request message for + [SecretManagerService.DisableSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.DisableSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1/{name=projects/*/secrets/*/versions/*}:disable', + 'body': '*', + }, +{ + 'method': 'post', + 'uri': '/v1/{name=projects/*/locations/*/secrets/*/versions/*}:disable', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_disable_secret_version(request, metadata) + pb_request = service.DisableSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_disable_secret_version(resp) + return resp + + class _EnableSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("EnableSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.EnableSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the enable secret version method over HTTP. + + Args: + request (~.service.EnableSecretVersionRequest): + The request object. Request message for + [SecretManagerService.EnableSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.EnableSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1/{name=projects/*/secrets/*/versions/*}:enable', + 'body': '*', + }, +{ + 'method': 'post', + 'uri': '/v1/{name=projects/*/locations/*/secrets/*/versions/*}:enable', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_enable_secret_version(request, metadata) + pb_request = service.EnableSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_enable_secret_version(resp) + return resp + + class _GetIamPolicy(SecretManagerServiceRestStub): + def __hash__(self): + return hash("GetIamPolicy") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: iam_policy_pb2.GetIamPolicyRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> policy_pb2.Policy: + r"""Call the get iam policy method over HTTP. + + Args: + request (~.iam_policy_pb2.GetIamPolicyRequest): + The request object. Request message for ``GetIamPolicy`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which + specifies access controls for Google Cloud resources. + + A ``Policy`` is a collection of ``bindings``. A + ``binding`` binds one or more ``members``, or + principals, to a single ``role``. Principals can be user + accounts, service accounts, Google groups, and domains + (such as G Suite). A ``role`` is a named list of + permissions; each ``role`` can be an IAM predefined role + or a user-created custom role. + + For some types of Google Cloud resources, a ``binding`` + can also specify a ``condition``, which is a logical + expression that allows access to a resource only if the + expression evaluates to ``true``. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the `IAM + documentation `__. + + **JSON example:** + + :: + + { + "bindings": [ + { + "role": "roles/resourcemanager.organizationAdmin", + "members": [ + "user:mike@example.com", + "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" + ] + }, + { + "role": "roles/resourcemanager.organizationViewer", + "members": [ + "user:eve@example.com" + ], + "condition": { + "title": "expirable access", + "description": "Does not grant access after Sep 2020", + "expression": "request.time < + timestamp('2020-10-01T00:00:00.000Z')", + } + } + ], + "etag": "BwWWja0YfJA=", + "version": 3 + } + + **YAML example:** + + :: + + bindings: + - members: + - user:mike@example.com + - group:admins@example.com + - domain:google.com + - serviceAccount:my-project-id@appspot.gserviceaccount.com + role: roles/resourcemanager.organizationAdmin + - members: + - user:eve@example.com + role: roles/resourcemanager.organizationViewer + condition: + title: expirable access + description: Does not grant access after Sep 2020 + expression: request.time < timestamp('2020-10-01T00:00:00.000Z') + etag: BwWWja0YfJA= + version: 3 + + For a description of IAM and its features, see the `IAM + documentation `__. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1/{resource=projects/*/secrets/*}:getIamPolicy', + }, +{ + 'method': 'get', + 'uri': '/v1/{resource=projects/*/locations/*/secrets/*}:getIamPolicy', + }, + ] + request, metadata = self._interceptor.pre_get_iam_policy(request, metadata) + pb_request = request + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = policy_pb2.Policy() + pb_resp = resp + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_get_iam_policy(resp) + return resp + + class _GetSecret(SecretManagerServiceRestStub): + def __hash__(self): + return hash("GetSecret") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.GetSecretRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.Secret: + r"""Call the get secret method over HTTP. + + Args: + request (~.service.GetSecretRequest): + The request object. Request message for + [SecretManagerService.GetSecret][google.cloud.secretmanager.v1.SecretManagerService.GetSecret]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.Secret: + A [Secret][google.cloud.secretmanager.v1.Secret] is a + logical secret whose value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1.Secret] is made + up of zero or more + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + that represent the secret data. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1/{name=projects/*/secrets/*}', + }, +{ + 'method': 'get', + 'uri': '/v1/{name=projects/*/locations/*/secrets/*}', + }, + ] + request, metadata = self._interceptor.pre_get_secret(request, metadata) + pb_request = service.GetSecretRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.Secret() + pb_resp = resources.Secret.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_get_secret(resp) + return resp + + class _GetSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("GetSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.GetSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the get secret version method over HTTP. + + Args: + request (~.service.GetSecretVersionRequest): + The request object. Request message for + [SecretManagerService.GetSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.GetSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1/{name=projects/*/secrets/*/versions/*}', + }, +{ + 'method': 'get', + 'uri': '/v1/{name=projects/*/locations/*/secrets/*/versions/*}', + }, + ] + request, metadata = self._interceptor.pre_get_secret_version(request, metadata) + pb_request = service.GetSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_get_secret_version(resp) + return resp + + class _ListSecrets(SecretManagerServiceRestStub): + def __hash__(self): + return hash("ListSecrets") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.ListSecretsRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> service.ListSecretsResponse: + r"""Call the list secrets method over HTTP. + + Args: + request (~.service.ListSecretsRequest): + The request object. Request message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1.SecretManagerService.ListSecrets]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.service.ListSecretsResponse: + Response message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1.SecretManagerService.ListSecrets]. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1/{parent=projects/*}/secrets', + }, +{ + 'method': 'get', + 'uri': '/v1/{parent=projects/*/locations/*}/secrets', + }, + ] + request, metadata = self._interceptor.pre_list_secrets(request, metadata) + pb_request = service.ListSecretsRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = service.ListSecretsResponse() + pb_resp = service.ListSecretsResponse.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_list_secrets(resp) + return resp + + class _ListSecretVersions(SecretManagerServiceRestStub): + def __hash__(self): + return hash("ListSecretVersions") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.ListSecretVersionsRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> service.ListSecretVersionsResponse: + r"""Call the list secret versions method over HTTP. + + Args: + request (~.service.ListSecretVersionsRequest): + The request object. Request message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1.SecretManagerService.ListSecretVersions]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.service.ListSecretVersionsResponse: + Response message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1.SecretManagerService.ListSecretVersions]. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1/{parent=projects/*/secrets/*}/versions', + }, +{ + 'method': 'get', + 'uri': '/v1/{parent=projects/*/locations/*/secrets/*}/versions', + }, + ] + request, metadata = self._interceptor.pre_list_secret_versions(request, metadata) + pb_request = service.ListSecretVersionsRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = service.ListSecretVersionsResponse() + pb_resp = service.ListSecretVersionsResponse.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_list_secret_versions(resp) + return resp + + class _SetIamPolicy(SecretManagerServiceRestStub): + def __hash__(self): + return hash("SetIamPolicy") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: iam_policy_pb2.SetIamPolicyRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> policy_pb2.Policy: + r"""Call the set iam policy method over HTTP. + + Args: + request (~.iam_policy_pb2.SetIamPolicyRequest): + The request object. Request message for ``SetIamPolicy`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which + specifies access controls for Google Cloud resources. + + A ``Policy`` is a collection of ``bindings``. A + ``binding`` binds one or more ``members``, or + principals, to a single ``role``. Principals can be user + accounts, service accounts, Google groups, and domains + (such as G Suite). A ``role`` is a named list of + permissions; each ``role`` can be an IAM predefined role + or a user-created custom role. + + For some types of Google Cloud resources, a ``binding`` + can also specify a ``condition``, which is a logical + expression that allows access to a resource only if the + expression evaluates to ``true``. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the `IAM + documentation `__. + + **JSON example:** + + :: + + { + "bindings": [ + { + "role": "roles/resourcemanager.organizationAdmin", + "members": [ + "user:mike@example.com", + "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" + ] + }, + { + "role": "roles/resourcemanager.organizationViewer", + "members": [ + "user:eve@example.com" + ], + "condition": { + "title": "expirable access", + "description": "Does not grant access after Sep 2020", + "expression": "request.time < + timestamp('2020-10-01T00:00:00.000Z')", + } + } + ], + "etag": "BwWWja0YfJA=", + "version": 3 + } + + **YAML example:** + + :: + + bindings: + - members: + - user:mike@example.com + - group:admins@example.com + - domain:google.com + - serviceAccount:my-project-id@appspot.gserviceaccount.com + role: roles/resourcemanager.organizationAdmin + - members: + - user:eve@example.com + role: roles/resourcemanager.organizationViewer + condition: + title: expirable access + description: Does not grant access after Sep 2020 + expression: request.time < timestamp('2020-10-01T00:00:00.000Z') + etag: BwWWja0YfJA= + version: 3 + + For a description of IAM and its features, see the `IAM + documentation `__. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1/{resource=projects/*/secrets/*}:setIamPolicy', + 'body': '*', + }, +{ + 'method': 'post', + 'uri': '/v1/{resource=projects/*/locations/*/secrets/*}:setIamPolicy', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_set_iam_policy(request, metadata) + pb_request = request + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = policy_pb2.Policy() + pb_resp = resp + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_set_iam_policy(resp) + return resp + + class _TestIamPermissions(SecretManagerServiceRestStub): + def __hash__(self): + return hash("TestIamPermissions") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: iam_policy_pb2.TestIamPermissionsRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> iam_policy_pb2.TestIamPermissionsResponse: + r"""Call the test iam permissions method over HTTP. + + Args: + request (~.iam_policy_pb2.TestIamPermissionsRequest): + The request object. Request message for ``TestIamPermissions`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.iam_policy_pb2.TestIamPermissionsResponse: + Response message for ``TestIamPermissions`` method. + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1/{resource=projects/*/secrets/*}:testIamPermissions', + 'body': '*', + }, +{ + 'method': 'post', + 'uri': '/v1/{resource=projects/*/locations/*/secrets/*}:testIamPermissions', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_test_iam_permissions(request, metadata) + pb_request = request + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = iam_policy_pb2.TestIamPermissionsResponse() + pb_resp = resp + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_test_iam_permissions(resp) + return resp + + class _UpdateSecret(SecretManagerServiceRestStub): + def __hash__(self): + return hash("UpdateSecret") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + "updateMask" : {}, } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.UpdateSecretRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.Secret: + r"""Call the update secret method over HTTP. + + Args: + request (~.service.UpdateSecretRequest): + The request object. Request message for + [SecretManagerService.UpdateSecret][google.cloud.secretmanager.v1.SecretManagerService.UpdateSecret]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.Secret: + A [Secret][google.cloud.secretmanager.v1.Secret] is a + logical secret whose value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1.Secret] is made + up of zero or more + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + that represent the secret data. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'patch', + 'uri': '/v1/{secret.name=projects/*/secrets/*}', + 'body': 'secret', + }, +{ + 'method': 'patch', + 'uri': '/v1/{secret.name=projects/*/locations/*/secrets/*}', + 'body': 'secret', + }, + ] + request, metadata = self._interceptor.pre_update_secret(request, metadata) + pb_request = service.UpdateSecretRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.Secret() + pb_resp = resources.Secret.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_update_secret(resp) + return resp + + @property + def access_secret_version(self) -> Callable[ + [service.AccessSecretVersionRequest], + service.AccessSecretVersionResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._AccessSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def add_secret_version(self) -> Callable[ + [service.AddSecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._AddSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def create_secret(self) -> Callable[ + [service.CreateSecretRequest], + resources.Secret]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._CreateSecret(self._session, self._host, self._interceptor) # type: ignore + + @property + def delete_secret(self) -> Callable[ + [service.DeleteSecretRequest], + empty_pb2.Empty]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._DeleteSecret(self._session, self._host, self._interceptor) # type: ignore + + @property + def destroy_secret_version(self) -> Callable[ + [service.DestroySecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._DestroySecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def disable_secret_version(self) -> Callable[ + [service.DisableSecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._DisableSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def enable_secret_version(self) -> Callable[ + [service.EnableSecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._EnableSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def get_iam_policy(self) -> Callable[ + [iam_policy_pb2.GetIamPolicyRequest], + policy_pb2.Policy]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._GetIamPolicy(self._session, self._host, self._interceptor) # type: ignore + + @property + def get_secret(self) -> Callable[ + [service.GetSecretRequest], + resources.Secret]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._GetSecret(self._session, self._host, self._interceptor) # type: ignore + + @property + def get_secret_version(self) -> Callable[ + [service.GetSecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._GetSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def list_secrets(self) -> Callable[ + [service.ListSecretsRequest], + service.ListSecretsResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._ListSecrets(self._session, self._host, self._interceptor) # type: ignore + + @property + def list_secret_versions(self) -> Callable[ + [service.ListSecretVersionsRequest], + service.ListSecretVersionsResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._ListSecretVersions(self._session, self._host, self._interceptor) # type: ignore + + @property + def set_iam_policy(self) -> Callable[ + [iam_policy_pb2.SetIamPolicyRequest], + policy_pb2.Policy]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._SetIamPolicy(self._session, self._host, self._interceptor) # type: ignore + + @property + def test_iam_permissions(self) -> Callable[ + [iam_policy_pb2.TestIamPermissionsRequest], + iam_policy_pb2.TestIamPermissionsResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._TestIamPermissions(self._session, self._host, self._interceptor) # type: ignore + + @property + def update_secret(self) -> Callable[ + [service.UpdateSecretRequest], + resources.Secret]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._UpdateSecret(self._session, self._host, self._interceptor) # type: ignore + + @property + def get_location(self): + return self._GetLocation(self._session, self._host, self._interceptor) # type: ignore + + class _GetLocation(SecretManagerServiceRestStub): + def __call__(self, + request: locations_pb2.GetLocationRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> locations_pb2.Location: + + r"""Call the get location method over HTTP. + + Args: + request (locations_pb2.GetLocationRequest): + The request object for GetLocation method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + locations_pb2.Location: Response from GetLocation method. + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1/{name=projects/*/locations/*}', + }, + ] + + request, metadata = self._interceptor.pre_get_location(request, metadata) + request_kwargs = json_format.MessageToDict(request) + transcoded_request = path_template.transcode( + http_options, **request_kwargs) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json.dumps(transcoded_request['query_params'])) + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + resp = locations_pb2.Location() + resp = json_format.Parse(response.content.decode("utf-8"), resp) + resp = self._interceptor.post_get_location(resp) + return resp + + @property + def list_locations(self): + return self._ListLocations(self._session, self._host, self._interceptor) # type: ignore + + class _ListLocations(SecretManagerServiceRestStub): + def __call__(self, + request: locations_pb2.ListLocationsRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> locations_pb2.ListLocationsResponse: + + r"""Call the list locations method over HTTP. + + Args: + request (locations_pb2.ListLocationsRequest): + The request object for ListLocations method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + locations_pb2.ListLocationsResponse: Response from ListLocations method. + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1/{name=projects/*}/locations', + }, + ] + + request, metadata = self._interceptor.pre_list_locations(request, metadata) + request_kwargs = json_format.MessageToDict(request) + transcoded_request = path_template.transcode( + http_options, **request_kwargs) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json.dumps(transcoded_request['query_params'])) + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + resp = locations_pb2.ListLocationsResponse() + resp = json_format.Parse(response.content.decode("utf-8"), resp) + resp = self._interceptor.post_list_locations(resp) + return resp + + @property + def kind(self) -> str: + return "rest" + + def close(self): + self._session.close() + + +__all__=( + 'SecretManagerServiceRestTransport', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/types/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/types/__init__.py new file mode 100644 index 000000000000..9f27a30d3afc --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/types/__init__.py @@ -0,0 +1,70 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .resources import ( + CustomerManagedEncryption, + CustomerManagedEncryptionStatus, + Replication, + ReplicationStatus, + Rotation, + Secret, + SecretPayload, + SecretVersion, + Topic, +) +from .service import ( + AccessSecretVersionRequest, + AccessSecretVersionResponse, + AddSecretVersionRequest, + CreateSecretRequest, + DeleteSecretRequest, + DestroySecretVersionRequest, + DisableSecretVersionRequest, + EnableSecretVersionRequest, + GetSecretRequest, + GetSecretVersionRequest, + ListSecretsRequest, + ListSecretsResponse, + ListSecretVersionsRequest, + ListSecretVersionsResponse, + UpdateSecretRequest, +) + +__all__ = ( + 'CustomerManagedEncryption', + 'CustomerManagedEncryptionStatus', + 'Replication', + 'ReplicationStatus', + 'Rotation', + 'Secret', + 'SecretPayload', + 'SecretVersion', + 'Topic', + 'AccessSecretVersionRequest', + 'AccessSecretVersionResponse', + 'AddSecretVersionRequest', + 'CreateSecretRequest', + 'DeleteSecretRequest', + 'DestroySecretVersionRequest', + 'DisableSecretVersionRequest', + 'EnableSecretVersionRequest', + 'GetSecretRequest', + 'GetSecretVersionRequest', + 'ListSecretsRequest', + 'ListSecretsResponse', + 'ListSecretVersionsRequest', + 'ListSecretVersionsResponse', + 'UpdateSecretRequest', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/types/resources.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/types/resources.py new file mode 100644 index 000000000000..35a28fa26f64 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/types/resources.py @@ -0,0 +1,751 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from __future__ import annotations + +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.protobuf import duration_pb2 # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.secretmanager.v1', + manifest={ + 'Secret', + 'SecretVersion', + 'Replication', + 'CustomerManagedEncryption', + 'ReplicationStatus', + 'CustomerManagedEncryptionStatus', + 'Topic', + 'Rotation', + 'SecretPayload', + }, +) + + +class Secret(proto.Message): + r"""A [Secret][google.cloud.secretmanager.v1.Secret] is a logical secret + whose value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1.Secret] is made up of zero + or more + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] that + represent the secret data. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + name (str): + Output only. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret] in the format + ``projects/*/secrets/*``. + replication (google.cloud.secretmanager_v1.types.Replication): + Optional. Immutable. The replication policy of the secret + data attached to the + [Secret][google.cloud.secretmanager.v1.Secret]. + + The replication policy cannot be changed after the Secret + has been created. + create_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. The time at which the + [Secret][google.cloud.secretmanager.v1.Secret] was created. + labels (MutableMapping[str, str]): + The labels assigned to this Secret. + + Label keys must be between 1 and 63 characters long, have a + UTF-8 encoding of maximum 128 bytes, and must conform to the + following PCRE regular expression: + ``[\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}`` + + Label values must be between 0 and 63 characters long, have + a UTF-8 encoding of maximum 128 bytes, and must conform to + the following PCRE regular expression: + ``[\p{Ll}\p{Lo}\p{N}_-]{0,63}`` + + No more than 64 labels can be assigned to a given resource. + topics (MutableSequence[google.cloud.secretmanager_v1.types.Topic]): + Optional. A list of up to 10 Pub/Sub topics + to which messages are published when control + plane operations are called on the secret or its + versions. + expire_time (google.protobuf.timestamp_pb2.Timestamp): + Optional. Timestamp in UTC when the + [Secret][google.cloud.secretmanager.v1.Secret] is scheduled + to expire. This is always provided on output, regardless of + what was sent on input. + + This field is a member of `oneof`_ ``expiration``. + ttl (google.protobuf.duration_pb2.Duration): + Input only. The TTL for the + [Secret][google.cloud.secretmanager.v1.Secret]. + + This field is a member of `oneof`_ ``expiration``. + etag (str): + Optional. Etag of the currently stored + [Secret][google.cloud.secretmanager.v1.Secret]. + rotation (google.cloud.secretmanager_v1.types.Rotation): + Optional. Rotation policy attached to the + [Secret][google.cloud.secretmanager.v1.Secret]. May be + excluded if there is no rotation policy. + version_aliases (MutableMapping[str, int]): + Optional. Mapping from version alias to version name. + + A version alias is a string with a maximum length of 63 + characters and can contain uppercase and lowercase letters, + numerals, and the hyphen (``-``) and underscore ('_') + characters. An alias string must start with a letter and + cannot be the string 'latest' or 'NEW'. No more than 50 + aliases can be assigned to a given secret. + + Version-Alias pairs will be viewable via GetSecret and + modifiable via UpdateSecret. Access by alias is only be + supported on GetSecretVersion and AccessSecretVersion. + annotations (MutableMapping[str, str]): + Optional. Custom metadata about the secret. + + Annotations are distinct from various forms of labels. + Annotations exist to allow client tools to store their own + state information without requiring a database. + + Annotation keys must be between 1 and 63 characters long, + have a UTF-8 encoding of maximum 128 bytes, begin and end + with an alphanumeric character ([a-z0-9A-Z]), and may have + dashes (-), underscores (_), dots (.), and alphanumerics in + between these symbols. + + The total size of annotation keys and values must be less + than 16KiB. + version_destroy_ttl (google.protobuf.duration_pb2.Duration): + Optional. Secret Version TTL after + destruction request + This is a part of the Delayed secret version + destroy feature. For secret with TTL>0, version + destruction doesn't happen immediately on + calling destroy instead the version goes to a + disabled state and destruction happens after the + TTL expires. + customer_managed_encryption (google.cloud.secretmanager_v1.types.CustomerManagedEncryption): + Optional. The customer-managed encryption configuration of + the Regionalised Secrets. If no configuration is provided, + Google-managed default encryption is used. + + Updates to the + [Secret][google.cloud.secretmanager.v1.Secret] encryption + configuration only apply to + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + added afterwards. They do not apply retroactively to + existing + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + replication: 'Replication' = proto.Field( + proto.MESSAGE, + number=2, + message='Replication', + ) + create_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=3, + message=timestamp_pb2.Timestamp, + ) + labels: MutableMapping[str, str] = proto.MapField( + proto.STRING, + proto.STRING, + number=4, + ) + topics: MutableSequence['Topic'] = proto.RepeatedField( + proto.MESSAGE, + number=5, + message='Topic', + ) + expire_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=6, + oneof='expiration', + message=timestamp_pb2.Timestamp, + ) + ttl: duration_pb2.Duration = proto.Field( + proto.MESSAGE, + number=7, + oneof='expiration', + message=duration_pb2.Duration, + ) + etag: str = proto.Field( + proto.STRING, + number=8, + ) + rotation: 'Rotation' = proto.Field( + proto.MESSAGE, + number=9, + message='Rotation', + ) + version_aliases: MutableMapping[str, int] = proto.MapField( + proto.STRING, + proto.INT64, + number=11, + ) + annotations: MutableMapping[str, str] = proto.MapField( + proto.STRING, + proto.STRING, + number=13, + ) + version_destroy_ttl: duration_pb2.Duration = proto.Field( + proto.MESSAGE, + number=14, + message=duration_pb2.Duration, + ) + customer_managed_encryption: 'CustomerManagedEncryption' = proto.Field( + proto.MESSAGE, + number=15, + message='CustomerManagedEncryption', + ) + + +class SecretVersion(proto.Message): + r"""A secret version resource in the Secret Manager API. + + Attributes: + name (str): + Output only. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*``. + + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + IDs in a [Secret][google.cloud.secretmanager.v1.Secret] + start at 1 and are incremented for each subsequent version + of the secret. + create_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. The time at which the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + was created. + destroy_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. The time this + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + was destroyed. Only present if + [state][google.cloud.secretmanager.v1.SecretVersion.state] + is + [DESTROYED][google.cloud.secretmanager.v1.SecretVersion.State.DESTROYED]. + state (google.cloud.secretmanager_v1.types.SecretVersion.State): + Output only. The current state of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + replication_status (google.cloud.secretmanager_v1.types.ReplicationStatus): + The replication status of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + etag (str): + Output only. Etag of the currently stored + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + client_specified_payload_checksum (bool): + Output only. True if payload checksum specified in + [SecretPayload][google.cloud.secretmanager.v1.SecretPayload] + object has been received by + [SecretManagerService][google.cloud.secretmanager.v1.SecretManagerService] + on + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion]. + scheduled_destroy_time (google.protobuf.timestamp_pb2.Timestamp): + Optional. Output only. Scheduled destroy time for secret + version. This is a part of the Delayed secret version + destroy feature. For a Secret with a valid version destroy + TTL, when a secert version is destroyed, the version is + moved to disabled state and it is scheduled for destruction. + The version is destroyed only after the + ``scheduled_destroy_time``. + customer_managed_encryption (google.cloud.secretmanager_v1.types.CustomerManagedEncryptionStatus): + Output only. The customer-managed encryption status of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + Only populated if customer-managed encryption is used and + [Secret][google.cloud.secretmanager.v1.Secret] is a + Regionalised Secret. + """ + class State(proto.Enum): + r"""The state of a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion], + indicating if it can be accessed. + + Values: + STATE_UNSPECIFIED (0): + Not specified. This value is unused and + invalid. + ENABLED (1): + The + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + may be accessed. + DISABLED (2): + The + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + may not be accessed, but the secret data is still available + and can be placed back into the + [ENABLED][google.cloud.secretmanager.v1.SecretVersion.State.ENABLED] + state. + DESTROYED (3): + The + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + is destroyed and the secret data is no longer stored. A + version may not leave this state once entered. + """ + STATE_UNSPECIFIED = 0 + ENABLED = 1 + DISABLED = 2 + DESTROYED = 3 + + name: str = proto.Field( + proto.STRING, + number=1, + ) + create_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=2, + message=timestamp_pb2.Timestamp, + ) + destroy_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=3, + message=timestamp_pb2.Timestamp, + ) + state: State = proto.Field( + proto.ENUM, + number=4, + enum=State, + ) + replication_status: 'ReplicationStatus' = proto.Field( + proto.MESSAGE, + number=5, + message='ReplicationStatus', + ) + etag: str = proto.Field( + proto.STRING, + number=6, + ) + client_specified_payload_checksum: bool = proto.Field( + proto.BOOL, + number=7, + ) + scheduled_destroy_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=8, + message=timestamp_pb2.Timestamp, + ) + customer_managed_encryption: 'CustomerManagedEncryptionStatus' = proto.Field( + proto.MESSAGE, + number=9, + message='CustomerManagedEncryptionStatus', + ) + + +class Replication(proto.Message): + r"""A policy that defines the replication and encryption + configuration of data. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + automatic (google.cloud.secretmanager_v1.types.Replication.Automatic): + The [Secret][google.cloud.secretmanager.v1.Secret] will + automatically be replicated without any restrictions. + + This field is a member of `oneof`_ ``replication``. + user_managed (google.cloud.secretmanager_v1.types.Replication.UserManaged): + The [Secret][google.cloud.secretmanager.v1.Secret] will only + be replicated into the locations specified. + + This field is a member of `oneof`_ ``replication``. + """ + + class Automatic(proto.Message): + r"""A replication policy that replicates the + [Secret][google.cloud.secretmanager.v1.Secret] payload without any + restrictions. + + Attributes: + customer_managed_encryption (google.cloud.secretmanager_v1.types.CustomerManagedEncryption): + Optional. The customer-managed encryption configuration of + the [Secret][google.cloud.secretmanager.v1.Secret]. If no + configuration is provided, Google-managed default encryption + is used. + + Updates to the + [Secret][google.cloud.secretmanager.v1.Secret] encryption + configuration only apply to + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + added afterwards. They do not apply retroactively to + existing + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. + """ + + customer_managed_encryption: 'CustomerManagedEncryption' = proto.Field( + proto.MESSAGE, + number=1, + message='CustomerManagedEncryption', + ) + + class UserManaged(proto.Message): + r"""A replication policy that replicates the + [Secret][google.cloud.secretmanager.v1.Secret] payload into the + locations specified in [Secret.replication.user_managed.replicas][] + + Attributes: + replicas (MutableSequence[google.cloud.secretmanager_v1.types.Replication.UserManaged.Replica]): + Required. The list of Replicas for this + [Secret][google.cloud.secretmanager.v1.Secret]. + + Cannot be empty. + """ + + class Replica(proto.Message): + r"""Represents a Replica for this + [Secret][google.cloud.secretmanager.v1.Secret]. + + Attributes: + location (str): + The canonical IDs of the location to replicate data. For + example: ``"us-east1"``. + customer_managed_encryption (google.cloud.secretmanager_v1.types.CustomerManagedEncryption): + Optional. The customer-managed encryption configuration of + the [User-Managed Replica][Replication.UserManaged.Replica]. + If no configuration is provided, Google-managed default + encryption is used. + + Updates to the + [Secret][google.cloud.secretmanager.v1.Secret] encryption + configuration only apply to + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + added afterwards. They do not apply retroactively to + existing + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. + """ + + location: str = proto.Field( + proto.STRING, + number=1, + ) + customer_managed_encryption: 'CustomerManagedEncryption' = proto.Field( + proto.MESSAGE, + number=2, + message='CustomerManagedEncryption', + ) + + replicas: MutableSequence['Replication.UserManaged.Replica'] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message='Replication.UserManaged.Replica', + ) + + automatic: Automatic = proto.Field( + proto.MESSAGE, + number=1, + oneof='replication', + message=Automatic, + ) + user_managed: UserManaged = proto.Field( + proto.MESSAGE, + number=2, + oneof='replication', + message=UserManaged, + ) + + +class CustomerManagedEncryption(proto.Message): + r"""Configuration for encrypting secret payloads using + customer-managed encryption keys (CMEK). + + Attributes: + kms_key_name (str): + Required. The resource name of the Cloud KMS CryptoKey used + to encrypt secret payloads. + + For secrets using the + [UserManaged][google.cloud.secretmanager.v1.Replication.UserManaged] + replication policy type, Cloud KMS CryptoKeys must reside in + the same location as the [replica + location][Secret.UserManaged.Replica.location]. + + For secrets using the + [Automatic][google.cloud.secretmanager.v1.Replication.Automatic] + replication policy type, Cloud KMS CryptoKeys must reside in + ``global``. + + The expected format is + ``projects/*/locations/*/keyRings/*/cryptoKeys/*``. + """ + + kms_key_name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class ReplicationStatus(proto.Message): + r"""The replication status of a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + automatic (google.cloud.secretmanager_v1.types.ReplicationStatus.AutomaticStatus): + Describes the replication status of a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + with automatic replication. + + Only populated if the parent + [Secret][google.cloud.secretmanager.v1.Secret] has an + automatic replication policy. + + This field is a member of `oneof`_ ``replication_status``. + user_managed (google.cloud.secretmanager_v1.types.ReplicationStatus.UserManagedStatus): + Describes the replication status of a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + with user-managed replication. + + Only populated if the parent + [Secret][google.cloud.secretmanager.v1.Secret] has a + user-managed replication policy. + + This field is a member of `oneof`_ ``replication_status``. + """ + + class AutomaticStatus(proto.Message): + r"""The replication status of a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] using + automatic replication. + + Only populated if the parent + [Secret][google.cloud.secretmanager.v1.Secret] has an automatic + replication policy. + + Attributes: + customer_managed_encryption (google.cloud.secretmanager_v1.types.CustomerManagedEncryptionStatus): + Output only. The customer-managed encryption status of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + Only populated if customer-managed encryption is used. + """ + + customer_managed_encryption: 'CustomerManagedEncryptionStatus' = proto.Field( + proto.MESSAGE, + number=1, + message='CustomerManagedEncryptionStatus', + ) + + class UserManagedStatus(proto.Message): + r"""The replication status of a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] using + user-managed replication. + + Only populated if the parent + [Secret][google.cloud.secretmanager.v1.Secret] has a user-managed + replication policy. + + Attributes: + replicas (MutableSequence[google.cloud.secretmanager_v1.types.ReplicationStatus.UserManagedStatus.ReplicaStatus]): + Output only. The list of replica statuses for the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + """ + + class ReplicaStatus(proto.Message): + r"""Describes the status of a user-managed replica for the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + Attributes: + location (str): + Output only. The canonical ID of the replica location. For + example: ``"us-east1"``. + customer_managed_encryption (google.cloud.secretmanager_v1.types.CustomerManagedEncryptionStatus): + Output only. The customer-managed encryption status of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + Only populated if customer-managed encryption is used. + """ + + location: str = proto.Field( + proto.STRING, + number=1, + ) + customer_managed_encryption: 'CustomerManagedEncryptionStatus' = proto.Field( + proto.MESSAGE, + number=2, + message='CustomerManagedEncryptionStatus', + ) + + replicas: MutableSequence['ReplicationStatus.UserManagedStatus.ReplicaStatus'] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message='ReplicationStatus.UserManagedStatus.ReplicaStatus', + ) + + automatic: AutomaticStatus = proto.Field( + proto.MESSAGE, + number=1, + oneof='replication_status', + message=AutomaticStatus, + ) + user_managed: UserManagedStatus = proto.Field( + proto.MESSAGE, + number=2, + oneof='replication_status', + message=UserManagedStatus, + ) + + +class CustomerManagedEncryptionStatus(proto.Message): + r"""Describes the status of customer-managed encryption. + + Attributes: + kms_key_version_name (str): + Required. The resource name of the Cloud KMS + CryptoKeyVersion used to encrypt the secret payload, in the + following format: + ``projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*``. + """ + + kms_key_version_name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class Topic(proto.Message): + r"""A Pub/Sub topic which Secret Manager will publish to when + control plane events occur on this secret. + + Attributes: + name (str): + Required. The resource name of the Pub/Sub topic that will + be published to, in the following format: + ``projects/*/topics/*``. For publication to succeed, the + Secret Manager service agent must have the + ``pubsub.topic.publish`` permission on the topic. The + Pub/Sub Publisher role (``roles/pubsub.publisher``) includes + this permission. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class Rotation(proto.Message): + r"""The rotation time and period for a + [Secret][google.cloud.secretmanager.v1.Secret]. At + next_rotation_time, Secret Manager will send a Pub/Sub notification + to the topics configured on the Secret. + [Secret.topics][google.cloud.secretmanager.v1.Secret.topics] must be + set to configure rotation. + + Attributes: + next_rotation_time (google.protobuf.timestamp_pb2.Timestamp): + Optional. Timestamp in UTC at which the + [Secret][google.cloud.secretmanager.v1.Secret] is scheduled + to rotate. Cannot be set to less than 300s (5 min) in the + future and at most 3153600000s (100 years). + + [next_rotation_time][google.cloud.secretmanager.v1.Rotation.next_rotation_time] + MUST be set if + [rotation_period][google.cloud.secretmanager.v1.Rotation.rotation_period] + is set. + rotation_period (google.protobuf.duration_pb2.Duration): + Input only. The Duration between rotation notifications. + Must be in seconds and at least 3600s (1h) and at most + 3153600000s (100 years). + + If + [rotation_period][google.cloud.secretmanager.v1.Rotation.rotation_period] + is set, + [next_rotation_time][google.cloud.secretmanager.v1.Rotation.next_rotation_time] + must be set. + [next_rotation_time][google.cloud.secretmanager.v1.Rotation.next_rotation_time] + will be advanced by this period when the service + automatically sends rotation notifications. + """ + + next_rotation_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=1, + message=timestamp_pb2.Timestamp, + ) + rotation_period: duration_pb2.Duration = proto.Field( + proto.MESSAGE, + number=2, + message=duration_pb2.Duration, + ) + + +class SecretPayload(proto.Message): + r"""A secret payload resource in the Secret Manager API. This contains + the sensitive secret payload that is associated with a + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + data (bytes): + The secret data. Must be no larger than + 64KiB. + data_crc32c (int): + Optional. If specified, + [SecretManagerService][google.cloud.secretmanager.v1.SecretManagerService] + will verify the integrity of the received + [data][google.cloud.secretmanager.v1.SecretPayload.data] on + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion] + calls using the crc32c checksum and store it to include in + future + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion] + responses. If a checksum is not provided in the + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion] + request, the + [SecretManagerService][google.cloud.secretmanager.v1.SecretManagerService] + will generate and store one for you. + + The CRC32C value is encoded as a Int64 for compatibility, + and can be safely downconverted to uint32 in languages that + support this type. + https://cloud.google.com/apis/design/design_patterns#integer_types + + This field is a member of `oneof`_ ``_data_crc32c``. + """ + + data: bytes = proto.Field( + proto.BYTES, + number=1, + ) + data_crc32c: int = proto.Field( + proto.INT64, + number=2, + optional=True, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/types/service.py b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/types/service.py new file mode 100644 index 000000000000..252c33dd355e --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/google/cloud/secretmanager_v1/types/service.py @@ -0,0 +1,507 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from __future__ import annotations + +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.cloud.secretmanager_v1.types import resources +from google.protobuf import field_mask_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.secretmanager.v1', + manifest={ + 'ListSecretsRequest', + 'ListSecretsResponse', + 'CreateSecretRequest', + 'AddSecretVersionRequest', + 'GetSecretRequest', + 'ListSecretVersionsRequest', + 'ListSecretVersionsResponse', + 'GetSecretVersionRequest', + 'UpdateSecretRequest', + 'AccessSecretVersionRequest', + 'AccessSecretVersionResponse', + 'DeleteSecretRequest', + 'DisableSecretVersionRequest', + 'EnableSecretVersionRequest', + 'DestroySecretVersionRequest', + }, +) + + +class ListSecretsRequest(proto.Message): + r"""Request message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1.SecretManagerService.ListSecrets]. + + Attributes: + parent (str): + Required. The resource name of the project associated with + the [Secrets][google.cloud.secretmanager.v1.Secret], in the + format ``projects/*`` or ``projects/*/locations/*`` + page_size (int): + Optional. The maximum number of results to be + returned in a single page. If set to 0, the + server decides the number of results to return. + If the number is greater than 25000, it is + capped at 25000. + page_token (str): + Optional. Pagination token, returned earlier via + [ListSecretsResponse.next_page_token][google.cloud.secretmanager.v1.ListSecretsResponse.next_page_token]. + filter (str): + Optional. Filter string, adhering to the rules in + `List-operation + filtering `__. + List only secrets matching the filter. If filter is empty, + all secrets are listed. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + page_size: int = proto.Field( + proto.INT32, + number=2, + ) + page_token: str = proto.Field( + proto.STRING, + number=3, + ) + filter: str = proto.Field( + proto.STRING, + number=4, + ) + + +class ListSecretsResponse(proto.Message): + r"""Response message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1.SecretManagerService.ListSecrets]. + + Attributes: + secrets (MutableSequence[google.cloud.secretmanager_v1.types.Secret]): + The list of [Secrets][google.cloud.secretmanager.v1.Secret] + sorted in reverse by create_time (newest first). + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in + [ListSecretsRequest.page_token][google.cloud.secretmanager.v1.ListSecretsRequest.page_token] + to retrieve the next page. + total_size (int): + The total number of + [Secrets][google.cloud.secretmanager.v1.Secret] but 0 when + the + [ListSecretsRequest.filter][google.cloud.secretmanager.v1.ListSecretsRequest.filter] + field is set. + """ + + @property + def raw_page(self): + return self + + secrets: MutableSequence[resources.Secret] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.Secret, + ) + next_page_token: str = proto.Field( + proto.STRING, + number=2, + ) + total_size: int = proto.Field( + proto.INT32, + number=3, + ) + + +class CreateSecretRequest(proto.Message): + r"""Request message for + [SecretManagerService.CreateSecret][google.cloud.secretmanager.v1.SecretManagerService.CreateSecret]. + + Attributes: + parent (str): + Required. The resource name of the project to associate with + the [Secret][google.cloud.secretmanager.v1.Secret], in the + format ``projects/*`` or ``projects/*/locations/*``. + secret_id (str): + Required. This must be unique within the project. + + A secret ID is a string with a maximum length of 255 + characters and can contain uppercase and lowercase letters, + numerals, and the hyphen (``-``) and underscore (``_``) + characters. + secret (google.cloud.secretmanager_v1.types.Secret): + Required. A [Secret][google.cloud.secretmanager.v1.Secret] + with initial field values. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + secret_id: str = proto.Field( + proto.STRING, + number=2, + ) + secret: resources.Secret = proto.Field( + proto.MESSAGE, + number=3, + message=resources.Secret, + ) + + +class AddSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion]. + + Attributes: + parent (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret] to associate + with the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + in the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + payload (google.cloud.secretmanager_v1.types.SecretPayload): + Required. The secret payload of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + payload: resources.SecretPayload = proto.Field( + proto.MESSAGE, + number=2, + message=resources.SecretPayload, + ) + + +class GetSecretRequest(proto.Message): + r"""Request message for + [SecretManagerService.GetSecret][google.cloud.secretmanager.v1.SecretManagerService.GetSecret]. + + Attributes: + name (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret], in the + format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class ListSecretVersionsRequest(proto.Message): + r"""Request message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1.SecretManagerService.ListSecretVersions]. + + Attributes: + parent (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret] associated + with the + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + to list, in the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + page_size (int): + Optional. The maximum number of results to be + returned in a single page. If set to 0, the + server decides the number of results to return. + If the number is greater than 25000, it is + capped at 25000. + page_token (str): + Optional. Pagination token, returned earlier via + ListSecretVersionsResponse.next_page_token][]. + filter (str): + Optional. Filter string, adhering to the rules in + `List-operation + filtering `__. + List only secret versions matching the filter. If filter is + empty, all secret versions are listed. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + page_size: int = proto.Field( + proto.INT32, + number=2, + ) + page_token: str = proto.Field( + proto.STRING, + number=3, + ) + filter: str = proto.Field( + proto.STRING, + number=4, + ) + + +class ListSecretVersionsResponse(proto.Message): + r"""Response message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1.SecretManagerService.ListSecretVersions]. + + Attributes: + versions (MutableSequence[google.cloud.secretmanager_v1.types.SecretVersion]): + The list of + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + sorted in reverse by create_time (newest first). + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in + [ListSecretVersionsRequest.page_token][google.cloud.secretmanager.v1.ListSecretVersionsRequest.page_token] + to retrieve the next page. + total_size (int): + The total number of + [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] + but 0 when the + [ListSecretsRequest.filter][google.cloud.secretmanager.v1.ListSecretsRequest.filter] + field is set. + """ + + @property + def raw_page(self): + return self + + versions: MutableSequence[resources.SecretVersion] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.SecretVersion, + ) + next_page_token: str = proto.Field( + proto.STRING, + number=2, + ) + total_size: int = proto.Field( + proto.INT32, + number=3, + ) + + +class GetSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.GetSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.GetSecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + ``projects/*/secrets/*/versions/latest`` or + ``projects/*/locations/*/secrets/*/versions/latest`` is an + alias to the most recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdateSecretRequest(proto.Message): + r"""Request message for + [SecretManagerService.UpdateSecret][google.cloud.secretmanager.v1.SecretManagerService.UpdateSecret]. + + Attributes: + secret (google.cloud.secretmanager_v1.types.Secret): + Required. [Secret][google.cloud.secretmanager.v1.Secret] + with updated field values. + update_mask (google.protobuf.field_mask_pb2.FieldMask): + Required. Specifies the fields to be updated. + """ + + secret: resources.Secret = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Secret, + ) + update_mask: field_mask_pb2.FieldMask = proto.Field( + proto.MESSAGE, + number=2, + message=field_mask_pb2.FieldMask, + ) + + +class AccessSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + ``projects/*/secrets/*/versions/latest`` or + ``projects/*/locations/*/secrets/*/versions/latest`` is an + alias to the most recently created + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class AccessSecretVersionResponse(proto.Message): + r"""Response message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion]. + + Attributes: + name (str): + The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + payload (google.cloud.secretmanager_v1.types.SecretPayload): + Secret payload + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + payload: resources.SecretPayload = proto.Field( + proto.MESSAGE, + number=2, + message=resources.SecretPayload, + ) + + +class DeleteSecretRequest(proto.Message): + r"""Request message for + [SecretManagerService.DeleteSecret][google.cloud.secretmanager.v1.SecretManagerService.DeleteSecret]. + + Attributes: + name (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1.Secret] to delete in + the format ``projects/*/secrets/*``. + etag (str): + Optional. Etag of the + [Secret][google.cloud.secretmanager.v1.Secret]. The request + succeeds if it matches the etag of the currently stored + secret object. If the etag is omitted, the request succeeds. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + etag: str = proto.Field( + proto.STRING, + number=2, + ) + + +class DisableSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.DisableSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.DisableSecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to disable in the format ``projects/*/secrets/*/versions/*`` + or ``projects/*/locations/*/secrets/*/versions/*``. + etag (str): + Optional. Etag of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + The request succeeds if it matches the etag of the currently + stored secret version object. If the etag is omitted, the + request succeeds. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + etag: str = proto.Field( + proto.STRING, + number=2, + ) + + +class EnableSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.EnableSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.EnableSecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to enable in the format ``projects/*/secrets/*/versions/*`` + or ``projects/*/locations/*/secrets/*/versions/*``. + etag (str): + Optional. Etag of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + The request succeeds if it matches the etag of the currently + stored secret version object. If the etag is omitted, the + request succeeds. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + etag: str = proto.Field( + proto.STRING, + number=2, + ) + + +class DestroySecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.DestroySecretVersion][google.cloud.secretmanager.v1.SecretManagerService.DestroySecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] + to destroy in the format ``projects/*/secrets/*/versions/*`` + or ``projects/*/locations/*/secrets/*/versions/*``. + etag (str): + Optional. Etag of the + [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. + The request succeeds if it matches the etag of the currently + stored secret version object. If the etag is omitted, the + request succeeds. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + etag: str = proto.Field( + proto.STRING, + number=2, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/mypy.ini b/owl-bot-staging/google-cloud-secret-manager/v1/mypy.ini new file mode 100644 index 000000000000..574c5aed394b --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/mypy.ini @@ -0,0 +1,3 @@ +[mypy] +python_version = 3.7 +namespace_packages = True diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/noxfile.py b/owl-bot-staging/google-cloud-secret-manager/v1/noxfile.py new file mode 100644 index 000000000000..3cf3df2597fa --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/noxfile.py @@ -0,0 +1,253 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +import pathlib +import re +import shutil +import subprocess +import sys + + +import nox # type: ignore + +ALL_PYTHON = [ + "3.7", + "3.8", + "3.9", + "3.10", + "3.11", + "3.12" +] + +CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() + +LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" +PACKAGE_NAME = 'google-cloud-secret-manager' + +BLACK_VERSION = "black==22.3.0" +BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] +DEFAULT_PYTHON_VERSION = "3.12" + +nox.sessions = [ + "unit", + "cover", + "mypy", + "check_lower_bounds" + # exclude update_lower_bounds from default + "docs", + "blacken", + "lint", + "prerelease_deps", +] + +@nox.session(python=ALL_PYTHON) +def unit(session): + """Run the unit test suite.""" + + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + session.install('-e', '.') + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/secretmanager_v1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + +@nox.session(python=ALL_PYTHON[-1]) +def prerelease_deps(session): + """Run the unit test suite against pre-release versions of dependencies.""" + + # Install test environment dependencies + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + + # Install the package without dependencies + session.install('-e', '.', '--no-deps') + + # We test the minimum dependency versions using the minimum Python + # version so the lowest python runtime that we test has a corresponding constraints + # file, located at `testing/constraints--.txt`, which contains all of the + # dependencies and extras. + with open( + CURRENT_DIRECTORY + / "testing" + / f"constraints-{ALL_PYTHON[0]}.txt", + encoding="utf-8", + ) as constraints_file: + constraints_text = constraints_file.read() + + # Ignore leading whitespace and comment lines. + constraints_deps = [ + match.group(1) + for match in re.finditer( + r"^\s*(\S+)(?===\S+)", constraints_text, flags=re.MULTILINE + ) + ] + + session.install(*constraints_deps) + + prerel_deps = [ + "googleapis-common-protos", + "google-api-core", + "google-auth", + "grpcio", + "grpcio-status", + "protobuf", + "proto-plus", + ] + + for dep in prerel_deps: + session.install("--pre", "--no-deps", "--upgrade", dep) + + # Remaining dependencies + other_deps = [ + "requests", + ] + session.install(*other_deps) + + # Print out prerelease package versions + + session.run("python", "-c", "import google.api_core; print(google.api_core.__version__)") + session.run("python", "-c", "import google.auth; print(google.auth.__version__)") + session.run("python", "-c", "import grpc; print(grpc.__version__)") + session.run( + "python", "-c", "import google.protobuf; print(google.protobuf.__version__)" + ) + session.run( + "python", "-c", "import proto; print(proto.__version__)" + ) + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/secretmanager_v1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def cover(session): + """Run the final coverage report. + This outputs the coverage report aggregating coverage from the unit + test runs (not system test runs), and then erases coverage data. + """ + session.install("coverage", "pytest-cov") + session.run("coverage", "report", "--show-missing", "--fail-under=100") + + session.run("coverage", "erase") + + +@nox.session(python=ALL_PYTHON) +def mypy(session): + """Run the type checker.""" + session.install( + 'mypy', + 'types-requests', + 'types-protobuf' + ) + session.install('.') + session.run( + 'mypy', + '-p', + 'google', + ) + + +@nox.session +def update_lower_bounds(session): + """Update lower bounds in constraints.txt to match setup.py""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'update', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + + +@nox.session +def check_lower_bounds(session): + """Check lower bounds in setup.py are reflected in constraints file""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'check', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def docs(session): + """Build the docs for this library.""" + + session.install("-e", ".") + session.install("sphinx==7.0.1", "alabaster", "recommonmark") + + shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) + session.run( + "sphinx-build", + "-W", # warnings as errors + "-T", # show full traceback on exception + "-N", # no colors + "-b", + "html", + "-d", + os.path.join("docs", "_build", "doctrees", ""), + os.path.join("docs", ""), + os.path.join("docs", "_build", "html", ""), + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint(session): + """Run linters. + + Returns a failure if the linters find linting errors or sufficiently + serious code quality issues. + """ + session.install("flake8", BLACK_VERSION) + session.run( + "black", + "--check", + *BLACK_PATHS, + ) + session.run("flake8", "google", "tests", "samples") + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def blacken(session): + """Run black. Format code to uniform standard.""" + session.install(BLACK_VERSION) + session.run( + "black", + *BLACK_PATHS, + ) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_access_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_access_secret_version_async.py new file mode 100644 index 000000000000..e88d714c7dcf --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_access_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for AccessSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_AccessSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +async def sample_access_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.AccessSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.access_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_AccessSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_access_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_access_secret_version_sync.py new file mode 100644 index 000000000000..a6152b65bcf5 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_access_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for AccessSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_AccessSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +def sample_access_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.AccessSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.access_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_AccessSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_add_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_add_secret_version_async.py new file mode 100644 index 000000000000..18b239ba5500 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_add_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for AddSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_AddSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +async def sample_add_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.AddSecretVersionRequest( + parent="parent_value", + ) + + # Make the request + response = await client.add_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_AddSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_add_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_add_secret_version_sync.py new file mode 100644 index 000000000000..af2d26e60b38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_add_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for AddSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_AddSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +def sample_add_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.AddSecretVersionRequest( + parent="parent_value", + ) + + # Make the request + response = client.add_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_AddSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_create_secret_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_create_secret_async.py new file mode 100644 index 000000000000..1729a8c392e2 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_create_secret_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_CreateSecret_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +async def sample_create_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.CreateSecretRequest( + parent="parent_value", + secret_id="secret_id_value", + ) + + # Make the request + response = await client.create_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_CreateSecret_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_create_secret_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_create_secret_sync.py new file mode 100644 index 000000000000..dd916da3999d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_create_secret_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_CreateSecret_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +def sample_create_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.CreateSecretRequest( + parent="parent_value", + secret_id="secret_id_value", + ) + + # Make the request + response = client.create_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_CreateSecret_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_delete_secret_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_delete_secret_async.py new file mode 100644 index 000000000000..7e33fad338ed --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_delete_secret_async.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_DeleteSecret_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +async def sample_delete_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.DeleteSecretRequest( + name="name_value", + ) + + # Make the request + await client.delete_secret(request=request) + + +# [END secretmanager_v1_generated_SecretManagerService_DeleteSecret_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_delete_secret_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_delete_secret_sync.py new file mode 100644 index 000000000000..84f43fa37ead --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_delete_secret_sync.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_DeleteSecret_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +def sample_delete_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.DeleteSecretRequest( + name="name_value", + ) + + # Make the request + client.delete_secret(request=request) + + +# [END secretmanager_v1_generated_SecretManagerService_DeleteSecret_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_destroy_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_destroy_secret_version_async.py new file mode 100644 index 000000000000..51610c0d6a0c --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_destroy_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DestroySecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_DestroySecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +async def sample_destroy_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.DestroySecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.destroy_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_DestroySecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_destroy_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_destroy_secret_version_sync.py new file mode 100644 index 000000000000..3a94e020d0c9 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_destroy_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DestroySecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_DestroySecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +def sample_destroy_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.DestroySecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.destroy_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_DestroySecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_disable_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_disable_secret_version_async.py new file mode 100644 index 000000000000..04618856f40c --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_disable_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DisableSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_DisableSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +async def sample_disable_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.DisableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.disable_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_DisableSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_disable_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_disable_secret_version_sync.py new file mode 100644 index 000000000000..50043bede839 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_disable_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DisableSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_DisableSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +def sample_disable_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.DisableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.disable_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_DisableSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_enable_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_enable_secret_version_async.py new file mode 100644 index 000000000000..ed731b788b19 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_enable_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for EnableSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_EnableSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +async def sample_enable_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.EnableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.enable_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_EnableSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_enable_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_enable_secret_version_sync.py new file mode 100644 index 000000000000..1c262949928f --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_enable_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for EnableSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_EnableSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +def sample_enable_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.EnableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.enable_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_EnableSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_iam_policy_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_iam_policy_async.py new file mode 100644 index 000000000000..b780578e25b6 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_iam_policy_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetIamPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_GetIamPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +async def sample_get_iam_policy(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.GetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = await client.get_iam_policy(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_GetIamPolicy_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_iam_policy_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_iam_policy_sync.py new file mode 100644 index 000000000000..98a8888179e3 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_iam_policy_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetIamPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_GetIamPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +def sample_get_iam_policy(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.GetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = client.get_iam_policy(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_GetIamPolicy_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_secret_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_secret_async.py new file mode 100644 index 000000000000..a301dc6164cb --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_secret_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_GetSecret_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +async def sample_get_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.GetSecretRequest( + name="name_value", + ) + + # Make the request + response = await client.get_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_GetSecret_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_secret_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_secret_sync.py new file mode 100644 index 000000000000..b592c158709f --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_secret_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_GetSecret_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +def sample_get_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.GetSecretRequest( + name="name_value", + ) + + # Make the request + response = client.get_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_GetSecret_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_secret_version_async.py new file mode 100644 index 000000000000..c267904f39c2 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_GetSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +async def sample_get_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.GetSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.get_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_GetSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_secret_version_sync.py new file mode 100644 index 000000000000..3f34752bb3e1 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_get_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_GetSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +def sample_get_secret_version(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.GetSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.get_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_GetSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_list_secret_versions_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_list_secret_versions_async.py new file mode 100644 index 000000000000..cdad871e120a --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_list_secret_versions_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListSecretVersions +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_ListSecretVersions_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +async def sample_list_secret_versions(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.ListSecretVersionsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secret_versions(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_ListSecretVersions_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_list_secret_versions_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_list_secret_versions_sync.py new file mode 100644 index 000000000000..e34399b4575b --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_list_secret_versions_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListSecretVersions +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_ListSecretVersions_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +def sample_list_secret_versions(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.ListSecretVersionsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secret_versions(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_ListSecretVersions_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_list_secrets_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_list_secrets_async.py new file mode 100644 index 000000000000..b021887517b0 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_list_secrets_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListSecrets +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_ListSecrets_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +async def sample_list_secrets(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.ListSecretsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secrets(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_ListSecrets_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_list_secrets_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_list_secrets_sync.py new file mode 100644 index 000000000000..ce0a7c2ca81a --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_list_secrets_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListSecrets +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_ListSecrets_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +def sample_list_secrets(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.ListSecretsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secrets(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_ListSecrets_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_set_iam_policy_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_set_iam_policy_async.py new file mode 100644 index 000000000000..908405bc4330 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_set_iam_policy_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for SetIamPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_SetIamPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +async def sample_set_iam_policy(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.SetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = await client.set_iam_policy(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_SetIamPolicy_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_set_iam_policy_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_set_iam_policy_sync.py new file mode 100644 index 000000000000..aca6a7611c46 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_set_iam_policy_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for SetIamPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_SetIamPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +def sample_set_iam_policy(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.SetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = client.set_iam_policy(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_SetIamPolicy_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_test_iam_permissions_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_test_iam_permissions_async.py new file mode 100644 index 000000000000..ec22fadf82de --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_test_iam_permissions_async.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for TestIamPermissions +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_TestIamPermissions_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +async def sample_test_iam_permissions(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.TestIamPermissionsRequest( + resource="resource_value", + permissions=['permissions_value1', 'permissions_value2'], + ) + + # Make the request + response = await client.test_iam_permissions(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_TestIamPermissions_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_test_iam_permissions_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_test_iam_permissions_sync.py new file mode 100644 index 000000000000..c91f921caf5d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_test_iam_permissions_sync.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for TestIamPermissions +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_TestIamPermissions_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +def sample_test_iam_permissions(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.TestIamPermissionsRequest( + resource="resource_value", + permissions=['permissions_value1', 'permissions_value2'], + ) + + # Make the request + response = client.test_iam_permissions(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_TestIamPermissions_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_update_secret_async.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_update_secret_async.py new file mode 100644 index 000000000000..6574ab41e5a7 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_update_secret_async.py @@ -0,0 +1,51 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_UpdateSecret_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +async def sample_update_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1.UpdateSecretRequest( + ) + + # Make the request + response = await client.update_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_UpdateSecret_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_update_secret_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_update_secret_sync.py new file mode 100644 index 000000000000..def89ec8ad6f --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/secretmanager_v1_generated_secret_manager_service_update_secret_sync.py @@ -0,0 +1,51 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secret-manager + + +# [START secretmanager_v1_generated_SecretManagerService_UpdateSecret_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1 + + +def sample_update_secret(): + # Create a client + client = secretmanager_v1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1.UpdateSecretRequest( + ) + + # Make the request + response = client.update_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1_generated_SecretManagerService_UpdateSecret_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/snippet_metadata_google.cloud.secretmanager.v1.json b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/snippet_metadata_google.cloud.secretmanager.v1.json new file mode 100644 index 000000000000..fb38dd2243a0 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/samples/generated_samples/snippet_metadata_google.cloud.secretmanager.v1.json @@ -0,0 +1,2432 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.secretmanager.v1", + "version": "v1" + } + ], + "language": "PYTHON", + "name": "google-cloud-secret-manager", + "version": "0.1.0" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.access_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "AccessSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.AccessSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.AccessSecretVersionResponse", + "shortName": "access_secret_version" + }, + "description": "Sample for AccessSecretVersion", + "file": "secretmanager_v1_generated_secret_manager_service_access_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_AccessSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_access_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.access_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "AccessSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.AccessSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.AccessSecretVersionResponse", + "shortName": "access_secret_version" + }, + "description": "Sample for AccessSecretVersion", + "file": "secretmanager_v1_generated_secret_manager_service_access_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_AccessSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_access_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.add_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "AddSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.AddSecretVersionRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "payload", + "type": "google.cloud.secretmanager_v1.types.SecretPayload" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.SecretVersion", + "shortName": "add_secret_version" + }, + "description": "Sample for AddSecretVersion", + "file": "secretmanager_v1_generated_secret_manager_service_add_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_AddSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_add_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.add_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "AddSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.AddSecretVersionRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "payload", + "type": "google.cloud.secretmanager_v1.types.SecretPayload" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.SecretVersion", + "shortName": "add_secret_version" + }, + "description": "Sample for AddSecretVersion", + "file": "secretmanager_v1_generated_secret_manager_service_add_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_AddSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_add_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.create_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.CreateSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "CreateSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.CreateSecretRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "secret_id", + "type": "str" + }, + { + "name": "secret", + "type": "google.cloud.secretmanager_v1.types.Secret" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.Secret", + "shortName": "create_secret" + }, + "description": "Sample for CreateSecret", + "file": "secretmanager_v1_generated_secret_manager_service_create_secret_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_CreateSecret_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_create_secret_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.create_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.CreateSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "CreateSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.CreateSecretRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "secret_id", + "type": "str" + }, + { + "name": "secret", + "type": "google.cloud.secretmanager_v1.types.Secret" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.Secret", + "shortName": "create_secret" + }, + "description": "Sample for CreateSecret", + "file": "secretmanager_v1_generated_secret_manager_service_create_secret_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_CreateSecret_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_create_secret_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.delete_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.DeleteSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DeleteSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.DeleteSecretRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_secret" + }, + "description": "Sample for DeleteSecret", + "file": "secretmanager_v1_generated_secret_manager_service_delete_secret_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_DeleteSecret_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_delete_secret_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.delete_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.DeleteSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DeleteSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.DeleteSecretRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_secret" + }, + "description": "Sample for DeleteSecret", + "file": "secretmanager_v1_generated_secret_manager_service_delete_secret_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_DeleteSecret_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_delete_secret_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.destroy_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.DestroySecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DestroySecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.DestroySecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.SecretVersion", + "shortName": "destroy_secret_version" + }, + "description": "Sample for DestroySecretVersion", + "file": "secretmanager_v1_generated_secret_manager_service_destroy_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_DestroySecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_destroy_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.destroy_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.DestroySecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DestroySecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.DestroySecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.SecretVersion", + "shortName": "destroy_secret_version" + }, + "description": "Sample for DestroySecretVersion", + "file": "secretmanager_v1_generated_secret_manager_service_destroy_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_DestroySecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_destroy_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.disable_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.DisableSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DisableSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.DisableSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.SecretVersion", + "shortName": "disable_secret_version" + }, + "description": "Sample for DisableSecretVersion", + "file": "secretmanager_v1_generated_secret_manager_service_disable_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_DisableSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_disable_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.disable_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.DisableSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DisableSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.DisableSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.SecretVersion", + "shortName": "disable_secret_version" + }, + "description": "Sample for DisableSecretVersion", + "file": "secretmanager_v1_generated_secret_manager_service_disable_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_DisableSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_disable_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.enable_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.EnableSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "EnableSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.EnableSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.SecretVersion", + "shortName": "enable_secret_version" + }, + "description": "Sample for EnableSecretVersion", + "file": "secretmanager_v1_generated_secret_manager_service_enable_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_EnableSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_enable_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.enable_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.EnableSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "EnableSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.EnableSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.SecretVersion", + "shortName": "enable_secret_version" + }, + "description": "Sample for EnableSecretVersion", + "file": "secretmanager_v1_generated_secret_manager_service_enable_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_EnableSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_enable_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.get_iam_policy", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.GetIamPolicy", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetIamPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.GetIamPolicyRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.policy_pb2.Policy", + "shortName": "get_iam_policy" + }, + "description": "Sample for GetIamPolicy", + "file": "secretmanager_v1_generated_secret_manager_service_get_iam_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_GetIamPolicy_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_get_iam_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.get_iam_policy", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.GetIamPolicy", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetIamPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.GetIamPolicyRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.policy_pb2.Policy", + "shortName": "get_iam_policy" + }, + "description": "Sample for GetIamPolicy", + "file": "secretmanager_v1_generated_secret_manager_service_get_iam_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_GetIamPolicy_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_get_iam_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.get_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.GetSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.GetSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.SecretVersion", + "shortName": "get_secret_version" + }, + "description": "Sample for GetSecretVersion", + "file": "secretmanager_v1_generated_secret_manager_service_get_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_GetSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_get_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.get_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.GetSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.GetSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.SecretVersion", + "shortName": "get_secret_version" + }, + "description": "Sample for GetSecretVersion", + "file": "secretmanager_v1_generated_secret_manager_service_get_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_GetSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_get_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.get_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.GetSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.GetSecretRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.Secret", + "shortName": "get_secret" + }, + "description": "Sample for GetSecret", + "file": "secretmanager_v1_generated_secret_manager_service_get_secret_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_GetSecret_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_get_secret_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.get_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.GetSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.GetSecretRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.Secret", + "shortName": "get_secret" + }, + "description": "Sample for GetSecret", + "file": "secretmanager_v1_generated_secret_manager_service_get_secret_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_GetSecret_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_get_secret_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.list_secret_versions", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.ListSecretVersions", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "ListSecretVersions" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.ListSecretVersionsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.services.secret_manager_service.pagers.ListSecretVersionsAsyncPager", + "shortName": "list_secret_versions" + }, + "description": "Sample for ListSecretVersions", + "file": "secretmanager_v1_generated_secret_manager_service_list_secret_versions_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_ListSecretVersions_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_list_secret_versions_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.list_secret_versions", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.ListSecretVersions", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "ListSecretVersions" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.ListSecretVersionsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.services.secret_manager_service.pagers.ListSecretVersionsPager", + "shortName": "list_secret_versions" + }, + "description": "Sample for ListSecretVersions", + "file": "secretmanager_v1_generated_secret_manager_service_list_secret_versions_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_ListSecretVersions_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_list_secret_versions_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.list_secrets", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.ListSecrets", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "ListSecrets" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.ListSecretsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.services.secret_manager_service.pagers.ListSecretsAsyncPager", + "shortName": "list_secrets" + }, + "description": "Sample for ListSecrets", + "file": "secretmanager_v1_generated_secret_manager_service_list_secrets_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_ListSecrets_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_list_secrets_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.list_secrets", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.ListSecrets", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "ListSecrets" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.ListSecretsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.services.secret_manager_service.pagers.ListSecretsPager", + "shortName": "list_secrets" + }, + "description": "Sample for ListSecrets", + "file": "secretmanager_v1_generated_secret_manager_service_list_secrets_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_ListSecrets_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_list_secrets_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.set_iam_policy", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.SetIamPolicy", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "SetIamPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.SetIamPolicyRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.policy_pb2.Policy", + "shortName": "set_iam_policy" + }, + "description": "Sample for SetIamPolicy", + "file": "secretmanager_v1_generated_secret_manager_service_set_iam_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_SetIamPolicy_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_set_iam_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.set_iam_policy", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.SetIamPolicy", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "SetIamPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.SetIamPolicyRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.policy_pb2.Policy", + "shortName": "set_iam_policy" + }, + "description": "Sample for SetIamPolicy", + "file": "secretmanager_v1_generated_secret_manager_service_set_iam_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_SetIamPolicy_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_set_iam_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.test_iam_permissions", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.TestIamPermissions", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "TestIamPermissions" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse", + "shortName": "test_iam_permissions" + }, + "description": "Sample for TestIamPermissions", + "file": "secretmanager_v1_generated_secret_manager_service_test_iam_permissions_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_TestIamPermissions_async", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_test_iam_permissions_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.test_iam_permissions", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.TestIamPermissions", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "TestIamPermissions" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse", + "shortName": "test_iam_permissions" + }, + "description": "Sample for TestIamPermissions", + "file": "secretmanager_v1_generated_secret_manager_service_test_iam_permissions_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_TestIamPermissions_sync", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_test_iam_permissions_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceAsyncClient.update_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.UpdateSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "UpdateSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.UpdateSecretRequest" + }, + { + "name": "secret", + "type": "google.cloud.secretmanager_v1.types.Secret" + }, + { + "name": "update_mask", + "type": "google.protobuf.field_mask_pb2.FieldMask" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.Secret", + "shortName": "update_secret" + }, + "description": "Sample for UpdateSecret", + "file": "secretmanager_v1_generated_secret_manager_service_update_secret_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_UpdateSecret_async", + "segments": [ + { + "end": 50, + "start": 27, + "type": "FULL" + }, + { + "end": 50, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 44, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 47, + "start": 45, + "type": "REQUEST_EXECUTION" + }, + { + "end": 51, + "start": 48, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_update_secret_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1.SecretManagerServiceClient.update_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService.UpdateSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "UpdateSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1.types.UpdateSecretRequest" + }, + { + "name": "secret", + "type": "google.cloud.secretmanager_v1.types.Secret" + }, + { + "name": "update_mask", + "type": "google.protobuf.field_mask_pb2.FieldMask" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1.types.Secret", + "shortName": "update_secret" + }, + "description": "Sample for UpdateSecret", + "file": "secretmanager_v1_generated_secret_manager_service_update_secret_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1_generated_SecretManagerService_UpdateSecret_sync", + "segments": [ + { + "end": 50, + "start": 27, + "type": "FULL" + }, + { + "end": 50, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 44, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 47, + "start": 45, + "type": "REQUEST_EXECUTION" + }, + { + "end": 51, + "start": 48, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1_generated_secret_manager_service_update_secret_sync.py" + } + ] +} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/scripts/fixup_secretmanager_v1_keywords.py b/owl-bot-staging/google-cloud-secret-manager/v1/scripts/fixup_secretmanager_v1_keywords.py new file mode 100644 index 000000000000..03d2112b5795 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/scripts/fixup_secretmanager_v1_keywords.py @@ -0,0 +1,190 @@ +#! /usr/bin/env python3 +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import argparse +import os +import libcst as cst +import pathlib +import sys +from typing import (Any, Callable, Dict, List, Sequence, Tuple) + + +def partition( + predicate: Callable[[Any], bool], + iterator: Sequence[Any] +) -> Tuple[List[Any], List[Any]]: + """A stable, out-of-place partition.""" + results = ([], []) + + for i in iterator: + results[int(predicate(i))].append(i) + + # Returns trueList, falseList + return results[1], results[0] + + +class secretmanagerCallTransformer(cst.CSTTransformer): + CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') + METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { + 'access_secret_version': ('name', ), + 'add_secret_version': ('parent', 'payload', ), + 'create_secret': ('parent', 'secret_id', 'secret', ), + 'delete_secret': ('name', 'etag', ), + 'destroy_secret_version': ('name', 'etag', ), + 'disable_secret_version': ('name', 'etag', ), + 'enable_secret_version': ('name', 'etag', ), + 'get_iam_policy': ('resource', 'options', ), + 'get_secret': ('name', ), + 'get_secret_version': ('name', ), + 'list_secrets': ('parent', 'page_size', 'page_token', 'filter', ), + 'list_secret_versions': ('parent', 'page_size', 'page_token', 'filter', ), + 'set_iam_policy': ('resource', 'policy', 'update_mask', ), + 'test_iam_permissions': ('resource', 'permissions', ), + 'update_secret': ('secret', 'update_mask', ), + } + + def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: + try: + key = original.func.attr.value + kword_params = self.METHOD_TO_PARAMS[key] + except (AttributeError, KeyError): + # Either not a method from the API or too convoluted to be sure. + return updated + + # If the existing code is valid, keyword args come after positional args. + # Therefore, all positional args must map to the first parameters. + args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) + if any(k.keyword.value == "request" for k in kwargs): + # We've already fixed this file, don't fix it again. + return updated + + kwargs, ctrl_kwargs = partition( + lambda a: a.keyword.value not in self.CTRL_PARAMS, + kwargs + ) + + args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] + ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) + for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) + + request_arg = cst.Arg( + value=cst.Dict([ + cst.DictElement( + cst.SimpleString("'{}'".format(name)), +cst.Element(value=arg.value) + ) + # Note: the args + kwargs looks silly, but keep in mind that + # the control parameters had to be stripped out, and that + # those could have been passed positionally or by keyword. + for name, arg in zip(kword_params, args + kwargs)]), + keyword=cst.Name("request") + ) + + return updated.with_changes( + args=[request_arg] + ctrl_kwargs + ) + + +def fix_files( + in_dir: pathlib.Path, + out_dir: pathlib.Path, + *, + transformer=secretmanagerCallTransformer(), +): + """Duplicate the input dir to the output dir, fixing file method calls. + + Preconditions: + * in_dir is a real directory + * out_dir is a real, empty directory + """ + pyfile_gen = ( + pathlib.Path(os.path.join(root, f)) + for root, _, files in os.walk(in_dir) + for f in files if os.path.splitext(f)[1] == ".py" + ) + + for fpath in pyfile_gen: + with open(fpath, 'r') as f: + src = f.read() + + # Parse the code and insert method call fixes. + tree = cst.parse_module(src) + updated = tree.visit(transformer) + + # Create the path and directory structure for the new file. + updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) + updated_path.parent.mkdir(parents=True, exist_ok=True) + + # Generate the updated source file at the corresponding path. + with open(updated_path, 'w') as f: + f.write(updated.code) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description="""Fix up source that uses the secretmanager client library. + +The existing sources are NOT overwritten but are copied to output_dir with changes made. + +Note: This tool operates at a best-effort level at converting positional + parameters in client method calls to keyword based parameters. + Cases where it WILL FAIL include + A) * or ** expansion in a method call. + B) Calls via function or method alias (includes free function calls) + C) Indirect or dispatched calls (e.g. the method is looked up dynamically) + + These all constitute false negatives. The tool will also detect false + positives when an API method shares a name with another method. +""") + parser.add_argument( + '-d', + '--input-directory', + required=True, + dest='input_dir', + help='the input directory to walk for python files to fix up', + ) + parser.add_argument( + '-o', + '--output-directory', + required=True, + dest='output_dir', + help='the directory to output files fixed via un-flattening', + ) + args = parser.parse_args() + input_dir = pathlib.Path(args.input_dir) + output_dir = pathlib.Path(args.output_dir) + if not input_dir.is_dir(): + print( + f"input directory '{input_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if not output_dir.is_dir(): + print( + f"output directory '{output_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if os.listdir(output_dir): + print( + f"output directory '{output_dir}' is not empty", + file=sys.stderr, + ) + sys.exit(-1) + + fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/setup.py b/owl-bot-staging/google-cloud-secret-manager/v1/setup.py new file mode 100644 index 000000000000..bf4772f4327a --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/setup.py @@ -0,0 +1,94 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import io +import os +import re + +import setuptools # type: ignore + +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = 'google-cloud-secret-manager' + + +description = "Google Cloud Secret Manager API client library" + +version = None + +with open(os.path.join(package_root, 'google/cloud/secretmanager/gapic_version.py')) as fp: + version_candidates = re.findall(r"(?<=\")\d+.\d+.\d+(?=\")", fp.read()) + assert (len(version_candidates) == 1) + version = version_candidates[0] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.34.1, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*,!=2.8.*,!=2.9.*,!=2.10.*", + # Exclude incompatible versions of `google-auth` + # See https://github.com/googleapis/google-cloud-python/issues/12364 + "google-auth >= 2.14.1, <3.0.0dev,!=2.24.0,!=2.25.0", + "proto-plus >= 1.22.3, <2.0.0dev", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", + "grpc-google-iam-v1 >= 0.12.4, <1.0.0dev", +] +url = "https://github.com/googleapis/google-cloud-python/tree/main/packages/google-cloud-secret-manager" + +package_root = os.path.abspath(os.path.dirname(__file__)) + +readme_filename = os.path.join(package_root, "README.rst") +with io.open(readme_filename, encoding="utf-8") as readme_file: + readme = readme_file.read() + +packages = [ + package + for package in setuptools.find_namespace_packages() + if package.startswith("google") +] + +setuptools.setup( + name=name, + version=version, + description=description, + long_description=readme, + author="Google LLC", + author_email="googleapis-packages@google.com", + license="Apache 2.0", + url=url, + classifiers=[ + release_status, + "Intended Audience :: Developers", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Operating System :: OS Independent", + "Topic :: Internet", + ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + install_requires=dependencies, + include_package_data=True, + zip_safe=False, +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.10.txt b/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.10.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.10.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.11.txt b/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.11.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.11.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.12.txt b/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.12.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.12.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.7.txt b/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.7.txt new file mode 100644 index 000000000000..4cd2782277d4 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.7.txt @@ -0,0 +1,11 @@ +# This constraints file is used to check that lower bounds +# are correct in setup.py +# List all library dependencies and extras in this file. +# Pin the version to the lower bound. +# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", +# Then this file should have google-cloud-foo==1.14.0 +google-api-core==1.34.1 +google-auth==2.14.1 +proto-plus==1.22.3 +protobuf==3.19.5 +grpc-google-iam-v1==0.12.4 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.8.txt b/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.8.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.8.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.9.txt b/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.9.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/testing/constraints-3.9.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/tests/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1/tests/__init__.py new file mode 100644 index 000000000000..7b3de3117f38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/tests/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/tests/unit/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1/tests/unit/__init__.py new file mode 100644 index 000000000000..7b3de3117f38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/tests/unit/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/tests/unit/gapic/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1/tests/unit/gapic/__init__.py new file mode 100644 index 000000000000..7b3de3117f38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/tests/unit/gapic/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/tests/unit/gapic/secretmanager_v1/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1/tests/unit/gapic/secretmanager_v1/__init__.py new file mode 100644 index 000000000000..7b3de3117f38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/tests/unit/gapic/secretmanager_v1/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1/tests/unit/gapic/secretmanager_v1/test_secret_manager_service.py b/owl-bot-staging/google-cloud-secret-manager/v1/tests/unit/gapic/secretmanager_v1/test_secret_manager_service.py new file mode 100644 index 000000000000..bcb95d6a24de --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1/tests/unit/gapic/secretmanager_v1/test_secret_manager_service.py @@ -0,0 +1,10145 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +from collections.abc import Iterable +from google.protobuf import json_format +import json +import math +import pytest +from google.api_core import api_core_version +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers +from requests import Response +from requests import Request, PreparedRequest +from requests.sessions import Session +from google.protobuf import json_format + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.location import locations_pb2 +from google.cloud.secretmanager_v1.services.secret_manager_service import SecretManagerServiceAsyncClient +from google.cloud.secretmanager_v1.services.secret_manager_service import SecretManagerServiceClient +from google.cloud.secretmanager_v1.services.secret_manager_service import pagers +from google.cloud.secretmanager_v1.services.secret_manager_service import transports +from google.cloud.secretmanager_v1.types import resources +from google.cloud.secretmanager_v1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import options_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.oauth2 import service_account +from google.protobuf import duration_pb2 # type: ignore +from google.protobuf import field_mask_pb2 # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore +from google.type import expr_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + +# If default endpoint template is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint template so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint_template(client): + return "test.{UNIVERSE_DOMAIN}" if ("localhost" in client._DEFAULT_ENDPOINT_TEMPLATE) else client._DEFAULT_ENDPOINT_TEMPLATE + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert SecretManagerServiceClient._get_default_mtls_endpoint(None) is None + assert SecretManagerServiceClient._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert SecretManagerServiceClient._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert SecretManagerServiceClient._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert SecretManagerServiceClient._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert SecretManagerServiceClient._get_default_mtls_endpoint(non_googleapi) == non_googleapi + +def test__read_environment_variables(): + assert SecretManagerServiceClient._read_environment_variables() == (False, "auto", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + assert SecretManagerServiceClient._read_environment_variables() == (True, "auto", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "auto", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError) as excinfo: + SecretManagerServiceClient._read_environment_variables() + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`" + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "never", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "always", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "auto", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError) as excinfo: + SecretManagerServiceClient._read_environment_variables() + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`" + + with mock.patch.dict(os.environ, {"GOOGLE_CLOUD_UNIVERSE_DOMAIN": "foo.com"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "auto", "foo.com") + +def test__get_client_cert_source(): + mock_provided_cert_source = mock.Mock() + mock_default_cert_source = mock.Mock() + + assert SecretManagerServiceClient._get_client_cert_source(None, False) is None + assert SecretManagerServiceClient._get_client_cert_source(mock_provided_cert_source, False) is None + assert SecretManagerServiceClient._get_client_cert_source(mock_provided_cert_source, True) == mock_provided_cert_source + + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_default_cert_source): + assert SecretManagerServiceClient._get_client_cert_source(None, True) is mock_default_cert_source + assert SecretManagerServiceClient._get_client_cert_source(mock_provided_cert_source, "true") is mock_provided_cert_source + +@mock.patch.object(SecretManagerServiceClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceAsyncClient)) +def test__get_api_endpoint(): + api_override = "foo.com" + mock_client_cert_source = mock.Mock() + default_universe = SecretManagerServiceClient._DEFAULT_UNIVERSE + default_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=default_universe) + mock_universe = "bar.com" + mock_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=mock_universe) + + assert SecretManagerServiceClient._get_api_endpoint(api_override, mock_client_cert_source, default_universe, "always") == api_override + assert SecretManagerServiceClient._get_api_endpoint(None, mock_client_cert_source, default_universe, "auto") == SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + assert SecretManagerServiceClient._get_api_endpoint(None, None, default_universe, "auto") == default_endpoint + assert SecretManagerServiceClient._get_api_endpoint(None, None, default_universe, "always") == SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + assert SecretManagerServiceClient._get_api_endpoint(None, mock_client_cert_source, default_universe, "always") == SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + assert SecretManagerServiceClient._get_api_endpoint(None, None, mock_universe, "never") == mock_endpoint + assert SecretManagerServiceClient._get_api_endpoint(None, None, default_universe, "never") == default_endpoint + + with pytest.raises(MutualTLSChannelError) as excinfo: + SecretManagerServiceClient._get_api_endpoint(None, mock_client_cert_source, mock_universe, "auto") + assert str(excinfo.value) == "mTLS is not supported in any universe other than googleapis.com." + +def test__get_universe_domain(): + client_universe_domain = "foo.com" + universe_domain_env = "bar.com" + + assert SecretManagerServiceClient._get_universe_domain(client_universe_domain, universe_domain_env) == client_universe_domain + assert SecretManagerServiceClient._get_universe_domain(None, universe_domain_env) == universe_domain_env + assert SecretManagerServiceClient._get_universe_domain(None, None) == SecretManagerServiceClient._DEFAULT_UNIVERSE + + with pytest.raises(ValueError) as excinfo: + SecretManagerServiceClient._get_universe_domain("", None) + assert str(excinfo.value) == "Universe Domain cannot be an empty string." + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest"), +]) +def test__validate_universe_domain(client_class, transport_class, transport_name): + client = client_class( + transport=transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + ) + assert client._validate_universe_domain() == True + + # Test the case when universe is already validated. + assert client._validate_universe_domain() == True + + if transport_name == "grpc": + # Test the case where credentials are provided by the + # `local_channel_credentials`. The default universes in both match. + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + client = client_class(transport=transport_class(channel=channel)) + assert client._validate_universe_domain() == True + + # Test the case where credentials do not exist: e.g. a transport is provided + # with no credentials. Validation should still succeed because there is no + # mismatch with non-existent credentials. + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + transport=transport_class(channel=channel) + transport._credentials = None + client = client_class(transport=transport) + assert client._validate_universe_domain() == True + + # TODO: This is needed to cater for older versions of google-auth + # Make this test unconditional once the minimum supported version of + # google-auth becomes 2.23.0 or higher. + google_auth_major, google_auth_minor = [int(part) for part in google.auth.__version__.split(".")[0:2]] + if google_auth_major > 2 or (google_auth_major == 2 and google_auth_minor >= 23): + credentials = ga_credentials.AnonymousCredentials() + credentials._universe_domain = "foo.com" + # Test the case when there is a universe mismatch from the credentials. + client = client_class( + transport=transport_class(credentials=credentials) + ) + with pytest.raises(ValueError) as excinfo: + client._validate_universe_domain() + assert str(excinfo.value) == "The configured universe domain (googleapis.com) does not match the universe domain found in the credentials (foo.com). If you haven't configured the universe domain explicitly, `googleapis.com` is the default." + + # Test the case when there is a universe mismatch from the client. + # + # TODO: Make this test unconditional once the minimum supported version of + # google-api-core becomes 2.15.0 or higher. + api_core_major, api_core_minor = [int(part) for part in api_core_version.__version__.split(".")[0:2]] + if api_core_major > 2 or (api_core_major == 2 and api_core_minor >= 15): + client = client_class(client_options={"universe_domain": "bar.com"}, transport=transport_class(credentials=ga_credentials.AnonymousCredentials(),)) + with pytest.raises(ValueError) as excinfo: + client._validate_universe_domain() + assert str(excinfo.value) == "The configured universe domain (bar.com) does not match the universe domain found in the credentials (googleapis.com). If you haven't configured the universe domain explicitly, `googleapis.com` is the default." + + # Test that ValueError is raised if universe_domain is provided via client options and credentials is None + with pytest.raises(ValueError): + client._compare_universes("foo.bar", None) + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SecretManagerServiceClient, "grpc"), + (SecretManagerServiceAsyncClient, "grpc_asyncio"), + (SecretManagerServiceClient, "rest"), +]) +def test_secret_manager_service_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'secretmanager.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else + 'https://secretmanager.googleapis.com' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.SecretManagerServiceGrpcTransport, "grpc"), + (transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (transports.SecretManagerServiceRestTransport, "rest"), +]) +def test_secret_manager_service_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SecretManagerServiceClient, "grpc"), + (SecretManagerServiceAsyncClient, "grpc_asyncio"), + (SecretManagerServiceClient, "rest"), +]) +def test_secret_manager_service_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'secretmanager.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else + 'https://secretmanager.googleapis.com' + ) + + +def test_secret_manager_service_client_get_transport_class(): + transport = SecretManagerServiceClient.get_transport_class() + available_transports = [ + transports.SecretManagerServiceGrpcTransport, + transports.SecretManagerServiceRestTransport, + ] + assert transport in available_transports + + transport = SecretManagerServiceClient.get_transport_class("grpc") + assert transport == transports.SecretManagerServiceGrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc"), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest"), +]) +@mock.patch.object(SecretManagerServiceClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceAsyncClient)) +def test_secret_manager_service_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(SecretManagerServiceClient, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(SecretManagerServiceClient, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError) as excinfo: + client = client_class(transport=transport_name) + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`" + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError) as excinfo: + client = client_class(transport=transport_name) + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`" + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc", "true"), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio", "true"), + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc", "false"), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio", "false"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest", "true"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest", "false"), +]) +@mock.patch.object(SecretManagerServiceClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceAsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_secret_manager_service_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE) + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE) + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + SecretManagerServiceClient, SecretManagerServiceAsyncClient +]) +@mock.patch.object(SecretManagerServiceClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SecretManagerServiceAsyncClient)) +def test_secret_manager_service_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError) as excinfo: + client_class.get_mtls_endpoint_and_cert_source() + + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`" + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError) as excinfo: + client_class.get_mtls_endpoint_and_cert_source() + + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`" + +@pytest.mark.parametrize("client_class", [ + SecretManagerServiceClient, SecretManagerServiceAsyncClient +]) +@mock.patch.object(SecretManagerServiceClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceAsyncClient)) +def test_secret_manager_service_client_client_api_endpoint(client_class): + mock_client_cert_source = client_cert_source_callback + api_override = "foo.com" + default_universe = SecretManagerServiceClient._DEFAULT_UNIVERSE + default_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=default_universe) + mock_universe = "bar.com" + mock_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=mock_universe) + + # If ClientOptions.api_endpoint is set and GOOGLE_API_USE_CLIENT_CERTIFICATE="true", + # use ClientOptions.api_endpoint as the api endpoint regardless. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch("google.auth.transport.requests.AuthorizedSession.configure_mtls_channel"): + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=api_override) + client = client_class(client_options=options, credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == api_override + + # If ClientOptions.api_endpoint is not set and GOOGLE_API_USE_MTLS_ENDPOINT="never", + # use the _DEFAULT_ENDPOINT_TEMPLATE populated with GDU as the api endpoint. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + client = client_class(credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == default_endpoint + + # If ClientOptions.api_endpoint is not set and GOOGLE_API_USE_MTLS_ENDPOINT="always", + # use the DEFAULT_MTLS_ENDPOINT as the api endpoint. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + client = client_class(credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + + # If ClientOptions.api_endpoint is not set, GOOGLE_API_USE_MTLS_ENDPOINT="auto" (default), + # GOOGLE_API_USE_CLIENT_CERTIFICATE="false" (default), default cert source doesn't exist, + # and ClientOptions.universe_domain="bar.com", + # use the _DEFAULT_ENDPOINT_TEMPLATE populated with universe domain as the api endpoint. + options = client_options.ClientOptions() + universe_exists = hasattr(options, "universe_domain") + if universe_exists: + options = client_options.ClientOptions(universe_domain=mock_universe) + client = client_class(client_options=options, credentials=ga_credentials.AnonymousCredentials()) + else: + client = client_class(client_options=options, credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == (mock_endpoint if universe_exists else default_endpoint) + assert client.universe_domain == (mock_universe if universe_exists else default_universe) + + # If ClientOptions does not have a universe domain attribute and GOOGLE_API_USE_MTLS_ENDPOINT="never", + # use the _DEFAULT_ENDPOINT_TEMPLATE populated with GDU as the api endpoint. + options = client_options.ClientOptions() + if hasattr(options, "universe_domain"): + delattr(options, "universe_domain") + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + client = client_class(client_options=options, credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == default_endpoint + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc"), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest"), +]) +def test_secret_manager_service_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc", grpc_helpers), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest", None), +]) +def test_secret_manager_service_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_secret_manager_service_client_client_options_from_dict(): + with mock.patch('google.cloud.secretmanager_v1.services.secret_manager_service.transports.SecretManagerServiceGrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = SecretManagerServiceClient( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc", grpc_helpers), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_secret_manager_service_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "secretmanager.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="secretmanager.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListSecretsRequest, + dict, +]) +def test_list_secrets(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretsResponse( + next_page_token='next_page_token_value', + total_size=1086, + ) + response = client.list_secrets(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.ListSecretsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretsPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +def test_list_secrets_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + client.list_secrets() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretsRequest() + + +def test_list_secrets_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.ListSecretsRequest( + parent='parent_value', + page_token='page_token_value', + filter='filter_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + client.list_secrets(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretsRequest( + parent='parent_value', + page_token='page_token_value', + filter='filter_value', + ) + +@pytest.mark.asyncio +async def test_list_secrets_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretsResponse( + next_page_token='next_page_token_value', + total_size=1086, + )) + response = await client.list_secrets() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretsRequest() + +@pytest.mark.asyncio +async def test_list_secrets_async(transport: str = 'grpc_asyncio', request_type=service.ListSecretsRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretsResponse( + next_page_token='next_page_token_value', + total_size=1086, + )) + response = await client.list_secrets(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.ListSecretsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +@pytest.mark.asyncio +async def test_list_secrets_async_from_dict(): + await test_list_secrets_async(request_type=dict) + + +def test_list_secrets_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListSecretsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + call.return_value = service.ListSecretsResponse() + client.list_secrets(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_secrets_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListSecretsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretsResponse()) + await client.list_secrets(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_secrets_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_secrets( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_secrets_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_secrets( + service.ListSecretsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_secrets_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_secrets( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_secrets_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_secrets( + service.ListSecretsRequest(), + parent='parent_value', + ) + + +def test_list_secrets_pager(transport_name: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_secrets(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Secret) + for i in results) +def test_list_secrets_pages(transport_name: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + RuntimeError, + ) + pages = list(client.list_secrets(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_secrets_async_pager(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_secrets(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.Secret) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_secrets_async_pages(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + RuntimeError, + ) + pages = [] + # Workaround issue in python 3.9 related to code coverage by adding `# pragma: no branch` + # See https://github.com/googleapis/gapic-generator-python/pull/1174#issuecomment-1025132372 + async for page_ in ( # pragma: no branch + await client.list_secrets(request={}) + ).pages: + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.CreateSecretRequest, + dict, +]) +def test_create_secret(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret( + name='name_value', + etag='etag_value', + ) + response = client.create_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.CreateSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +def test_create_secret_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + client.create_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateSecretRequest() + + +def test_create_secret_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.CreateSecretRequest( + parent='parent_value', + secret_id='secret_id_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + client.create_secret(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateSecretRequest( + parent='parent_value', + secret_id='secret_id_value', + ) + +@pytest.mark.asyncio +async def test_create_secret_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + etag='etag_value', + )) + response = await client.create_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateSecretRequest() + +@pytest.mark.asyncio +async def test_create_secret_async(transport: str = 'grpc_asyncio', request_type=service.CreateSecretRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + etag='etag_value', + )) + response = await client.create_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.CreateSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +@pytest.mark.asyncio +async def test_create_secret_async_from_dict(): + await test_create_secret_async(request_type=dict) + + +def test_create_secret_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateSecretRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + call.return_value = resources.Secret() + client.create_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_create_secret_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateSecretRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + await client.create_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_create_secret_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.create_secret( + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].secret_id + mock_val = 'secret_id_value' + assert arg == mock_val + arg = args[0].secret + mock_val = resources.Secret(name='name_value') + assert arg == mock_val + + +def test_create_secret_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_secret( + service.CreateSecretRequest(), + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_create_secret_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.create_secret( + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].secret_id + mock_val = 'secret_id_value' + assert arg == mock_val + arg = args[0].secret + mock_val = resources.Secret(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_create_secret_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.create_secret( + service.CreateSecretRequest(), + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.AddSecretVersionRequest, + dict, +]) +def test_add_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + response = client.add_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.AddSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_add_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + client.add_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AddSecretVersionRequest() + + +def test_add_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.AddSecretVersionRequest( + parent='parent_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + client.add_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AddSecretVersionRequest( + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_add_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.add_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AddSecretVersionRequest() + +@pytest.mark.asyncio +async def test_add_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.AddSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.add_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.AddSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +@pytest.mark.asyncio +async def test_add_secret_version_async_from_dict(): + await test_add_secret_version_async(request_type=dict) + + +def test_add_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.AddSecretVersionRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.add_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_add_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.AddSecretVersionRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.add_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_add_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.add_secret_version( + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].payload + mock_val = resources.SecretPayload(data=b'data_blob') + assert arg == mock_val + + +def test_add_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.add_secret_version( + service.AddSecretVersionRequest(), + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + +@pytest.mark.asyncio +async def test_add_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.add_secret_version( + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].payload + mock_val = resources.SecretPayload(data=b'data_blob') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_add_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.add_secret_version( + service.AddSecretVersionRequest(), + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSecretRequest, + dict, +]) +def test_get_secret(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret( + name='name_value', + etag='etag_value', + ) + response = client.get_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.GetSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +def test_get_secret_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + client.get_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretRequest() + + +def test_get_secret_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.GetSecretRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + client.get_secret(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_secret_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + etag='etag_value', + )) + response = await client.get_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretRequest() + +@pytest.mark.asyncio +async def test_get_secret_async(transport: str = 'grpc_asyncio', request_type=service.GetSecretRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + etag='etag_value', + )) + response = await client.get_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.GetSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +@pytest.mark.asyncio +async def test_get_secret_async_from_dict(): + await test_get_secret_async(request_type=dict) + + +def test_get_secret_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSecretRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + call.return_value = resources.Secret() + client.get_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_secret_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSecretRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + await client.get_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_secret_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_secret( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_secret_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_secret( + service.GetSecretRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_secret_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_secret( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_secret_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_secret( + service.GetSecretRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateSecretRequest, + dict, +]) +def test_update_secret(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret( + name='name_value', + etag='etag_value', + ) + response = client.update_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.UpdateSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +def test_update_secret_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + client.update_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateSecretRequest() + + +def test_update_secret_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.UpdateSecretRequest( + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + client.update_secret(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateSecretRequest( + ) + +@pytest.mark.asyncio +async def test_update_secret_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + etag='etag_value', + )) + response = await client.update_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateSecretRequest() + +@pytest.mark.asyncio +async def test_update_secret_async(transport: str = 'grpc_asyncio', request_type=service.UpdateSecretRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + etag='etag_value', + )) + response = await client.update_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.UpdateSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +@pytest.mark.asyncio +async def test_update_secret_async_from_dict(): + await test_update_secret_async(request_type=dict) + + +def test_update_secret_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateSecretRequest() + + request.secret.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + call.return_value = resources.Secret() + client.update_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'secret.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_secret_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateSecretRequest() + + request.secret.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + await client.update_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'secret.name=name_value', + ) in kw['metadata'] + + +def test_update_secret_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_secret( + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].secret + mock_val = resources.Secret(name='name_value') + assert arg == mock_val + arg = args[0].update_mask + mock_val = field_mask_pb2.FieldMask(paths=['paths_value']) + assert arg == mock_val + + +def test_update_secret_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_secret( + service.UpdateSecretRequest(), + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + +@pytest.mark.asyncio +async def test_update_secret_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_secret( + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].secret + mock_val = resources.Secret(name='name_value') + assert arg == mock_val + arg = args[0].update_mask + mock_val = field_mask_pb2.FieldMask(paths=['paths_value']) + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_secret_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_secret( + service.UpdateSecretRequest(), + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + + +@pytest.mark.parametrize("request_type", [ + service.DeleteSecretRequest, + dict, +]) +def test_delete_secret(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + response = client.delete_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.DeleteSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_secret_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + client.delete_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteSecretRequest() + + +def test_delete_secret_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.DeleteSecretRequest( + name='name_value', + etag='etag_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + client.delete_secret(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteSecretRequest( + name='name_value', + etag='etag_value', + ) + +@pytest.mark.asyncio +async def test_delete_secret_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteSecretRequest() + +@pytest.mark.asyncio +async def test_delete_secret_async(transport: str = 'grpc_asyncio', request_type=service.DeleteSecretRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.DeleteSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert response is None + + +@pytest.mark.asyncio +async def test_delete_secret_async_from_dict(): + await test_delete_secret_async(request_type=dict) + + +def test_delete_secret_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteSecretRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + call.return_value = None + client.delete_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_delete_secret_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteSecretRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + await client.delete_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_delete_secret_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.delete_secret( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_delete_secret_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_secret( + service.DeleteSecretRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_delete_secret_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.delete_secret( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_delete_secret_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.delete_secret( + service.DeleteSecretRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListSecretVersionsRequest, + dict, +]) +def test_list_secret_versions(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretVersionsResponse( + next_page_token='next_page_token_value', + total_size=1086, + ) + response = client.list_secret_versions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.ListSecretVersionsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretVersionsPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +def test_list_secret_versions_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + client.list_secret_versions() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretVersionsRequest() + + +def test_list_secret_versions_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.ListSecretVersionsRequest( + parent='parent_value', + page_token='page_token_value', + filter='filter_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + client.list_secret_versions(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretVersionsRequest( + parent='parent_value', + page_token='page_token_value', + filter='filter_value', + ) + +@pytest.mark.asyncio +async def test_list_secret_versions_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretVersionsResponse( + next_page_token='next_page_token_value', + total_size=1086, + )) + response = await client.list_secret_versions() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretVersionsRequest() + +@pytest.mark.asyncio +async def test_list_secret_versions_async(transport: str = 'grpc_asyncio', request_type=service.ListSecretVersionsRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretVersionsResponse( + next_page_token='next_page_token_value', + total_size=1086, + )) + response = await client.list_secret_versions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.ListSecretVersionsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretVersionsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +@pytest.mark.asyncio +async def test_list_secret_versions_async_from_dict(): + await test_list_secret_versions_async(request_type=dict) + + +def test_list_secret_versions_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListSecretVersionsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + call.return_value = service.ListSecretVersionsResponse() + client.list_secret_versions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_secret_versions_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListSecretVersionsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretVersionsResponse()) + await client.list_secret_versions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_secret_versions_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretVersionsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_secret_versions( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_secret_versions_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_secret_versions( + service.ListSecretVersionsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_secret_versions_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretVersionsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretVersionsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_secret_versions( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_secret_versions_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_secret_versions( + service.ListSecretVersionsRequest(), + parent='parent_value', + ) + + +def test_list_secret_versions_pager(transport_name: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_secret_versions(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.SecretVersion) + for i in results) +def test_list_secret_versions_pages(transport_name: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + RuntimeError, + ) + pages = list(client.list_secret_versions(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_secret_versions_async_pager(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_secret_versions(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.SecretVersion) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_secret_versions_async_pages(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + RuntimeError, + ) + pages = [] + # Workaround issue in python 3.9 related to code coverage by adding `# pragma: no branch` + # See https://github.com/googleapis/gapic-generator-python/pull/1174#issuecomment-1025132372 + async for page_ in ( # pragma: no branch + await client.list_secret_versions(request={}) + ).pages: + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.GetSecretVersionRequest, + dict, +]) +def test_get_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + response = client.get_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.GetSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_get_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + client.get_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretVersionRequest() + + +def test_get_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.GetSecretVersionRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + client.get_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretVersionRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.get_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretVersionRequest() + +@pytest.mark.asyncio +async def test_get_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.GetSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.get_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.GetSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +@pytest.mark.asyncio +async def test_get_secret_version_async_from_dict(): + await test_get_secret_version_async(request_type=dict) + + +def test_get_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.get_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.get_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_secret_version( + service.GetSecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_secret_version( + service.GetSecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.AccessSecretVersionRequest, + dict, +]) +def test_access_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.AccessSecretVersionResponse( + name='name_value', + ) + response = client.access_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.AccessSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, service.AccessSecretVersionResponse) + assert response.name == 'name_value' + + +def test_access_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + client.access_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AccessSecretVersionRequest() + + +def test_access_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.AccessSecretVersionRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + client.access_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AccessSecretVersionRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_access_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.AccessSecretVersionResponse( + name='name_value', + )) + response = await client.access_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AccessSecretVersionRequest() + +@pytest.mark.asyncio +async def test_access_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.AccessSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.AccessSecretVersionResponse( + name='name_value', + )) + response = await client.access_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.AccessSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, service.AccessSecretVersionResponse) + assert response.name == 'name_value' + + +@pytest.mark.asyncio +async def test_access_secret_version_async_from_dict(): + await test_access_secret_version_async(request_type=dict) + + +def test_access_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.AccessSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + call.return_value = service.AccessSecretVersionResponse() + client.access_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_access_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.AccessSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.AccessSecretVersionResponse()) + await client.access_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_access_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.AccessSecretVersionResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.access_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_access_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.access_secret_version( + service.AccessSecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_access_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.AccessSecretVersionResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.AccessSecretVersionResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.access_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_access_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.access_secret_version( + service.AccessSecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.DisableSecretVersionRequest, + dict, +]) +def test_disable_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + response = client.disable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.DisableSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_disable_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + client.disable_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DisableSecretVersionRequest() + + +def test_disable_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.DisableSecretVersionRequest( + name='name_value', + etag='etag_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + client.disable_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DisableSecretVersionRequest( + name='name_value', + etag='etag_value', + ) + +@pytest.mark.asyncio +async def test_disable_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.disable_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DisableSecretVersionRequest() + +@pytest.mark.asyncio +async def test_disable_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.DisableSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.disable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.DisableSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +@pytest.mark.asyncio +async def test_disable_secret_version_async_from_dict(): + await test_disable_secret_version_async(request_type=dict) + + +def test_disable_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DisableSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.disable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_disable_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DisableSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.disable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_disable_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.disable_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_disable_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.disable_secret_version( + service.DisableSecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_disable_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.disable_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_disable_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.disable_secret_version( + service.DisableSecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.EnableSecretVersionRequest, + dict, +]) +def test_enable_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + response = client.enable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.EnableSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_enable_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + client.enable_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.EnableSecretVersionRequest() + + +def test_enable_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.EnableSecretVersionRequest( + name='name_value', + etag='etag_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + client.enable_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.EnableSecretVersionRequest( + name='name_value', + etag='etag_value', + ) + +@pytest.mark.asyncio +async def test_enable_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.enable_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.EnableSecretVersionRequest() + +@pytest.mark.asyncio +async def test_enable_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.EnableSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.enable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.EnableSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +@pytest.mark.asyncio +async def test_enable_secret_version_async_from_dict(): + await test_enable_secret_version_async(request_type=dict) + + +def test_enable_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.EnableSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.enable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_enable_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.EnableSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.enable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_enable_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.enable_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_enable_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.enable_secret_version( + service.EnableSecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_enable_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.enable_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_enable_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.enable_secret_version( + service.EnableSecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.DestroySecretVersionRequest, + dict, +]) +def test_destroy_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + response = client.destroy_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.DestroySecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_destroy_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + client.destroy_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DestroySecretVersionRequest() + + +def test_destroy_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.DestroySecretVersionRequest( + name='name_value', + etag='etag_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + client.destroy_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DestroySecretVersionRequest( + name='name_value', + etag='etag_value', + ) + +@pytest.mark.asyncio +async def test_destroy_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.destroy_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DestroySecretVersionRequest() + +@pytest.mark.asyncio +async def test_destroy_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.DestroySecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.destroy_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.DestroySecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +@pytest.mark.asyncio +async def test_destroy_secret_version_async_from_dict(): + await test_destroy_secret_version_async(request_type=dict) + + +def test_destroy_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DestroySecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.destroy_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_destroy_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DestroySecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.destroy_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_destroy_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.destroy_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_destroy_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.destroy_secret_version( + service.DestroySecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_destroy_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.destroy_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_destroy_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.destroy_secret_version( + service.DestroySecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.SetIamPolicyRequest, + dict, +]) +def test_set_iam_policy(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = policy_pb2.Policy( + version=774, + etag=b'etag_blob', + ) + response = client.set_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.SetIamPolicyRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +def test_set_iam_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + client.set_iam_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.SetIamPolicyRequest() + + +def test_set_iam_policy_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = iam_policy_pb2.SetIamPolicyRequest( + resource='resource_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + client.set_iam_policy(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.SetIamPolicyRequest( + resource='resource_value', + ) + +@pytest.mark.asyncio +async def test_set_iam_policy_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy( + version=774, + etag=b'etag_blob', + )) + response = await client.set_iam_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.SetIamPolicyRequest() + +@pytest.mark.asyncio +async def test_set_iam_policy_async(transport: str = 'grpc_asyncio', request_type=iam_policy_pb2.SetIamPolicyRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy( + version=774, + etag=b'etag_blob', + )) + response = await client.set_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.SetIamPolicyRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +@pytest.mark.asyncio +async def test_set_iam_policy_async_from_dict(): + await test_set_iam_policy_async(request_type=dict) + + +def test_set_iam_policy_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.SetIamPolicyRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + call.return_value = policy_pb2.Policy() + client.set_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_set_iam_policy_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.SetIamPolicyRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy()) + await client.set_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + +def test_set_iam_policy_from_dict_foreign(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = policy_pb2.Policy() + response = client.set_iam_policy(request={ + 'resource': 'resource_value', + 'policy': policy_pb2.Policy(version=774), + 'update_mask': field_mask_pb2.FieldMask(paths=['paths_value']), + } + ) + call.assert_called() + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.GetIamPolicyRequest, + dict, +]) +def test_get_iam_policy(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = policy_pb2.Policy( + version=774, + etag=b'etag_blob', + ) + response = client.get_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.GetIamPolicyRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +def test_get_iam_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + client.get_iam_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.GetIamPolicyRequest() + + +def test_get_iam_policy_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = iam_policy_pb2.GetIamPolicyRequest( + resource='resource_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + client.get_iam_policy(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.GetIamPolicyRequest( + resource='resource_value', + ) + +@pytest.mark.asyncio +async def test_get_iam_policy_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy( + version=774, + etag=b'etag_blob', + )) + response = await client.get_iam_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.GetIamPolicyRequest() + +@pytest.mark.asyncio +async def test_get_iam_policy_async(transport: str = 'grpc_asyncio', request_type=iam_policy_pb2.GetIamPolicyRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy( + version=774, + etag=b'etag_blob', + )) + response = await client.get_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.GetIamPolicyRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +@pytest.mark.asyncio +async def test_get_iam_policy_async_from_dict(): + await test_get_iam_policy_async(request_type=dict) + + +def test_get_iam_policy_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.GetIamPolicyRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + call.return_value = policy_pb2.Policy() + client.get_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_iam_policy_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.GetIamPolicyRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy()) + await client.get_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + +def test_get_iam_policy_from_dict_foreign(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = policy_pb2.Policy() + response = client.get_iam_policy(request={ + 'resource': 'resource_value', + 'options': options_pb2.GetPolicyOptions(requested_policy_version=2598), + } + ) + call.assert_called() + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.TestIamPermissionsRequest, + dict, +]) +def test_test_iam_permissions(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = iam_policy_pb2.TestIamPermissionsResponse( + permissions=['permissions_value'], + ) + response = client.test_iam_permissions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.TestIamPermissionsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, iam_policy_pb2.TestIamPermissionsResponse) + assert response.permissions == ['permissions_value'] + + +def test_test_iam_permissions_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + client.test_iam_permissions() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.TestIamPermissionsRequest() + + +def test_test_iam_permissions_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = iam_policy_pb2.TestIamPermissionsRequest( + resource='resource_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + client.test_iam_permissions(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.TestIamPermissionsRequest( + resource='resource_value', + ) + +@pytest.mark.asyncio +async def test_test_iam_permissions_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(iam_policy_pb2.TestIamPermissionsResponse( + permissions=['permissions_value'], + )) + response = await client.test_iam_permissions() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.TestIamPermissionsRequest() + +@pytest.mark.asyncio +async def test_test_iam_permissions_async(transport: str = 'grpc_asyncio', request_type=iam_policy_pb2.TestIamPermissionsRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(iam_policy_pb2.TestIamPermissionsResponse( + permissions=['permissions_value'], + )) + response = await client.test_iam_permissions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.TestIamPermissionsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, iam_policy_pb2.TestIamPermissionsResponse) + assert response.permissions == ['permissions_value'] + + +@pytest.mark.asyncio +async def test_test_iam_permissions_async_from_dict(): + await test_test_iam_permissions_async(request_type=dict) + + +def test_test_iam_permissions_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.TestIamPermissionsRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + call.return_value = iam_policy_pb2.TestIamPermissionsResponse() + client.test_iam_permissions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_test_iam_permissions_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.TestIamPermissionsRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(iam_policy_pb2.TestIamPermissionsResponse()) + await client.test_iam_permissions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + +def test_test_iam_permissions_from_dict_foreign(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = iam_policy_pb2.TestIamPermissionsResponse() + response = client.test_iam_permissions(request={ + 'resource': 'resource_value', + 'permissions': ['permissions_value'], + } + ) + call.assert_called() + + +@pytest.mark.parametrize("request_type", [ + service.ListSecretsRequest, + dict, +]) +def test_list_secrets_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.ListSecretsResponse( + next_page_token='next_page_token_value', + total_size=1086, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.ListSecretsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.list_secrets(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretsPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +def test_list_secrets_rest_required_fields(request_type=service.ListSecretsRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_secrets._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["parent"] = 'parent_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_secrets._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("filter", "page_size", "page_token", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = service.ListSecretsResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = service.ListSecretsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.list_secrets(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_list_secrets_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.list_secrets._get_unset_required_fields({}) + assert set(unset_fields) == (set(("filter", "pageSize", "pageToken", )) & set(("parent", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_list_secrets_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_list_secrets") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_list_secrets") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.ListSecretsRequest.pb(service.ListSecretsRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = service.ListSecretsResponse.to_json(service.ListSecretsResponse()) + + request = service.ListSecretsRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = service.ListSecretsResponse() + + client.list_secrets(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_list_secrets_rest_bad_request(transport: str = 'rest', request_type=service.ListSecretsRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.list_secrets(request) + + +def test_list_secrets_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.ListSecretsResponse() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.ListSecretsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.list_secrets(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{parent=projects/*}/secrets" % client.transport._host, args[1]) + + +def test_list_secrets_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_secrets( + service.ListSecretsRequest(), + parent='parent_value', + ) + + +def test_list_secrets_rest_pager(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # TODO(kbandes): remove this mock unless there's a good reason for it. + #with mock.patch.object(path_template, 'transcode') as transcode: + # Set the response as a series of pages + response = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + ) + # Two responses for two calls + response = response + response + + # Wrap the values into proper Response objs + response = tuple(service.ListSecretsResponse.to_json(x) for x in response) + return_values = tuple(Response() for i in response) + for return_val, response_val in zip(return_values, response): + return_val._content = response_val.encode('UTF-8') + return_val.status_code = 200 + req.side_effect = return_values + + sample_request = {'parent': 'projects/sample1'} + + pager = client.list_secrets(request=sample_request) + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Secret) + for i in results) + + pages = list(client.list_secrets(request=sample_request).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + + +@pytest.mark.parametrize("request_type", [ + service.CreateSecretRequest, + dict, +]) +def test_create_secret_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request_init["secret"] = {'name': 'name_value', 'replication': {'automatic': {'customer_managed_encryption': {'kms_key_name': 'kms_key_name_value'}}, 'user_managed': {'replicas': [{'location': 'location_value', 'customer_managed_encryption': {}}]}}, 'create_time': {'seconds': 751, 'nanos': 543}, 'labels': {}, 'topics': [{'name': 'name_value'}], 'expire_time': {}, 'ttl': {'seconds': 751, 'nanos': 543}, 'etag': 'etag_value', 'rotation': {'next_rotation_time': {}, 'rotation_period': {}}, 'version_aliases': {}, 'annotations': {}, 'version_destroy_ttl': {}, 'customer_managed_encryption': {}} + # The version of a generated dependency at test runtime may differ from the version used during generation. + # Delete any fields which are not present in the current runtime dependency + # See https://github.com/googleapis/gapic-generator-python/issues/1748 + + # Determine if the message type is proto-plus or protobuf + test_field = service.CreateSecretRequest.meta.fields["secret"] + + def get_message_fields(field): + # Given a field which is a message (composite type), return a list with + # all the fields of the message. + # If the field is not a composite type, return an empty list. + message_fields = [] + + if hasattr(field, "message") and field.message: + is_field_type_proto_plus_type = not hasattr(field.message, "DESCRIPTOR") + + if is_field_type_proto_plus_type: + message_fields = field.message.meta.fields.values() + # Add `# pragma: NO COVER` because there may not be any `*_pb2` field types + else: # pragma: NO COVER + message_fields = field.message.DESCRIPTOR.fields + return message_fields + + runtime_nested_fields = [ + (field.name, nested_field.name) + for field in get_message_fields(test_field) + for nested_field in get_message_fields(field) + ] + + subfields_not_in_runtime = [] + + # For each item in the sample request, create a list of sub fields which are not present at runtime + # Add `# pragma: NO COVER` because this test code will not run if all subfields are present at runtime + for field, value in request_init["secret"].items(): # pragma: NO COVER + result = None + is_repeated = False + # For repeated fields + if isinstance(value, list) and len(value): + is_repeated = True + result = value[0] + # For fields where the type is another message + if isinstance(value, dict): + result = value + + if result and hasattr(result, "keys"): + for subfield in result.keys(): + if (field, subfield) not in runtime_nested_fields: + subfields_not_in_runtime.append( + {"field": field, "subfield": subfield, "is_repeated": is_repeated} + ) + + # Remove fields from the sample request which are not present in the runtime version of the dependency + # Add `# pragma: NO COVER` because this test code will not run if all subfields are present at runtime + for subfield_to_delete in subfields_not_in_runtime: # pragma: NO COVER + field = subfield_to_delete.get("field") + field_repeated = subfield_to_delete.get("is_repeated") + subfield = subfield_to_delete.get("subfield") + if subfield: + if field_repeated: + for i in range(0, len(request_init["secret"][field])): + del request_init["secret"][field][i][subfield] + else: + del request_init["secret"][field][subfield] + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret( + name='name_value', + etag='etag_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.create_secret(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +def test_create_secret_rest_required_fields(request_type=service.CreateSecretRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request_init["secret_id"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + assert "secretId" not in jsonified_request + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).create_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + assert "secretId" in jsonified_request + assert jsonified_request["secretId"] == request_init["secret_id"] + + jsonified_request["parent"] = 'parent_value' + jsonified_request["secretId"] = 'secret_id_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).create_secret._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("secret_id", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + assert "secretId" in jsonified_request + assert jsonified_request["secretId"] == 'secret_id_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.create_secret(request) + + expected_params = [ + ( + "secretId", + "", + ), + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_create_secret_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.create_secret._get_unset_required_fields({}) + assert set(unset_fields) == (set(("secretId", )) & set(("parent", "secretId", "secret", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_create_secret_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_create_secret") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_create_secret") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.CreateSecretRequest.pb(service.CreateSecretRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.Secret.to_json(resources.Secret()) + + request = service.CreateSecretRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.Secret() + + client.create_secret(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_create_secret_rest_bad_request(transport: str = 'rest', request_type=service.CreateSecretRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.create_secret(request) + + +def test_create_secret_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.create_secret(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{parent=projects/*}/secrets" % client.transport._host, args[1]) + + +def test_create_secret_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_secret( + service.CreateSecretRequest(), + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + + +def test_create_secret_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.AddSecretVersionRequest, + dict, +]) +def test_add_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.add_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_add_secret_version_rest_required_fields(request_type=service.AddSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).add_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["parent"] = 'parent_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).add_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.add_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_add_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.add_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("parent", "payload", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_add_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_add_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_add_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.AddSecretVersionRequest.pb(service.AddSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.AddSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.add_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_add_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.AddSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.add_secret_version(request) + + +def test_add_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1/secrets/sample2'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.add_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{parent=projects/*/secrets/*}:addVersion" % client.transport._host, args[1]) + + +def test_add_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.add_secret_version( + service.AddSecretVersionRequest(), + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + + +def test_add_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSecretRequest, + dict, +]) +def test_get_secret_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret( + name='name_value', + etag='etag_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.get_secret(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +def test_get_secret_rest_required_fields(request_type=service.GetSecretRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.get_secret(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_get_secret_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.get_secret._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_get_secret_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_get_secret") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_get_secret") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.GetSecretRequest.pb(service.GetSecretRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.Secret.to_json(resources.Secret()) + + request = service.GetSecretRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.Secret() + + client.get_secret(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_get_secret_rest_bad_request(transport: str = 'rest', request_type=service.GetSecretRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.get_secret(request) + + +def test_get_secret_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.get_secret(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{name=projects/*/secrets/*}" % client.transport._host, args[1]) + + +def test_get_secret_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_secret( + service.GetSecretRequest(), + name='name_value', + ) + + +def test_get_secret_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateSecretRequest, + dict, +]) +def test_update_secret_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'secret': {'name': 'projects/sample1/secrets/sample2'}} + request_init["secret"] = {'name': 'projects/sample1/secrets/sample2', 'replication': {'automatic': {'customer_managed_encryption': {'kms_key_name': 'kms_key_name_value'}}, 'user_managed': {'replicas': [{'location': 'location_value', 'customer_managed_encryption': {}}]}}, 'create_time': {'seconds': 751, 'nanos': 543}, 'labels': {}, 'topics': [{'name': 'name_value'}], 'expire_time': {}, 'ttl': {'seconds': 751, 'nanos': 543}, 'etag': 'etag_value', 'rotation': {'next_rotation_time': {}, 'rotation_period': {}}, 'version_aliases': {}, 'annotations': {}, 'version_destroy_ttl': {}, 'customer_managed_encryption': {}} + # The version of a generated dependency at test runtime may differ from the version used during generation. + # Delete any fields which are not present in the current runtime dependency + # See https://github.com/googleapis/gapic-generator-python/issues/1748 + + # Determine if the message type is proto-plus or protobuf + test_field = service.UpdateSecretRequest.meta.fields["secret"] + + def get_message_fields(field): + # Given a field which is a message (composite type), return a list with + # all the fields of the message. + # If the field is not a composite type, return an empty list. + message_fields = [] + + if hasattr(field, "message") and field.message: + is_field_type_proto_plus_type = not hasattr(field.message, "DESCRIPTOR") + + if is_field_type_proto_plus_type: + message_fields = field.message.meta.fields.values() + # Add `# pragma: NO COVER` because there may not be any `*_pb2` field types + else: # pragma: NO COVER + message_fields = field.message.DESCRIPTOR.fields + return message_fields + + runtime_nested_fields = [ + (field.name, nested_field.name) + for field in get_message_fields(test_field) + for nested_field in get_message_fields(field) + ] + + subfields_not_in_runtime = [] + + # For each item in the sample request, create a list of sub fields which are not present at runtime + # Add `# pragma: NO COVER` because this test code will not run if all subfields are present at runtime + for field, value in request_init["secret"].items(): # pragma: NO COVER + result = None + is_repeated = False + # For repeated fields + if isinstance(value, list) and len(value): + is_repeated = True + result = value[0] + # For fields where the type is another message + if isinstance(value, dict): + result = value + + if result and hasattr(result, "keys"): + for subfield in result.keys(): + if (field, subfield) not in runtime_nested_fields: + subfields_not_in_runtime.append( + {"field": field, "subfield": subfield, "is_repeated": is_repeated} + ) + + # Remove fields from the sample request which are not present in the runtime version of the dependency + # Add `# pragma: NO COVER` because this test code will not run if all subfields are present at runtime + for subfield_to_delete in subfields_not_in_runtime: # pragma: NO COVER + field = subfield_to_delete.get("field") + field_repeated = subfield_to_delete.get("is_repeated") + subfield = subfield_to_delete.get("subfield") + if subfield: + if field_repeated: + for i in range(0, len(request_init["secret"][field])): + del request_init["secret"][field][i][subfield] + else: + del request_init["secret"][field][subfield] + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret( + name='name_value', + etag='etag_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.update_secret(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +def test_update_secret_rest_required_fields(request_type=service.UpdateSecretRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).update_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).update_secret._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("update_mask", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "patch", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.update_secret(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_update_secret_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.update_secret._get_unset_required_fields({}) + assert set(unset_fields) == (set(("updateMask", )) & set(("secret", "updateMask", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_update_secret_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_update_secret") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_update_secret") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.UpdateSecretRequest.pb(service.UpdateSecretRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.Secret.to_json(resources.Secret()) + + request = service.UpdateSecretRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.Secret() + + client.update_secret(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_update_secret_rest_bad_request(transport: str = 'rest', request_type=service.UpdateSecretRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'secret': {'name': 'projects/sample1/secrets/sample2'}} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.update_secret(request) + + +def test_update_secret_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + + # get arguments that satisfy an http rule for this method + sample_request = {'secret': {'name': 'projects/sample1/secrets/sample2'}} + + # get truthy value for each flattened field + mock_args = dict( + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.update_secret(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{secret.name=projects/*/secrets/*}" % client.transport._host, args[1]) + + +def test_update_secret_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_secret( + service.UpdateSecretRequest(), + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + + +def test_update_secret_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.DeleteSecretRequest, + dict, +]) +def test_delete_secret_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = None + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = '' + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.delete_secret(request) + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_secret_rest_required_fields(request_type=service.DeleteSecretRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).delete_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).delete_secret._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("etag", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = None + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "delete", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + json_return_value = '' + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.delete_secret(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_delete_secret_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.delete_secret._get_unset_required_fields({}) + assert set(unset_fields) == (set(("etag", )) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_delete_secret_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_delete_secret") as pre: + pre.assert_not_called() + pb_message = service.DeleteSecretRequest.pb(service.DeleteSecretRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + + request = service.DeleteSecretRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + + client.delete_secret(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + + +def test_delete_secret_rest_bad_request(transport: str = 'rest', request_type=service.DeleteSecretRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.delete_secret(request) + + +def test_delete_secret_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = None + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = '' + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.delete_secret(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{name=projects/*/secrets/*}" % client.transport._host, args[1]) + + +def test_delete_secret_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_secret( + service.DeleteSecretRequest(), + name='name_value', + ) + + +def test_delete_secret_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListSecretVersionsRequest, + dict, +]) +def test_list_secret_versions_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.ListSecretVersionsResponse( + next_page_token='next_page_token_value', + total_size=1086, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.ListSecretVersionsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.list_secret_versions(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretVersionsPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +def test_list_secret_versions_rest_required_fields(request_type=service.ListSecretVersionsRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_secret_versions._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["parent"] = 'parent_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_secret_versions._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("filter", "page_size", "page_token", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = service.ListSecretVersionsResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = service.ListSecretVersionsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.list_secret_versions(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_list_secret_versions_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.list_secret_versions._get_unset_required_fields({}) + assert set(unset_fields) == (set(("filter", "pageSize", "pageToken", )) & set(("parent", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_list_secret_versions_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_list_secret_versions") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_list_secret_versions") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.ListSecretVersionsRequest.pb(service.ListSecretVersionsRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = service.ListSecretVersionsResponse.to_json(service.ListSecretVersionsResponse()) + + request = service.ListSecretVersionsRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = service.ListSecretVersionsResponse() + + client.list_secret_versions(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_list_secret_versions_rest_bad_request(transport: str = 'rest', request_type=service.ListSecretVersionsRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.list_secret_versions(request) + + +def test_list_secret_versions_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.ListSecretVersionsResponse() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1/secrets/sample2'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.ListSecretVersionsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.list_secret_versions(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{parent=projects/*/secrets/*}/versions" % client.transport._host, args[1]) + + +def test_list_secret_versions_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_secret_versions( + service.ListSecretVersionsRequest(), + parent='parent_value', + ) + + +def test_list_secret_versions_rest_pager(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # TODO(kbandes): remove this mock unless there's a good reason for it. + #with mock.patch.object(path_template, 'transcode') as transcode: + # Set the response as a series of pages + response = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + ) + # Two responses for two calls + response = response + response + + # Wrap the values into proper Response objs + response = tuple(service.ListSecretVersionsResponse.to_json(x) for x in response) + return_values = tuple(Response() for i in response) + for return_val, response_val in zip(return_values, response): + return_val._content = response_val.encode('UTF-8') + return_val.status_code = 200 + req.side_effect = return_values + + sample_request = {'parent': 'projects/sample1/secrets/sample2'} + + pager = client.list_secret_versions(request=sample_request) + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.SecretVersion) + for i in results) + + pages = list(client.list_secret_versions(request=sample_request).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + + +@pytest.mark.parametrize("request_type", [ + service.GetSecretVersionRequest, + dict, +]) +def test_get_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.get_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_get_secret_version_rest_required_fields(request_type=service.GetSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.get_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_get_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.get_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_get_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_get_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_get_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.GetSecretVersionRequest.pb(service.GetSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.GetSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.get_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_get_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.GetSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.get_secret_version(request) + + +def test_get_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.get_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{name=projects/*/secrets/*/versions/*}" % client.transport._host, args[1]) + + +def test_get_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_secret_version( + service.GetSecretVersionRequest(), + name='name_value', + ) + + +def test_get_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.AccessSecretVersionRequest, + dict, +]) +def test_access_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.AccessSecretVersionResponse( + name='name_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.AccessSecretVersionResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.access_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, service.AccessSecretVersionResponse) + assert response.name == 'name_value' + + +def test_access_secret_version_rest_required_fields(request_type=service.AccessSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).access_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).access_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = service.AccessSecretVersionResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = service.AccessSecretVersionResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.access_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_access_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.access_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_access_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_access_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_access_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.AccessSecretVersionRequest.pb(service.AccessSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = service.AccessSecretVersionResponse.to_json(service.AccessSecretVersionResponse()) + + request = service.AccessSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = service.AccessSecretVersionResponse() + + client.access_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_access_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.AccessSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.access_secret_version(request) + + +def test_access_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.AccessSecretVersionResponse() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.AccessSecretVersionResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.access_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{name=projects/*/secrets/*/versions/*}:access" % client.transport._host, args[1]) + + +def test_access_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.access_secret_version( + service.AccessSecretVersionRequest(), + name='name_value', + ) + + +def test_access_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.DisableSecretVersionRequest, + dict, +]) +def test_disable_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.disable_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_disable_secret_version_rest_required_fields(request_type=service.DisableSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).disable_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).disable_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.disable_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_disable_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.disable_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_disable_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_disable_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_disable_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.DisableSecretVersionRequest.pb(service.DisableSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.DisableSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.disable_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_disable_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.DisableSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.disable_secret_version(request) + + +def test_disable_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.disable_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{name=projects/*/secrets/*/versions/*}:disable" % client.transport._host, args[1]) + + +def test_disable_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.disable_secret_version( + service.DisableSecretVersionRequest(), + name='name_value', + ) + + +def test_disable_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.EnableSecretVersionRequest, + dict, +]) +def test_enable_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.enable_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_enable_secret_version_rest_required_fields(request_type=service.EnableSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).enable_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).enable_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.enable_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_enable_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.enable_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_enable_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_enable_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_enable_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.EnableSecretVersionRequest.pb(service.EnableSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.EnableSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.enable_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_enable_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.EnableSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.enable_secret_version(request) + + +def test_enable_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.enable_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{name=projects/*/secrets/*/versions/*}:enable" % client.transport._host, args[1]) + + +def test_enable_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.enable_secret_version( + service.EnableSecretVersionRequest(), + name='name_value', + ) + + +def test_enable_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.DestroySecretVersionRequest, + dict, +]) +def test_destroy_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.destroy_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_destroy_secret_version_rest_required_fields(request_type=service.DestroySecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).destroy_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).destroy_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.destroy_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_destroy_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.destroy_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_destroy_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_destroy_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_destroy_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.DestroySecretVersionRequest.pb(service.DestroySecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.DestroySecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.destroy_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_destroy_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.DestroySecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.destroy_secret_version(request) + + +def test_destroy_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.destroy_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1/{name=projects/*/secrets/*/versions/*}:destroy" % client.transport._host, args[1]) + + +def test_destroy_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.destroy_secret_version( + service.DestroySecretVersionRequest(), + name='name_value', + ) + + +def test_destroy_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.SetIamPolicyRequest, + dict, +]) +def test_set_iam_policy_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = policy_pb2.Policy( + version=774, + etag=b'etag_blob', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.set_iam_policy(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +def test_set_iam_policy_rest_required_fields(request_type=iam_policy_pb2.SetIamPolicyRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["resource"] = "" + request = request_type(**request_init) + pb_request = request + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).set_iam_policy._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["resource"] = 'resource_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).set_iam_policy._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "resource" in jsonified_request + assert jsonified_request["resource"] == 'resource_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = policy_pb2.Policy() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.set_iam_policy(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_set_iam_policy_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.set_iam_policy._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("resource", "policy", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_set_iam_policy_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_set_iam_policy") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_set_iam_policy") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = iam_policy_pb2.SetIamPolicyRequest() + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = json_format.MessageToJson(policy_pb2.Policy()) + + request = iam_policy_pb2.SetIamPolicyRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = policy_pb2.Policy() + + client.set_iam_policy(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_set_iam_policy_rest_bad_request(transport: str = 'rest', request_type=iam_policy_pb2.SetIamPolicyRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.set_iam_policy(request) + + +def test_set_iam_policy_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.GetIamPolicyRequest, + dict, +]) +def test_get_iam_policy_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = policy_pb2.Policy( + version=774, + etag=b'etag_blob', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.get_iam_policy(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +def test_get_iam_policy_rest_required_fields(request_type=iam_policy_pb2.GetIamPolicyRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["resource"] = "" + request = request_type(**request_init) + pb_request = request + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_iam_policy._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["resource"] = 'resource_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_iam_policy._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("options", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "resource" in jsonified_request + assert jsonified_request["resource"] == 'resource_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = policy_pb2.Policy() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.get_iam_policy(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_get_iam_policy_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.get_iam_policy._get_unset_required_fields({}) + assert set(unset_fields) == (set(("options", )) & set(("resource", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_get_iam_policy_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_get_iam_policy") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_get_iam_policy") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = iam_policy_pb2.GetIamPolicyRequest() + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = json_format.MessageToJson(policy_pb2.Policy()) + + request = iam_policy_pb2.GetIamPolicyRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = policy_pb2.Policy() + + client.get_iam_policy(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_get_iam_policy_rest_bad_request(transport: str = 'rest', request_type=iam_policy_pb2.GetIamPolicyRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.get_iam_policy(request) + + +def test_get_iam_policy_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.TestIamPermissionsRequest, + dict, +]) +def test_test_iam_permissions_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = iam_policy_pb2.TestIamPermissionsResponse( + permissions=['permissions_value'], + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.test_iam_permissions(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, iam_policy_pb2.TestIamPermissionsResponse) + assert response.permissions == ['permissions_value'] + + +def test_test_iam_permissions_rest_required_fields(request_type=iam_policy_pb2.TestIamPermissionsRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["resource"] = "" + request_init["permissions"] = "" + request = request_type(**request_init) + pb_request = request + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).test_iam_permissions._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["resource"] = 'resource_value' + jsonified_request["permissions"] = 'permissions_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).test_iam_permissions._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "resource" in jsonified_request + assert jsonified_request["resource"] == 'resource_value' + assert "permissions" in jsonified_request + assert jsonified_request["permissions"] == 'permissions_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = iam_policy_pb2.TestIamPermissionsResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.test_iam_permissions(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_test_iam_permissions_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.test_iam_permissions._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("resource", "permissions", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_test_iam_permissions_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_test_iam_permissions") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_test_iam_permissions") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = iam_policy_pb2.TestIamPermissionsRequest() + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = json_format.MessageToJson(iam_policy_pb2.TestIamPermissionsResponse()) + + request = iam_policy_pb2.TestIamPermissionsRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = iam_policy_pb2.TestIamPermissionsResponse() + + client.test_iam_permissions(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_test_iam_permissions_rest_bad_request(transport: str = 'rest', request_type=iam_policy_pb2.TestIamPermissionsRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.test_iam_permissions(request) + + +def test_test_iam_permissions_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = SecretManagerServiceClient(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.SecretManagerServiceGrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.SecretManagerServiceGrpcTransport, + transports.SecretManagerServiceGrpcAsyncIOTransport, + transports.SecretManagerServiceRestTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "rest", +]) +def test_transport_kind(transport_name): + transport = SecretManagerServiceClient.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.SecretManagerServiceGrpcTransport, + ) + +def test_secret_manager_service_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.SecretManagerServiceTransport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_secret_manager_service_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.secretmanager_v1.services.secret_manager_service.transports.SecretManagerServiceTransport.__init__') as Transport: + Transport.return_value = None + transport = transports.SecretManagerServiceTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'list_secrets', + 'create_secret', + 'add_secret_version', + 'get_secret', + 'update_secret', + 'delete_secret', + 'list_secret_versions', + 'get_secret_version', + 'access_secret_version', + 'disable_secret_version', + 'enable_secret_version', + 'destroy_secret_version', + 'set_iam_policy', + 'get_iam_policy', + 'test_iam_permissions', + 'get_location', + 'list_locations', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_secret_manager_service_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.secretmanager_v1.services.secret_manager_service.transports.SecretManagerServiceTransport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SecretManagerServiceTransport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_secret_manager_service_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.secretmanager_v1.services.secret_manager_service.transports.SecretManagerServiceTransport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SecretManagerServiceTransport() + adc.assert_called_once() + + +def test_secret_manager_service_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + SecretManagerServiceClient() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SecretManagerServiceGrpcTransport, + transports.SecretManagerServiceGrpcAsyncIOTransport, + ], +) +def test_secret_manager_service_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SecretManagerServiceGrpcTransport, + transports.SecretManagerServiceGrpcAsyncIOTransport, + transports.SecretManagerServiceRestTransport, + ], +) +def test_secret_manager_service_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.SecretManagerServiceGrpcTransport, grpc_helpers), + (transports.SecretManagerServiceGrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_secret_manager_service_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "secretmanager.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="secretmanager.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.SecretManagerServiceGrpcTransport, transports.SecretManagerServiceGrpcAsyncIOTransport]) +def test_secret_manager_service_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + +def test_secret_manager_service_http_transport_client_cert_source_for_mtls(): + cred = ga_credentials.AnonymousCredentials() + with mock.patch("google.auth.transport.requests.AuthorizedSession.configure_mtls_channel") as mock_configure_mtls_channel: + transports.SecretManagerServiceRestTransport ( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + mock_configure_mtls_channel.assert_called_once_with(client_cert_source_callback) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", + "rest", +]) +def test_secret_manager_service_host_no_port(transport_name): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='secretmanager.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'secretmanager.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else 'https://secretmanager.googleapis.com' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", + "rest", +]) +def test_secret_manager_service_host_with_port(transport_name): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='secretmanager.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'secretmanager.googleapis.com:8000' + if transport_name in ['grpc', 'grpc_asyncio'] + else 'https://secretmanager.googleapis.com:8000' + ) + +@pytest.mark.parametrize("transport_name", [ + "rest", +]) +def test_secret_manager_service_client_transport_session_collision(transport_name): + creds1 = ga_credentials.AnonymousCredentials() + creds2 = ga_credentials.AnonymousCredentials() + client1 = SecretManagerServiceClient( + credentials=creds1, + transport=transport_name, + ) + client2 = SecretManagerServiceClient( + credentials=creds2, + transport=transport_name, + ) + session1 = client1.transport.list_secrets._session + session2 = client2.transport.list_secrets._session + assert session1 != session2 + session1 = client1.transport.create_secret._session + session2 = client2.transport.create_secret._session + assert session1 != session2 + session1 = client1.transport.add_secret_version._session + session2 = client2.transport.add_secret_version._session + assert session1 != session2 + session1 = client1.transport.get_secret._session + session2 = client2.transport.get_secret._session + assert session1 != session2 + session1 = client1.transport.update_secret._session + session2 = client2.transport.update_secret._session + assert session1 != session2 + session1 = client1.transport.delete_secret._session + session2 = client2.transport.delete_secret._session + assert session1 != session2 + session1 = client1.transport.list_secret_versions._session + session2 = client2.transport.list_secret_versions._session + assert session1 != session2 + session1 = client1.transport.get_secret_version._session + session2 = client2.transport.get_secret_version._session + assert session1 != session2 + session1 = client1.transport.access_secret_version._session + session2 = client2.transport.access_secret_version._session + assert session1 != session2 + session1 = client1.transport.disable_secret_version._session + session2 = client2.transport.disable_secret_version._session + assert session1 != session2 + session1 = client1.transport.enable_secret_version._session + session2 = client2.transport.enable_secret_version._session + assert session1 != session2 + session1 = client1.transport.destroy_secret_version._session + session2 = client2.transport.destroy_secret_version._session + assert session1 != session2 + session1 = client1.transport.set_iam_policy._session + session2 = client2.transport.set_iam_policy._session + assert session1 != session2 + session1 = client1.transport.get_iam_policy._session + session2 = client2.transport.get_iam_policy._session + assert session1 != session2 + session1 = client1.transport.test_iam_permissions._session + session2 = client2.transport.test_iam_permissions._session + assert session1 != session2 +def test_secret_manager_service_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SecretManagerServiceGrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_secret_manager_service_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SecretManagerServiceGrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SecretManagerServiceGrpcTransport, transports.SecretManagerServiceGrpcAsyncIOTransport]) +def test_secret_manager_service_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SecretManagerServiceGrpcTransport, transports.SecretManagerServiceGrpcAsyncIOTransport]) +def test_secret_manager_service_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_secret_path(): + project = "squid" + secret = "clam" + expected = "projects/{project}/secrets/{secret}".format(project=project, secret=secret, ) + actual = SecretManagerServiceClient.secret_path(project, secret) + assert expected == actual + + +def test_parse_secret_path(): + expected = { + "project": "whelk", + "secret": "octopus", + } + path = SecretManagerServiceClient.secret_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_secret_path(path) + assert expected == actual + +def test_secret_version_path(): + project = "oyster" + secret = "nudibranch" + secret_version = "cuttlefish" + expected = "projects/{project}/secrets/{secret}/versions/{secret_version}".format(project=project, secret=secret, secret_version=secret_version, ) + actual = SecretManagerServiceClient.secret_version_path(project, secret, secret_version) + assert expected == actual + + +def test_parse_secret_version_path(): + expected = { + "project": "mussel", + "secret": "winkle", + "secret_version": "nautilus", + } + path = SecretManagerServiceClient.secret_version_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_secret_version_path(path) + assert expected == actual + +def test_topic_path(): + project = "scallop" + topic = "abalone" + expected = "projects/{project}/topics/{topic}".format(project=project, topic=topic, ) + actual = SecretManagerServiceClient.topic_path(project, topic) + assert expected == actual + + +def test_parse_topic_path(): + expected = { + "project": "squid", + "topic": "clam", + } + path = SecretManagerServiceClient.topic_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_topic_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "whelk" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = SecretManagerServiceClient.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "octopus", + } + path = SecretManagerServiceClient.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "oyster" + expected = "folders/{folder}".format(folder=folder, ) + actual = SecretManagerServiceClient.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nudibranch", + } + path = SecretManagerServiceClient.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "cuttlefish" + expected = "organizations/{organization}".format(organization=organization, ) + actual = SecretManagerServiceClient.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "mussel", + } + path = SecretManagerServiceClient.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "winkle" + expected = "projects/{project}".format(project=project, ) + actual = SecretManagerServiceClient.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "nautilus", + } + path = SecretManagerServiceClient.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "scallop" + location = "abalone" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = SecretManagerServiceClient.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "squid", + "location": "clam", + } + path = SecretManagerServiceClient.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.SecretManagerServiceTransport, '_prep_wrapped_messages') as prep: + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.SecretManagerServiceTransport, '_prep_wrapped_messages') as prep: + transport_class = SecretManagerServiceClient.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_get_location_rest_bad_request(transport: str = 'rest', request_type=locations_pb2.GetLocationRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + request = request_type() + request = json_format.ParseDict({'name': 'projects/sample1/locations/sample2'}, request) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.get_location(request) + +@pytest.mark.parametrize("request_type", [ + locations_pb2.GetLocationRequest, + dict, +]) +def test_get_location_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + request_init = {'name': 'projects/sample1/locations/sample2'} + request = request_type(**request_init) + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = locations_pb2.Location() + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.get_location(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, locations_pb2.Location) + +def test_list_locations_rest_bad_request(transport: str = 'rest', request_type=locations_pb2.ListLocationsRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + request = request_type() + request = json_format.ParseDict({'name': 'projects/sample1'}, request) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.list_locations(request) + +@pytest.mark.parametrize("request_type", [ + locations_pb2.ListLocationsRequest, + dict, +]) +def test_list_locations_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + request_init = {'name': 'projects/sample1'} + request = request_type(**request_init) + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = locations_pb2.ListLocationsResponse() + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.list_locations(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, locations_pb2.ListLocationsResponse) + + +def test_list_locations(transport: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = locations_pb2.ListLocationsRequest() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = locations_pb2.ListLocationsResponse() + response = client.list_locations(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, locations_pb2.ListLocationsResponse) +@pytest.mark.asyncio +async def test_list_locations_async(transport: str = "grpc_asyncio"): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = locations_pb2.ListLocationsRequest() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( + locations_pb2.ListLocationsResponse() + ) + response = await client.list_locations(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, locations_pb2.ListLocationsResponse) + +def test_list_locations_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = locations_pb2.ListLocationsRequest() + request.name = "locations" + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + call.return_value = locations_pb2.ListLocationsResponse() + + client.list_locations(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ("x-goog-request-params", "name=locations",) in kw["metadata"] +@pytest.mark.asyncio +async def test_list_locations_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = locations_pb2.ListLocationsRequest() + request.name = "locations" + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( + locations_pb2.ListLocationsResponse() + ) + await client.list_locations(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ("x-goog-request-params", "name=locations",) in kw["metadata"] + +def test_list_locations_from_dict(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = locations_pb2.ListLocationsResponse() + + response = client.list_locations( + request={ + "name": "locations", + } + ) + call.assert_called() +@pytest.mark.asyncio +async def test_list_locations_from_dict_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( + locations_pb2.ListLocationsResponse() + ) + response = await client.list_locations( + request={ + "name": "locations", + } + ) + call.assert_called() + + +def test_get_location(transport: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = locations_pb2.GetLocationRequest() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.get_location), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = locations_pb2.Location() + response = client.get_location(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, locations_pb2.Location) +@pytest.mark.asyncio +async def test_get_location_async(transport: str = "grpc_asyncio"): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = locations_pb2.GetLocationRequest() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.get_location), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( + locations_pb2.Location() + ) + response = await client.get_location(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, locations_pb2.Location) + +def test_get_location_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials()) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = locations_pb2.GetLocationRequest() + request.name = "locations/abc" + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.get_location), "__call__") as call: + call.return_value = locations_pb2.Location() + + client.get_location(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ("x-goog-request-params", "name=locations/abc",) in kw["metadata"] +@pytest.mark.asyncio +async def test_get_location_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials() + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = locations_pb2.GetLocationRequest() + request.name = "locations/abc" + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.get_location), "__call__") as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( + locations_pb2.Location() + ) + await client.get_location(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ("x-goog-request-params", "name=locations/abc",) in kw["metadata"] + +def test_get_location_from_dict(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = locations_pb2.Location() + + response = client.get_location( + request={ + "name": "locations/abc", + } + ) + call.assert_called() +@pytest.mark.asyncio +async def test_get_location_from_dict_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( + locations_pb2.Location() + ) + response = await client.get_location( + request={ + "name": "locations", + } + ) + call.assert_called() + + +def test_transport_close(): + transports = { + "rest": "_session", + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'rest', + 'grpc', + ] + for transport in transports: + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/.coveragerc b/owl-bot-staging/google-cloud-secret-manager/v1beta1/.coveragerc new file mode 100644 index 000000000000..ba39b6e150d0 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/.coveragerc @@ -0,0 +1,13 @@ +[run] +branch = True + +[report] +show_missing = True +omit = + google/cloud/secretmanager/__init__.py + google/cloud/secretmanager/gapic_version.py +exclude_lines = + # Re-enable the standard pragma + pragma: NO COVER + # Ignore debug-only repr + def __repr__ diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/.flake8 b/owl-bot-staging/google-cloud-secret-manager/v1beta1/.flake8 new file mode 100644 index 000000000000..29227d4cf419 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/.flake8 @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generated by synthtool. DO NOT EDIT! +[flake8] +ignore = E203, E266, E501, W503 +exclude = + # Exclude generated code. + **/proto/** + **/gapic/** + **/services/** + **/types/** + *_pb2.py + + # Standard linting exemptions. + **/.nox/** + __pycache__, + .git, + *.pyc, + conf.py diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/MANIFEST.in b/owl-bot-staging/google-cloud-secret-manager/v1beta1/MANIFEST.in new file mode 100644 index 000000000000..2e1e4052f37b --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/MANIFEST.in @@ -0,0 +1,2 @@ +recursive-include google/cloud/secretmanager *.py +recursive-include google/cloud/secretmanager_v1beta1 *.py diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/README.rst b/owl-bot-staging/google-cloud-secret-manager/v1beta1/README.rst new file mode 100644 index 000000000000..358776dacd39 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/README.rst @@ -0,0 +1,49 @@ +Python Client for Google Cloud Secretmanager API +================================================= + +Quick Start +----------- + +In order to use this library, you first need to go through the following steps: + +1. `Select or create a Cloud Platform project.`_ +2. `Enable billing for your project.`_ +3. Enable the Google Cloud Secretmanager API. +4. `Setup Authentication.`_ + +.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project +.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project +.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html + +Installation +~~~~~~~~~~~~ + +Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to +create isolated Python environments. The basic problem it addresses is one of +dependencies and versions, and indirectly permissions. + +With `virtualenv`_, it's possible to install this library without needing system +install permissions, and without clashing with the installed system +dependencies. + +.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ + + +Mac/Linux +^^^^^^^^^ + +.. code-block:: console + + python3 -m venv + source /bin/activate + /bin/pip install /path/to/library + + +Windows +^^^^^^^ + +.. code-block:: console + + python3 -m venv + \Scripts\activate + \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/_static/custom.css b/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/_static/custom.css new file mode 100644 index 000000000000..06423be0b592 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/_static/custom.css @@ -0,0 +1,3 @@ +dl.field-list > dt { + min-width: 100px +} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/conf.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/conf.py new file mode 100644 index 000000000000..5d8513ae6722 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/conf.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# google-cloud-secretmanager documentation build configuration file +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys +import os +import shlex + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +sys.path.insert(0, os.path.abspath("..")) + +__version__ = "0.1.0" + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = "4.0.1" + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + "sphinx.ext.autodoc", + "sphinx.ext.autosummary", + "sphinx.ext.intersphinx", + "sphinx.ext.coverage", + "sphinx.ext.napoleon", + "sphinx.ext.todo", + "sphinx.ext.viewcode", +] + +# autodoc/autosummary flags +autoclass_content = "both" +autodoc_default_flags = ["members"] +autosummary_generate = True + + +# Add any paths that contain templates here, relative to this directory. +templates_path = ["_templates"] + +# Allow markdown includes (so releases.md can include CHANGLEOG.md) +# http://www.sphinx-doc.org/en/master/markdown.html +source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +source_suffix = [".rst", ".md"] + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The root toctree document. +root_doc = "index" + +# General information about the project. +project = u"google-cloud-secretmanager" +copyright = u"2023, Google, LLC" +author = u"Google APIs" # TODO: autogenerate this bit + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The full version, including alpha/beta/rc tags. +release = __version__ +# The short X.Y version. +version = ".".join(release.split(".")[0:2]) + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = 'en' + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ["_build"] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = "sphinx" + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = True + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = "alabaster" + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +html_theme_options = { + "description": "Google Cloud Client Libraries for Python", + "github_user": "googleapis", + "github_repo": "google-cloud-python", + "github_banner": True, + "font_family": "'Roboto', Georgia, sans", + "head_font_family": "'Roboto', Georgia, serif", + "code_font_family": "'Roboto Mono', 'Consolas', monospace", +} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ["_static"] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = "google-cloud-secretmanager-doc" + +# -- Options for warnings ------------------------------------------------------ + + +suppress_warnings = [ + # Temporarily suppress this to avoid "more than one target found for + # cross-reference" warning, which are intractable for us to avoid while in + # a mono-repo. + # See https://github.com/sphinx-doc/sphinx/blob + # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 + "ref.python" +] + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ( + root_doc, + "google-cloud-secretmanager.tex", + u"google-cloud-secretmanager Documentation", + author, + "manual", + ) +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ( + root_doc, + "google-cloud-secretmanager", + u"Google Cloud Secretmanager Documentation", + [author], + 1, + ) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ( + root_doc, + "google-cloud-secretmanager", + u"google-cloud-secretmanager Documentation", + author, + "google-cloud-secretmanager", + "GAPIC library for Google Cloud Secretmanager API", + "APIs", + ) +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = { + "python": ("http://python.readthedocs.org/en/latest/", None), + "gax": ("https://gax-python.readthedocs.org/en/latest/", None), + "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), + "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), + "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), + "grpc": ("https://grpc.io/grpc/python/", None), + "requests": ("http://requests.kennethreitz.org/en/stable/", None), + "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), +} + + +# Napoleon settings +napoleon_google_docstring = True +napoleon_numpy_docstring = True +napoleon_include_private_with_doc = False +napoleon_include_special_with_doc = True +napoleon_use_admonition_for_examples = False +napoleon_use_admonition_for_notes = False +napoleon_use_admonition_for_references = False +napoleon_use_ivar = False +napoleon_use_param = True +napoleon_use_rtype = True diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/index.rst b/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/index.rst new file mode 100644 index 000000000000..46aaf0ca51f8 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/index.rst @@ -0,0 +1,7 @@ +API Reference +------------- +.. toctree:: + :maxdepth: 2 + + secretmanager_v1beta1/services + secretmanager_v1beta1/types diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/secretmanager_v1beta1/secret_manager_service.rst b/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/secretmanager_v1beta1/secret_manager_service.rst new file mode 100644 index 000000000000..cc6725793f3d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/secretmanager_v1beta1/secret_manager_service.rst @@ -0,0 +1,10 @@ +SecretManagerService +-------------------------------------- + +.. automodule:: google.cloud.secretmanager_v1beta1.services.secret_manager_service + :members: + :inherited-members: + +.. automodule:: google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/secretmanager_v1beta1/services_.rst b/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/secretmanager_v1beta1/services_.rst new file mode 100644 index 000000000000..5266a7f39a86 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/secretmanager_v1beta1/services_.rst @@ -0,0 +1,6 @@ +Services for Google Cloud Secretmanager v1beta1 API +=================================================== +.. toctree:: + :maxdepth: 2 + + secret_manager_service diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/secretmanager_v1beta1/types_.rst b/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/secretmanager_v1beta1/types_.rst new file mode 100644 index 000000000000..af3325103029 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/docs/secretmanager_v1beta1/types_.rst @@ -0,0 +1,6 @@ +Types for Google Cloud Secretmanager v1beta1 API +================================================ + +.. automodule:: google.cloud.secretmanager_v1beta1.types + :members: + :show-inheritance: diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager/__init__.py new file mode 100644 index 000000000000..98cfccd4960e --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager/__init__.py @@ -0,0 +1,65 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.secretmanager import gapic_version as package_version + +__version__ = package_version.__version__ + + +from google.cloud.secretmanager_v1beta1.services.secret_manager_service.client import SecretManagerServiceClient +from google.cloud.secretmanager_v1beta1.services.secret_manager_service.async_client import SecretManagerServiceAsyncClient + +from google.cloud.secretmanager_v1beta1.types.resources import Replication +from google.cloud.secretmanager_v1beta1.types.resources import Secret +from google.cloud.secretmanager_v1beta1.types.resources import SecretPayload +from google.cloud.secretmanager_v1beta1.types.resources import SecretVersion +from google.cloud.secretmanager_v1beta1.types.service import AccessSecretVersionRequest +from google.cloud.secretmanager_v1beta1.types.service import AccessSecretVersionResponse +from google.cloud.secretmanager_v1beta1.types.service import AddSecretVersionRequest +from google.cloud.secretmanager_v1beta1.types.service import CreateSecretRequest +from google.cloud.secretmanager_v1beta1.types.service import DeleteSecretRequest +from google.cloud.secretmanager_v1beta1.types.service import DestroySecretVersionRequest +from google.cloud.secretmanager_v1beta1.types.service import DisableSecretVersionRequest +from google.cloud.secretmanager_v1beta1.types.service import EnableSecretVersionRequest +from google.cloud.secretmanager_v1beta1.types.service import GetSecretRequest +from google.cloud.secretmanager_v1beta1.types.service import GetSecretVersionRequest +from google.cloud.secretmanager_v1beta1.types.service import ListSecretsRequest +from google.cloud.secretmanager_v1beta1.types.service import ListSecretsResponse +from google.cloud.secretmanager_v1beta1.types.service import ListSecretVersionsRequest +from google.cloud.secretmanager_v1beta1.types.service import ListSecretVersionsResponse +from google.cloud.secretmanager_v1beta1.types.service import UpdateSecretRequest + +__all__ = ('SecretManagerServiceClient', + 'SecretManagerServiceAsyncClient', + 'Replication', + 'Secret', + 'SecretPayload', + 'SecretVersion', + 'AccessSecretVersionRequest', + 'AccessSecretVersionResponse', + 'AddSecretVersionRequest', + 'CreateSecretRequest', + 'DeleteSecretRequest', + 'DestroySecretVersionRequest', + 'DisableSecretVersionRequest', + 'EnableSecretVersionRequest', + 'GetSecretRequest', + 'GetSecretVersionRequest', + 'ListSecretsRequest', + 'ListSecretsResponse', + 'ListSecretVersionsRequest', + 'ListSecretVersionsResponse', + 'UpdateSecretRequest', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager/gapic_version.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager/gapic_version.py new file mode 100644 index 000000000000..558c8aab67c5 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.0.0" # {x-release-please-version} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager/py.typed b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager/py.typed new file mode 100644 index 000000000000..188cc03c2873 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-secretmanager package uses inline types. diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/__init__.py new file mode 100644 index 000000000000..c25a401667b3 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/__init__.py @@ -0,0 +1,66 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.secretmanager_v1beta1 import gapic_version as package_version + +__version__ = package_version.__version__ + + +from .services.secret_manager_service import SecretManagerServiceClient +from .services.secret_manager_service import SecretManagerServiceAsyncClient + +from .types.resources import Replication +from .types.resources import Secret +from .types.resources import SecretPayload +from .types.resources import SecretVersion +from .types.service import AccessSecretVersionRequest +from .types.service import AccessSecretVersionResponse +from .types.service import AddSecretVersionRequest +from .types.service import CreateSecretRequest +from .types.service import DeleteSecretRequest +from .types.service import DestroySecretVersionRequest +from .types.service import DisableSecretVersionRequest +from .types.service import EnableSecretVersionRequest +from .types.service import GetSecretRequest +from .types.service import GetSecretVersionRequest +from .types.service import ListSecretsRequest +from .types.service import ListSecretsResponse +from .types.service import ListSecretVersionsRequest +from .types.service import ListSecretVersionsResponse +from .types.service import UpdateSecretRequest + +__all__ = ( + 'SecretManagerServiceAsyncClient', +'AccessSecretVersionRequest', +'AccessSecretVersionResponse', +'AddSecretVersionRequest', +'CreateSecretRequest', +'DeleteSecretRequest', +'DestroySecretVersionRequest', +'DisableSecretVersionRequest', +'EnableSecretVersionRequest', +'GetSecretRequest', +'GetSecretVersionRequest', +'ListSecretVersionsRequest', +'ListSecretVersionsResponse', +'ListSecretsRequest', +'ListSecretsResponse', +'Replication', +'Secret', +'SecretManagerServiceClient', +'SecretPayload', +'SecretVersion', +'UpdateSecretRequest', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/gapic_metadata.json b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/gapic_metadata.json new file mode 100644 index 000000000000..3cbe31e9141d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/gapic_metadata.json @@ -0,0 +1,253 @@ + { + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "python", + "libraryPackage": "google.cloud.secretmanager_v1beta1", + "protoPackage": "google.cloud.secrets.v1beta1", + "schema": "1.0", + "services": { + "SecretManagerService": { + "clients": { + "grpc": { + "libraryClient": "SecretManagerServiceClient", + "rpcs": { + "AccessSecretVersion": { + "methods": [ + "access_secret_version" + ] + }, + "AddSecretVersion": { + "methods": [ + "add_secret_version" + ] + }, + "CreateSecret": { + "methods": [ + "create_secret" + ] + }, + "DeleteSecret": { + "methods": [ + "delete_secret" + ] + }, + "DestroySecretVersion": { + "methods": [ + "destroy_secret_version" + ] + }, + "DisableSecretVersion": { + "methods": [ + "disable_secret_version" + ] + }, + "EnableSecretVersion": { + "methods": [ + "enable_secret_version" + ] + }, + "GetIamPolicy": { + "methods": [ + "get_iam_policy" + ] + }, + "GetSecret": { + "methods": [ + "get_secret" + ] + }, + "GetSecretVersion": { + "methods": [ + "get_secret_version" + ] + }, + "ListSecretVersions": { + "methods": [ + "list_secret_versions" + ] + }, + "ListSecrets": { + "methods": [ + "list_secrets" + ] + }, + "SetIamPolicy": { + "methods": [ + "set_iam_policy" + ] + }, + "TestIamPermissions": { + "methods": [ + "test_iam_permissions" + ] + }, + "UpdateSecret": { + "methods": [ + "update_secret" + ] + } + } + }, + "grpc-async": { + "libraryClient": "SecretManagerServiceAsyncClient", + "rpcs": { + "AccessSecretVersion": { + "methods": [ + "access_secret_version" + ] + }, + "AddSecretVersion": { + "methods": [ + "add_secret_version" + ] + }, + "CreateSecret": { + "methods": [ + "create_secret" + ] + }, + "DeleteSecret": { + "methods": [ + "delete_secret" + ] + }, + "DestroySecretVersion": { + "methods": [ + "destroy_secret_version" + ] + }, + "DisableSecretVersion": { + "methods": [ + "disable_secret_version" + ] + }, + "EnableSecretVersion": { + "methods": [ + "enable_secret_version" + ] + }, + "GetIamPolicy": { + "methods": [ + "get_iam_policy" + ] + }, + "GetSecret": { + "methods": [ + "get_secret" + ] + }, + "GetSecretVersion": { + "methods": [ + "get_secret_version" + ] + }, + "ListSecretVersions": { + "methods": [ + "list_secret_versions" + ] + }, + "ListSecrets": { + "methods": [ + "list_secrets" + ] + }, + "SetIamPolicy": { + "methods": [ + "set_iam_policy" + ] + }, + "TestIamPermissions": { + "methods": [ + "test_iam_permissions" + ] + }, + "UpdateSecret": { + "methods": [ + "update_secret" + ] + } + } + }, + "rest": { + "libraryClient": "SecretManagerServiceClient", + "rpcs": { + "AccessSecretVersion": { + "methods": [ + "access_secret_version" + ] + }, + "AddSecretVersion": { + "methods": [ + "add_secret_version" + ] + }, + "CreateSecret": { + "methods": [ + "create_secret" + ] + }, + "DeleteSecret": { + "methods": [ + "delete_secret" + ] + }, + "DestroySecretVersion": { + "methods": [ + "destroy_secret_version" + ] + }, + "DisableSecretVersion": { + "methods": [ + "disable_secret_version" + ] + }, + "EnableSecretVersion": { + "methods": [ + "enable_secret_version" + ] + }, + "GetIamPolicy": { + "methods": [ + "get_iam_policy" + ] + }, + "GetSecret": { + "methods": [ + "get_secret" + ] + }, + "GetSecretVersion": { + "methods": [ + "get_secret_version" + ] + }, + "ListSecretVersions": { + "methods": [ + "list_secret_versions" + ] + }, + "ListSecrets": { + "methods": [ + "list_secrets" + ] + }, + "SetIamPolicy": { + "methods": [ + "set_iam_policy" + ] + }, + "TestIamPermissions": { + "methods": [ + "test_iam_permissions" + ] + }, + "UpdateSecret": { + "methods": [ + "update_secret" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/gapic_version.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/gapic_version.py new file mode 100644 index 000000000000..558c8aab67c5 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.0.0" # {x-release-please-version} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/py.typed b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/py.typed new file mode 100644 index 000000000000..188cc03c2873 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-secretmanager package uses inline types. diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/__init__.py new file mode 100644 index 000000000000..8f6cf068242c --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/__init__.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/__init__.py new file mode 100644 index 000000000000..8a012b7ce26e --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import SecretManagerServiceClient +from .async_client import SecretManagerServiceAsyncClient + +__all__ = ( + 'SecretManagerServiceClient', + 'SecretManagerServiceAsyncClient', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/async_client.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/async_client.py new file mode 100644 index 000000000000..f9475ecefb33 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/async_client.py @@ -0,0 +1,1976 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union + +from google.cloud.secretmanager_v1beta1 import gapic_version as package_version + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry_async as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.AsyncRetry, gapic_v1.method._MethodDefault, None] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.AsyncRetry, object, None] # type: ignore + +from google.cloud.secretmanager_v1beta1.services.secret_manager_service import pagers +from google.cloud.secretmanager_v1beta1.types import resources +from google.cloud.secretmanager_v1beta1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import field_mask_pb2 # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import SecretManagerServiceGrpcAsyncIOTransport +from .client import SecretManagerServiceClient + + +class SecretManagerServiceAsyncClient: + """Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secrets.v1beta1.Secret] + - [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + """ + + _client: SecretManagerServiceClient + + # Copy defaults from the synchronous client for use here. + # Note: DEFAULT_ENDPOINT is deprecated. Use _DEFAULT_ENDPOINT_TEMPLATE instead. + DEFAULT_ENDPOINT = SecretManagerServiceClient.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + _DEFAULT_ENDPOINT_TEMPLATE = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE + _DEFAULT_UNIVERSE = SecretManagerServiceClient._DEFAULT_UNIVERSE + + secret_path = staticmethod(SecretManagerServiceClient.secret_path) + parse_secret_path = staticmethod(SecretManagerServiceClient.parse_secret_path) + secret_version_path = staticmethod(SecretManagerServiceClient.secret_version_path) + parse_secret_version_path = staticmethod(SecretManagerServiceClient.parse_secret_version_path) + common_billing_account_path = staticmethod(SecretManagerServiceClient.common_billing_account_path) + parse_common_billing_account_path = staticmethod(SecretManagerServiceClient.parse_common_billing_account_path) + common_folder_path = staticmethod(SecretManagerServiceClient.common_folder_path) + parse_common_folder_path = staticmethod(SecretManagerServiceClient.parse_common_folder_path) + common_organization_path = staticmethod(SecretManagerServiceClient.common_organization_path) + parse_common_organization_path = staticmethod(SecretManagerServiceClient.parse_common_organization_path) + common_project_path = staticmethod(SecretManagerServiceClient.common_project_path) + parse_common_project_path = staticmethod(SecretManagerServiceClient.parse_common_project_path) + common_location_path = staticmethod(SecretManagerServiceClient.common_location_path) + parse_common_location_path = staticmethod(SecretManagerServiceClient.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecretManagerServiceAsyncClient: The constructed client. + """ + return SecretManagerServiceClient.from_service_account_info.__func__(SecretManagerServiceAsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecretManagerServiceAsyncClient: The constructed client. + """ + return SecretManagerServiceClient.from_service_account_file.__func__(SecretManagerServiceAsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variable is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return SecretManagerServiceClient.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> SecretManagerServiceTransport: + """Returns the transport used by the client instance. + + Returns: + SecretManagerServiceTransport: The transport used by the client instance. + """ + return self._client.transport + + @property + def api_endpoint(self): + """Return the API endpoint used by the client instance. + + Returns: + str: The API endpoint used by the client instance. + """ + return self._client._api_endpoint + + @property + def universe_domain(self) -> str: + """Return the universe domain used by the client instance. + + Returns: + str: The universe domain used + by the client instance. + """ + return self._client._universe_domain + + get_transport_class = functools.partial(type(SecretManagerServiceClient).get_transport_class, type(SecretManagerServiceClient)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, SecretManagerServiceTransport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the secret manager service async client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.SecretManagerServiceTransport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): + Custom options for the client. + + 1. The ``api_endpoint`` property can be used to override the + default endpoint provided by the client when ``transport`` is + not explicitly provided. Only if this property is not set and + ``transport`` was not explicitly provided, the endpoint is + determined by the GOOGLE_API_USE_MTLS_ENDPOINT environment + variable, which have one of the following values: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto-switch to the + default mTLS endpoint if client certificate is present; this is + the default value). + + 2. If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide a client certificate for mTLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + 3. The ``universe_domain`` property can be used to override the + default "googleapis.com" universe. Note that ``api_endpoint`` + property still takes precedence; and ``universe_domain`` is + currently not supported for mTLS. + + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = SecretManagerServiceClient( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def list_secrets(self, + request: Optional[Union[service.ListSecretsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListSecretsAsyncPager: + r"""Lists [Secrets][google.cloud.secrets.v1beta1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + async def sample_list_secrets(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.ListSecretsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secrets(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta1.types.ListSecretsRequest, dict]]): + The request object. Request message for + [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets]. + parent (:class:`str`): + Required. The resource name of the project associated + with the [Secrets][google.cloud.secrets.v1beta1.Secret], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretsAsyncPager: + Response message for + [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListSecretsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_secrets, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListSecretsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def create_secret(self, + request: Optional[Union[service.CreateSecretRequest, dict]] = None, + *, + parent: Optional[str] = None, + secret_id: Optional[str] = None, + secret: Optional[resources.Secret] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Creates a new [Secret][google.cloud.secrets.v1beta1.Secret] + containing no + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + async def sample_create_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.CreateSecretRequest( + parent="parent_value", + secret_id="secret_id_value", + ) + + # Make the request + response = await client.create_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta1.types.CreateSecretRequest, dict]]): + The request object. Request message for + [SecretManagerService.CreateSecret][google.cloud.secrets.v1beta1.SecretManagerService.CreateSecret]. + parent (:class:`str`): + Required. The resource name of the project to associate + with the [Secret][google.cloud.secrets.v1beta1.Secret], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + secret_id (:class:`str`): + Required. This must be unique within the project. + + A secret ID is a string with a maximum length of 255 + characters and can contain uppercase and lowercase + letters, numerals, and the hyphen (``-``) and underscore + (``_``) characters. + + This corresponds to the ``secret_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + secret (:class:`google.cloud.secretmanager_v1beta1.types.Secret`): + Required. A + [Secret][google.cloud.secrets.v1beta1.Secret] with + initial field values. + + This corresponds to the ``secret`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.Secret: + A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can + be accessed. + + A [Secret][google.cloud.secrets.v1beta1.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, secret_id, secret]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.CreateSecretRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if secret_id is not None: + request.secret_id = secret_id + if secret is not None: + request.secret = secret + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.create_secret, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def add_secret_version(self, + request: Optional[Union[service.AddSecretVersionRequest, dict]] = None, + *, + parent: Optional[str] = None, + payload: Optional[resources.SecretPayload] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Creates a new + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + containing secret data and attaches it to an existing + [Secret][google.cloud.secrets.v1beta1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + async def sample_add_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.AddSecretVersionRequest( + parent="parent_value", + ) + + # Make the request + response = await client.add_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta1.types.AddSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.AddSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AddSecretVersion]. + parent (:class:`str`): + Required. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret] to + associate with the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + in the format ``projects/*/secrets/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + payload (:class:`google.cloud.secretmanager_v1beta1.types.SecretPayload`): + Required. The secret payload of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + This corresponds to the ``payload`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, payload]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.AddSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if payload is not None: + request.payload = payload + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.add_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_secret(self, + request: Optional[Union[service.GetSecretRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Gets metadata for a given + [Secret][google.cloud.secrets.v1beta1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + async def sample_get_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.GetSecretRequest( + name="name_value", + ) + + # Make the request + response = await client.get_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta1.types.GetSecretRequest, dict]]): + The request object. Request message for + [SecretManagerService.GetSecret][google.cloud.secrets.v1beta1.SecretManagerService.GetSecret]. + name (:class:`str`): + Required. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret], in the + format ``projects/*/secrets/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.Secret: + A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can + be accessed. + + A [Secret][google.cloud.secrets.v1beta1.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSecretRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_secret, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_secret(self, + request: Optional[Union[service.UpdateSecretRequest, dict]] = None, + *, + secret: Optional[resources.Secret] = None, + update_mask: Optional[field_mask_pb2.FieldMask] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Updates metadata of an existing + [Secret][google.cloud.secrets.v1beta1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + async def sample_update_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.UpdateSecretRequest( + ) + + # Make the request + response = await client.update_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta1.types.UpdateSecretRequest, dict]]): + The request object. Request message for + [SecretManagerService.UpdateSecret][google.cloud.secrets.v1beta1.SecretManagerService.UpdateSecret]. + secret (:class:`google.cloud.secretmanager_v1beta1.types.Secret`): + Required. [Secret][google.cloud.secrets.v1beta1.Secret] + with updated field values. + + This corresponds to the ``secret`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + update_mask (:class:`google.protobuf.field_mask_pb2.FieldMask`): + Required. Specifies the fields to be + updated. + + This corresponds to the ``update_mask`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.Secret: + A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can + be accessed. + + A [Secret][google.cloud.secrets.v1beta1.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([secret, update_mask]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdateSecretRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if secret is not None: + request.secret = secret + if update_mask is not None: + request.update_mask = update_mask + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_secret, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("secret.name", request.secret.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def delete_secret(self, + request: Optional[Union[service.DeleteSecretRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes a [Secret][google.cloud.secrets.v1beta1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + async def sample_delete_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.DeleteSecretRequest( + name="name_value", + ) + + # Make the request + await client.delete_secret(request=request) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta1.types.DeleteSecretRequest, dict]]): + The request object. Request message for + [SecretManagerService.DeleteSecret][google.cloud.secrets.v1beta1.SecretManagerService.DeleteSecret]. + name (:class:`str`): + Required. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret] to delete + in the format ``projects/*/secrets/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DeleteSecretRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.delete_secret, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + async def list_secret_versions(self, + request: Optional[Union[service.ListSecretVersionsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListSecretVersionsAsyncPager: + r"""Lists + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. + This call does not return secret data. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + async def sample_list_secret_versions(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.ListSecretVersionsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secret_versions(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta1.types.ListSecretVersionsRequest, dict]]): + The request object. Request message for + [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions]. + parent (:class:`str`): + Required. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret] associated + with the + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + to list, in the format ``projects/*/secrets/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretVersionsAsyncPager: + Response message for + [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListSecretVersionsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_secret_versions, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListSecretVersionsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_secret_version(self, + request: Optional[Union[service.GetSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Gets metadata for a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + ``projects/*/secrets/*/versions/latest`` is an alias to the + ``latest`` + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + async def sample_get_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.GetSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.get_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta1.types.GetSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.GetSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.GetSecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*``. + ``projects/*/secrets/*/versions/latest`` is an alias to + the ``latest`` + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def access_secret_version(self, + request: Optional[Union[service.AccessSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.AccessSecretVersionResponse: + r"""Accesses a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + This call returns the secret data. + + ``projects/*/secrets/*/versions/latest`` is an alias to the + ``latest`` + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + async def sample_access_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.AccessSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.access_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta1.types.AccessSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.AccessSecretVersionResponse: + Response message for + [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion]. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.AccessSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.access_secret_version, + default_retry=retries.AsyncRetry( +initial=1.0,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.ServiceUnavailable, + core_exceptions.Unknown, + ), + deadline=60.0, + ), + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def disable_secret_version(self, + request: Optional[Union[service.DisableSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Disables a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Sets the + [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to + [DISABLED][google.cloud.secrets.v1beta1.SecretVersion.State.DISABLED]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + async def sample_disable_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.DisableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.disable_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta1.types.DisableSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.DisableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DisableSecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + to disable in the format + ``projects/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DisableSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.disable_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def enable_secret_version(self, + request: Optional[Union[service.EnableSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Enables a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Sets the + [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to + [ENABLED][google.cloud.secrets.v1beta1.SecretVersion.State.ENABLED]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + async def sample_enable_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.EnableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.enable_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta1.types.EnableSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.EnableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.EnableSecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + to enable in the format + ``projects/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.EnableSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.enable_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def destroy_secret_version(self, + request: Optional[Union[service.DestroySecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Destroys a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Sets the + [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to + [DESTROYED][google.cloud.secrets.v1beta1.SecretVersion.State.DESTROYED] + and irrevocably destroys the secret data. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + async def sample_destroy_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.DestroySecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.destroy_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta1.types.DestroySecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.DestroySecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DestroySecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + to destroy in the format + ``projects/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DestroySecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.destroy_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def set_iam_policy(self, + request: Optional[Union[iam_policy_pb2.SetIamPolicyRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> policy_pb2.Policy: + r"""Sets the access control policy on the specified secret. Replaces + any existing policy. + + Permissions on + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] are + enforced according to the policy set on the associated + [Secret][google.cloud.secrets.v1beta1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + async def sample_set_iam_policy(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.SetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = await client.set_iam_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]]): + The request object. Request message for ``SetIamPolicy`` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. + + A Policy is a collection of bindings. A binding binds + one or more members, or principals, to a single role. + Principals can be user accounts, service accounts, + Google groups, and domains (such as G Suite). A role + is a named list of permissions; each role can be an + IAM predefined role or a user-created custom role. + + For some types of Google Cloud resources, a binding + can also specify a condition, which is a logical + expression that allows access to a resource only if + the expression evaluates to true. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the [IAM + documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). + + **JSON example:** + + :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` + + **YAML example:** + + :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` + + For a description of IAM and its features, see the + [IAM + documentation](\ https://cloud.google.com/iam/docs/). + + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = iam_policy_pb2.SetIamPolicyRequest(**request) + elif not request: + request = iam_policy_pb2.SetIamPolicyRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.set_iam_policy, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_iam_policy(self, + request: Optional[Union[iam_policy_pb2.GetIamPolicyRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> policy_pb2.Policy: + r"""Gets the access control policy for a secret. + Returns empty policy if the secret exists and does not + have a policy set. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + async def sample_get_iam_policy(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.GetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = await client.get_iam_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]]): + The request object. Request message for ``GetIamPolicy`` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. + + A Policy is a collection of bindings. A binding binds + one or more members, or principals, to a single role. + Principals can be user accounts, service accounts, + Google groups, and domains (such as G Suite). A role + is a named list of permissions; each role can be an + IAM predefined role or a user-created custom role. + + For some types of Google Cloud resources, a binding + can also specify a condition, which is a logical + expression that allows access to a resource only if + the expression evaluates to true. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the [IAM + documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). + + **JSON example:** + + :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` + + **YAML example:** + + :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` + + For a description of IAM and its features, see the + [IAM + documentation](\ https://cloud.google.com/iam/docs/). + + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = iam_policy_pb2.GetIamPolicyRequest(**request) + elif not request: + request = iam_policy_pb2.GetIamPolicyRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_iam_policy, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def test_iam_permissions(self, + request: Optional[Union[iam_policy_pb2.TestIamPermissionsRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> iam_policy_pb2.TestIamPermissionsResponse: + r"""Returns permissions that a caller has for the specified secret. + If the secret does not exist, this call returns an empty set of + permissions, not a NOT_FOUND error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without + warning. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + async def sample_test_iam_permissions(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.TestIamPermissionsRequest( + resource="resource_value", + permissions=['permissions_value1', 'permissions_value2'], + ) + + # Make the request + response = await client.test_iam_permissions(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]]): + The request object. Request message for ``TestIamPermissions`` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse: + Response message for TestIamPermissions method. + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = iam_policy_pb2.TestIamPermissionsRequest(**request) + elif not request: + request = iam_policy_pb2.TestIamPermissionsRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.test_iam_permissions, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self) -> "SecretManagerServiceAsyncClient": + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +__all__ = ( + "SecretManagerServiceAsyncClient", +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/client.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/client.py new file mode 100644 index 000000000000..24990fbbbfd1 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/client.py @@ -0,0 +1,2321 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import warnings + +from google.cloud.secretmanager_v1beta1 import gapic_version as package_version + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault, None] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object, None] # type: ignore + +from google.cloud.secretmanager_v1beta1.services.secret_manager_service import pagers +from google.cloud.secretmanager_v1beta1.types import resources +from google.cloud.secretmanager_v1beta1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import field_mask_pb2 # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO +from .transports.grpc import SecretManagerServiceGrpcTransport +from .transports.grpc_asyncio import SecretManagerServiceGrpcAsyncIOTransport +from .transports.rest import SecretManagerServiceRestTransport + + +class SecretManagerServiceClientMeta(type): + """Metaclass for the SecretManagerService client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[SecretManagerServiceTransport]] + _transport_registry["grpc"] = SecretManagerServiceGrpcTransport + _transport_registry["grpc_asyncio"] = SecretManagerServiceGrpcAsyncIOTransport + _transport_registry["rest"] = SecretManagerServiceRestTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[SecretManagerServiceTransport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class SecretManagerServiceClient(metaclass=SecretManagerServiceClientMeta): + """Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secrets.v1beta1.Secret] + - [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + # Note: DEFAULT_ENDPOINT is deprecated. Use _DEFAULT_ENDPOINT_TEMPLATE instead. + DEFAULT_ENDPOINT = "secretmanager.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + _DEFAULT_ENDPOINT_TEMPLATE = "secretmanager.{UNIVERSE_DOMAIN}" + _DEFAULT_UNIVERSE = "googleapis.com" + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecretManagerServiceClient: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecretManagerServiceClient: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> SecretManagerServiceTransport: + """Returns the transport used by the client instance. + + Returns: + SecretManagerServiceTransport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def secret_path(project: str,secret: str,) -> str: + """Returns a fully-qualified secret string.""" + return "projects/{project}/secrets/{secret}".format(project=project, secret=secret, ) + + @staticmethod + def parse_secret_path(path: str) -> Dict[str,str]: + """Parses a secret path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/secrets/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def secret_version_path(project: str,secret: str,secret_version: str,) -> str: + """Returns a fully-qualified secret_version string.""" + return "projects/{project}/secrets/{secret}/versions/{secret_version}".format(project=project, secret=secret, secret_version=secret_version, ) + + @staticmethod + def parse_secret_version_path(path: str) -> Dict[str,str]: + """Parses a secret_version path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/secrets/(?P.+?)/versions/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Deprecated. Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variable is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + + warnings.warn("get_mtls_endpoint_and_cert_source is deprecated. Use the api_endpoint property instead.", + DeprecationWarning) + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + @staticmethod + def _read_environment_variables(): + """Returns the environment variables used by the client. + + Returns: + Tuple[bool, str, str]: returns the GOOGLE_API_USE_CLIENT_CERTIFICATE, + GOOGLE_API_USE_MTLS_ENDPOINT, and GOOGLE_CLOUD_UNIVERSE_DOMAIN environment variables. + + Raises: + ValueError: If GOOGLE_API_USE_CLIENT_CERTIFICATE is not + any of ["true", "false"]. + google.auth.exceptions.MutualTLSChannelError: If GOOGLE_API_USE_MTLS_ENDPOINT + is not any of ["auto", "never", "always"]. + """ + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false").lower() + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto").lower() + universe_domain_env = os.getenv("GOOGLE_CLOUD_UNIVERSE_DOMAIN") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + return use_client_cert == "true", use_mtls_endpoint, universe_domain_env + + @staticmethod + def _get_client_cert_source(provided_cert_source, use_cert_flag): + """Return the client cert source to be used by the client. + + Args: + provided_cert_source (bytes): The client certificate source provided. + use_cert_flag (bool): A flag indicating whether to use the client certificate. + + Returns: + bytes or None: The client cert source to be used by the client. + """ + client_cert_source = None + if use_cert_flag: + if provided_cert_source: + client_cert_source = provided_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + return client_cert_source + + @staticmethod + def _get_api_endpoint(api_override, client_cert_source, universe_domain, use_mtls_endpoint): + """Return the API endpoint used by the client. + + Args: + api_override (str): The API endpoint override. If specified, this is always + the return value of this function and the other arguments are not used. + client_cert_source (bytes): The client certificate source used by the client. + universe_domain (str): The universe domain used by the client. + use_mtls_endpoint (str): How to use the mTLS endpoint, which depends also on the other parameters. + Possible values are "always", "auto", or "never". + + Returns: + str: The API endpoint to be used by the client. + """ + if api_override is not None: + api_endpoint = api_override + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + _default_universe = SecretManagerServiceClient._DEFAULT_UNIVERSE + if universe_domain != _default_universe: + raise MutualTLSChannelError(f"mTLS is not supported in any universe other than {_default_universe}.") + api_endpoint = SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=universe_domain) + return api_endpoint + + @staticmethod + def _get_universe_domain(client_universe_domain: Optional[str], universe_domain_env: Optional[str]) -> str: + """Return the universe domain used by the client. + + Args: + client_universe_domain (Optional[str]): The universe domain configured via the client options. + universe_domain_env (Optional[str]): The universe domain configured via the "GOOGLE_CLOUD_UNIVERSE_DOMAIN" environment variable. + + Returns: + str: The universe domain to be used by the client. + + Raises: + ValueError: If the universe domain is an empty string. + """ + universe_domain = SecretManagerServiceClient._DEFAULT_UNIVERSE + if client_universe_domain is not None: + universe_domain = client_universe_domain + elif universe_domain_env is not None: + universe_domain = universe_domain_env + if len(universe_domain.strip()) == 0: + raise ValueError("Universe Domain cannot be an empty string.") + return universe_domain + + @staticmethod + def _compare_universes(client_universe: str, + credentials: ga_credentials.Credentials) -> bool: + """Returns True iff the universe domains used by the client and credentials match. + + Args: + client_universe (str): The universe domain configured via the client options. + credentials (ga_credentials.Credentials): The credentials being used in the client. + + Returns: + bool: True iff client_universe matches the universe in credentials. + + Raises: + ValueError: when client_universe does not match the universe in credentials. + """ + + default_universe = SecretManagerServiceClient._DEFAULT_UNIVERSE + credentials_universe = getattr(credentials, "universe_domain", default_universe) + + if client_universe != credentials_universe: + raise ValueError("The configured universe domain " + f"({client_universe}) does not match the universe domain " + f"found in the credentials ({credentials_universe}). " + "If you haven't configured the universe domain explicitly, " + f"`{default_universe}` is the default.") + return True + + def _validate_universe_domain(self): + """Validates client's and credentials' universe domains are consistent. + + Returns: + bool: True iff the configured universe domain is valid. + + Raises: + ValueError: If the configured universe domain is not valid. + """ + self._is_universe_domain_valid = (self._is_universe_domain_valid or + SecretManagerServiceClient._compare_universes(self.universe_domain, self.transport._credentials)) + return self._is_universe_domain_valid + + @property + def api_endpoint(self): + """Return the API endpoint used by the client instance. + + Returns: + str: The API endpoint used by the client instance. + """ + return self._api_endpoint + + @property + def universe_domain(self) -> str: + """Return the universe domain used by the client instance. + + Returns: + str: The universe domain used by the client instance. + """ + return self._universe_domain + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, SecretManagerServiceTransport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the secret manager service client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, SecretManagerServiceTransport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): + Custom options for the client. + + 1. The ``api_endpoint`` property can be used to override the + default endpoint provided by the client when ``transport`` is + not explicitly provided. Only if this property is not set and + ``transport`` was not explicitly provided, the endpoint is + determined by the GOOGLE_API_USE_MTLS_ENDPOINT environment + variable, which have one of the following values: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto-switch to the + default mTLS endpoint if client certificate is present; this is + the default value). + + 2. If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide a client certificate for mTLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + 3. The ``universe_domain`` property can be used to override the + default "googleapis.com" universe. Note that the ``api_endpoint`` + property still takes precedence; and ``universe_domain`` is + currently not supported for mTLS. + + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client_options = client_options + if isinstance(self._client_options, dict): + self._client_options = client_options_lib.from_dict(self._client_options) + if self._client_options is None: + self._client_options = client_options_lib.ClientOptions() + self._client_options = cast(client_options_lib.ClientOptions, self._client_options) + + universe_domain_opt = getattr(self._client_options, 'universe_domain', None) + + self._use_client_cert, self._use_mtls_endpoint, self._universe_domain_env = SecretManagerServiceClient._read_environment_variables() + self._client_cert_source = SecretManagerServiceClient._get_client_cert_source(self._client_options.client_cert_source, self._use_client_cert) + self._universe_domain = SecretManagerServiceClient._get_universe_domain(universe_domain_opt, self._universe_domain_env) + self._api_endpoint = None # updated below, depending on `transport` + + # Initialize the universe domain validation. + self._is_universe_domain_valid = False + + api_key_value = getattr(self._client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + transport_provided = isinstance(transport, SecretManagerServiceTransport) + if transport_provided: + # transport is a SecretManagerServiceTransport instance. + if credentials or self._client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if self._client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = cast(SecretManagerServiceTransport, transport) + self._api_endpoint = self._transport.host + + self._api_endpoint = (self._api_endpoint or + SecretManagerServiceClient._get_api_endpoint( + self._client_options.api_endpoint, + self._client_cert_source, + self._universe_domain, + self._use_mtls_endpoint)) + + if not transport_provided: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(cast(str, transport)) + self._transport = Transport( + credentials=credentials, + credentials_file=self._client_options.credentials_file, + host=self._api_endpoint, + scopes=self._client_options.scopes, + client_cert_source_for_mtls=self._client_cert_source, + quota_project_id=self._client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=self._client_options.api_audience, + ) + + def list_secrets(self, + request: Optional[Union[service.ListSecretsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListSecretsPager: + r"""Lists [Secrets][google.cloud.secrets.v1beta1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + def sample_list_secrets(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.ListSecretsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secrets(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta1.types.ListSecretsRequest, dict]): + The request object. Request message for + [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets]. + parent (str): + Required. The resource name of the project associated + with the [Secrets][google.cloud.secrets.v1beta1.Secret], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretsPager: + Response message for + [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListSecretsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListSecretsRequest): + request = service.ListSecretsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_secrets] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListSecretsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def create_secret(self, + request: Optional[Union[service.CreateSecretRequest, dict]] = None, + *, + parent: Optional[str] = None, + secret_id: Optional[str] = None, + secret: Optional[resources.Secret] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Creates a new [Secret][google.cloud.secrets.v1beta1.Secret] + containing no + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + def sample_create_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.CreateSecretRequest( + parent="parent_value", + secret_id="secret_id_value", + ) + + # Make the request + response = client.create_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta1.types.CreateSecretRequest, dict]): + The request object. Request message for + [SecretManagerService.CreateSecret][google.cloud.secrets.v1beta1.SecretManagerService.CreateSecret]. + parent (str): + Required. The resource name of the project to associate + with the [Secret][google.cloud.secrets.v1beta1.Secret], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + secret_id (str): + Required. This must be unique within the project. + + A secret ID is a string with a maximum length of 255 + characters and can contain uppercase and lowercase + letters, numerals, and the hyphen (``-``) and underscore + (``_``) characters. + + This corresponds to the ``secret_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + secret (google.cloud.secretmanager_v1beta1.types.Secret): + Required. A + [Secret][google.cloud.secrets.v1beta1.Secret] with + initial field values. + + This corresponds to the ``secret`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.Secret: + A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can + be accessed. + + A [Secret][google.cloud.secrets.v1beta1.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, secret_id, secret]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.CreateSecretRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.CreateSecretRequest): + request = service.CreateSecretRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if secret_id is not None: + request.secret_id = secret_id + if secret is not None: + request.secret = secret + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.create_secret] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def add_secret_version(self, + request: Optional[Union[service.AddSecretVersionRequest, dict]] = None, + *, + parent: Optional[str] = None, + payload: Optional[resources.SecretPayload] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Creates a new + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + containing secret data and attaches it to an existing + [Secret][google.cloud.secrets.v1beta1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + def sample_add_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.AddSecretVersionRequest( + parent="parent_value", + ) + + # Make the request + response = client.add_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta1.types.AddSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.AddSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AddSecretVersion]. + parent (str): + Required. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret] to + associate with the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + in the format ``projects/*/secrets/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + payload (google.cloud.secretmanager_v1beta1.types.SecretPayload): + Required. The secret payload of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + This corresponds to the ``payload`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, payload]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.AddSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.AddSecretVersionRequest): + request = service.AddSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if payload is not None: + request.payload = payload + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.add_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_secret(self, + request: Optional[Union[service.GetSecretRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Gets metadata for a given + [Secret][google.cloud.secrets.v1beta1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + def sample_get_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.GetSecretRequest( + name="name_value", + ) + + # Make the request + response = client.get_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta1.types.GetSecretRequest, dict]): + The request object. Request message for + [SecretManagerService.GetSecret][google.cloud.secrets.v1beta1.SecretManagerService.GetSecret]. + name (str): + Required. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret], in the + format ``projects/*/secrets/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.Secret: + A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can + be accessed. + + A [Secret][google.cloud.secrets.v1beta1.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSecretRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSecretRequest): + request = service.GetSecretRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_secret] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_secret(self, + request: Optional[Union[service.UpdateSecretRequest, dict]] = None, + *, + secret: Optional[resources.Secret] = None, + update_mask: Optional[field_mask_pb2.FieldMask] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Updates metadata of an existing + [Secret][google.cloud.secrets.v1beta1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + def sample_update_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.UpdateSecretRequest( + ) + + # Make the request + response = client.update_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta1.types.UpdateSecretRequest, dict]): + The request object. Request message for + [SecretManagerService.UpdateSecret][google.cloud.secrets.v1beta1.SecretManagerService.UpdateSecret]. + secret (google.cloud.secretmanager_v1beta1.types.Secret): + Required. [Secret][google.cloud.secrets.v1beta1.Secret] + with updated field values. + + This corresponds to the ``secret`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + update_mask (google.protobuf.field_mask_pb2.FieldMask): + Required. Specifies the fields to be + updated. + + This corresponds to the ``update_mask`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.Secret: + A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can + be accessed. + + A [Secret][google.cloud.secrets.v1beta1.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([secret, update_mask]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdateSecretRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdateSecretRequest): + request = service.UpdateSecretRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if secret is not None: + request.secret = secret + if update_mask is not None: + request.update_mask = update_mask + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_secret] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("secret.name", request.secret.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def delete_secret(self, + request: Optional[Union[service.DeleteSecretRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes a [Secret][google.cloud.secrets.v1beta1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + def sample_delete_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.DeleteSecretRequest( + name="name_value", + ) + + # Make the request + client.delete_secret(request=request) + + Args: + request (Union[google.cloud.secretmanager_v1beta1.types.DeleteSecretRequest, dict]): + The request object. Request message for + [SecretManagerService.DeleteSecret][google.cloud.secrets.v1beta1.SecretManagerService.DeleteSecret]. + name (str): + Required. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret] to delete + in the format ``projects/*/secrets/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DeleteSecretRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DeleteSecretRequest): + request = service.DeleteSecretRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.delete_secret] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + def list_secret_versions(self, + request: Optional[Union[service.ListSecretVersionsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListSecretVersionsPager: + r"""Lists + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. + This call does not return secret data. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + def sample_list_secret_versions(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.ListSecretVersionsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secret_versions(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta1.types.ListSecretVersionsRequest, dict]): + The request object. Request message for + [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions]. + parent (str): + Required. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret] associated + with the + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + to list, in the format ``projects/*/secrets/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretVersionsPager: + Response message for + [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListSecretVersionsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListSecretVersionsRequest): + request = service.ListSecretVersionsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_secret_versions] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListSecretVersionsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_secret_version(self, + request: Optional[Union[service.GetSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Gets metadata for a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + ``projects/*/secrets/*/versions/latest`` is an alias to the + ``latest`` + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + def sample_get_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.GetSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.get_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta1.types.GetSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.GetSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.GetSecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*``. + ``projects/*/secrets/*/versions/latest`` is an alias to + the ``latest`` + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSecretVersionRequest): + request = service.GetSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def access_secret_version(self, + request: Optional[Union[service.AccessSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.AccessSecretVersionResponse: + r"""Accesses a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + This call returns the secret data. + + ``projects/*/secrets/*/versions/latest`` is an alias to the + ``latest`` + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + def sample_access_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.AccessSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.access_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta1.types.AccessSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.AccessSecretVersionResponse: + Response message for + [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion]. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.AccessSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.AccessSecretVersionRequest): + request = service.AccessSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.access_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def disable_secret_version(self, + request: Optional[Union[service.DisableSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Disables a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Sets the + [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to + [DISABLED][google.cloud.secrets.v1beta1.SecretVersion.State.DISABLED]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + def sample_disable_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.DisableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.disable_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta1.types.DisableSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.DisableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DisableSecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + to disable in the format + ``projects/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DisableSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DisableSecretVersionRequest): + request = service.DisableSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.disable_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def enable_secret_version(self, + request: Optional[Union[service.EnableSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Enables a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Sets the + [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to + [ENABLED][google.cloud.secrets.v1beta1.SecretVersion.State.ENABLED]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + def sample_enable_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.EnableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.enable_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta1.types.EnableSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.EnableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.EnableSecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + to enable in the format + ``projects/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.EnableSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.EnableSecretVersionRequest): + request = service.EnableSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.enable_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def destroy_secret_version(self, + request: Optional[Union[service.DestroySecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Destroys a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Sets the + [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to + [DESTROYED][google.cloud.secrets.v1beta1.SecretVersion.State.DESTROYED] + and irrevocably destroys the secret data. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + + def sample_destroy_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.DestroySecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.destroy_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta1.types.DestroySecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.DestroySecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DestroySecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + to destroy in the format + ``projects/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta1.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DestroySecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DestroySecretVersionRequest): + request = service.DestroySecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.destroy_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def set_iam_policy(self, + request: Optional[Union[iam_policy_pb2.SetIamPolicyRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> policy_pb2.Policy: + r"""Sets the access control policy on the specified secret. Replaces + any existing policy. + + Permissions on + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] are + enforced according to the policy set on the associated + [Secret][google.cloud.secrets.v1beta1.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + def sample_set_iam_policy(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.SetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = client.set_iam_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]): + The request object. Request message for ``SetIamPolicy`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. + + A Policy is a collection of bindings. A binding binds + one or more members, or principals, to a single role. + Principals can be user accounts, service accounts, + Google groups, and domains (such as G Suite). A role + is a named list of permissions; each role can be an + IAM predefined role or a user-created custom role. + + For some types of Google Cloud resources, a binding + can also specify a condition, which is a logical + expression that allows access to a resource only if + the expression evaluates to true. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the [IAM + documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). + + **JSON example:** + + :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` + + **YAML example:** + + :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` + + For a description of IAM and its features, see the + [IAM + documentation](\ https://cloud.google.com/iam/docs/). + + """ + # Create or coerce a protobuf request object. + if isinstance(request, dict): + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + request = iam_policy_pb2.SetIamPolicyRequest(**request) + elif not request: + # Null request, just make one. + request = iam_policy_pb2.SetIamPolicyRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.set_iam_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_iam_policy(self, + request: Optional[Union[iam_policy_pb2.GetIamPolicyRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> policy_pb2.Policy: + r"""Gets the access control policy for a secret. + Returns empty policy if the secret exists and does not + have a policy set. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + def sample_get_iam_policy(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.GetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = client.get_iam_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]): + The request object. Request message for ``GetIamPolicy`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. + + A Policy is a collection of bindings. A binding binds + one or more members, or principals, to a single role. + Principals can be user accounts, service accounts, + Google groups, and domains (such as G Suite). A role + is a named list of permissions; each role can be an + IAM predefined role or a user-created custom role. + + For some types of Google Cloud resources, a binding + can also specify a condition, which is a logical + expression that allows access to a resource only if + the expression evaluates to true. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the [IAM + documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). + + **JSON example:** + + :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` + + **YAML example:** + + :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` + + For a description of IAM and its features, see the + [IAM + documentation](\ https://cloud.google.com/iam/docs/). + + """ + # Create or coerce a protobuf request object. + if isinstance(request, dict): + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + request = iam_policy_pb2.GetIamPolicyRequest(**request) + elif not request: + # Null request, just make one. + request = iam_policy_pb2.GetIamPolicyRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_iam_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def test_iam_permissions(self, + request: Optional[Union[iam_policy_pb2.TestIamPermissionsRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> iam_policy_pb2.TestIamPermissionsResponse: + r"""Returns permissions that a caller has for the specified secret. + If the secret does not exist, this call returns an empty set of + permissions, not a NOT_FOUND error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without + warning. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta1 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + def sample_test_iam_permissions(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.TestIamPermissionsRequest( + resource="resource_value", + permissions=['permissions_value1', 'permissions_value2'], + ) + + # Make the request + response = client.test_iam_permissions(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]): + The request object. Request message for ``TestIamPermissions`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse: + Response message for TestIamPermissions method. + """ + # Create or coerce a protobuf request object. + if isinstance(request, dict): + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + request = iam_policy_pb2.TestIamPermissionsRequest(**request) + elif not request: + # Null request, just make one. + request = iam_policy_pb2.TestIamPermissionsRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.test_iam_permissions] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self) -> "SecretManagerServiceClient": + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +__all__ = ( + "SecretManagerServiceClient", +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/pagers.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/pagers.py new file mode 100644 index 000000000000..9fda03f587de --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/pagers.py @@ -0,0 +1,261 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.secretmanager_v1beta1.types import resources +from google.cloud.secretmanager_v1beta1.types import service + + +class ListSecretsPager: + """A pager for iterating through ``list_secrets`` requests. + + This class thinly wraps an initial + :class:`google.cloud.secretmanager_v1beta1.types.ListSecretsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``secrets`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListSecrets`` requests and continue to iterate + through the ``secrets`` field on the + corresponding responses. + + All the usual :class:`google.cloud.secretmanager_v1beta1.types.ListSecretsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListSecretsResponse], + request: service.ListSecretsRequest, + response: service.ListSecretsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.secretmanager_v1beta1.types.ListSecretsRequest): + The initial request object. + response (google.cloud.secretmanager_v1beta1.types.ListSecretsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListSecretsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListSecretsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.Secret]: + for page in self.pages: + yield from page.secrets + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListSecretsAsyncPager: + """A pager for iterating through ``list_secrets`` requests. + + This class thinly wraps an initial + :class:`google.cloud.secretmanager_v1beta1.types.ListSecretsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``secrets`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListSecrets`` requests and continue to iterate + through the ``secrets`` field on the + corresponding responses. + + All the usual :class:`google.cloud.secretmanager_v1beta1.types.ListSecretsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListSecretsResponse]], + request: service.ListSecretsRequest, + response: service.ListSecretsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.secretmanager_v1beta1.types.ListSecretsRequest): + The initial request object. + response (google.cloud.secretmanager_v1beta1.types.ListSecretsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListSecretsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListSecretsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.Secret]: + async def async_generator(): + async for page in self.pages: + for response in page.secrets: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListSecretVersionsPager: + """A pager for iterating through ``list_secret_versions`` requests. + + This class thinly wraps an initial + :class:`google.cloud.secretmanager_v1beta1.types.ListSecretVersionsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``versions`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListSecretVersions`` requests and continue to iterate + through the ``versions`` field on the + corresponding responses. + + All the usual :class:`google.cloud.secretmanager_v1beta1.types.ListSecretVersionsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListSecretVersionsResponse], + request: service.ListSecretVersionsRequest, + response: service.ListSecretVersionsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.secretmanager_v1beta1.types.ListSecretVersionsRequest): + The initial request object. + response (google.cloud.secretmanager_v1beta1.types.ListSecretVersionsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListSecretVersionsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListSecretVersionsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.SecretVersion]: + for page in self.pages: + yield from page.versions + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListSecretVersionsAsyncPager: + """A pager for iterating through ``list_secret_versions`` requests. + + This class thinly wraps an initial + :class:`google.cloud.secretmanager_v1beta1.types.ListSecretVersionsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``versions`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListSecretVersions`` requests and continue to iterate + through the ``versions`` field on the + corresponding responses. + + All the usual :class:`google.cloud.secretmanager_v1beta1.types.ListSecretVersionsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListSecretVersionsResponse]], + request: service.ListSecretVersionsRequest, + response: service.ListSecretVersionsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.secretmanager_v1beta1.types.ListSecretVersionsRequest): + The initial request object. + response (google.cloud.secretmanager_v1beta1.types.ListSecretVersionsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListSecretVersionsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListSecretVersionsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.SecretVersion]: + async def async_generator(): + async for page in self.pages: + for response in page.versions: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/__init__.py new file mode 100644 index 000000000000..f9c5d1564d99 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/__init__.py @@ -0,0 +1,38 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import SecretManagerServiceTransport +from .grpc import SecretManagerServiceGrpcTransport +from .grpc_asyncio import SecretManagerServiceGrpcAsyncIOTransport +from .rest import SecretManagerServiceRestTransport +from .rest import SecretManagerServiceRestInterceptor + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[SecretManagerServiceTransport]] +_transport_registry['grpc'] = SecretManagerServiceGrpcTransport +_transport_registry['grpc_asyncio'] = SecretManagerServiceGrpcAsyncIOTransport +_transport_registry['rest'] = SecretManagerServiceRestTransport + +__all__ = ( + 'SecretManagerServiceTransport', + 'SecretManagerServiceGrpcTransport', + 'SecretManagerServiceGrpcAsyncIOTransport', + 'SecretManagerServiceRestTransport', + 'SecretManagerServiceRestInterceptor', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/base.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/base.py new file mode 100644 index 000000000000..20a8c67f1d19 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/base.py @@ -0,0 +1,359 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union + +from google.cloud.secretmanager_v1beta1 import gapic_version as package_version + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.secretmanager_v1beta1.types import resources +from google.cloud.secretmanager_v1beta1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import empty_pb2 # type: ignore + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +class SecretManagerServiceTransport(abc.ABC): + """Abstract transport class for SecretManagerService.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'secretmanager.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to (default: 'secretmanager.googleapis.com'). + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + @property + def host(self): + return self._host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.list_secrets: gapic_v1.method.wrap_method( + self.list_secrets, + default_timeout=60.0, + client_info=client_info, + ), + self.create_secret: gapic_v1.method.wrap_method( + self.create_secret, + default_timeout=60.0, + client_info=client_info, + ), + self.add_secret_version: gapic_v1.method.wrap_method( + self.add_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.get_secret: gapic_v1.method.wrap_method( + self.get_secret, + default_timeout=60.0, + client_info=client_info, + ), + self.update_secret: gapic_v1.method.wrap_method( + self.update_secret, + default_timeout=60.0, + client_info=client_info, + ), + self.delete_secret: gapic_v1.method.wrap_method( + self.delete_secret, + default_timeout=60.0, + client_info=client_info, + ), + self.list_secret_versions: gapic_v1.method.wrap_method( + self.list_secret_versions, + default_timeout=60.0, + client_info=client_info, + ), + self.get_secret_version: gapic_v1.method.wrap_method( + self.get_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.access_secret_version: gapic_v1.method.wrap_method( + self.access_secret_version, + default_retry=retries.Retry( +initial=1.0,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.ServiceUnavailable, + core_exceptions.Unknown, + ), + deadline=60.0, + ), + default_timeout=60.0, + client_info=client_info, + ), + self.disable_secret_version: gapic_v1.method.wrap_method( + self.disable_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.enable_secret_version: gapic_v1.method.wrap_method( + self.enable_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.destroy_secret_version: gapic_v1.method.wrap_method( + self.destroy_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.set_iam_policy: gapic_v1.method.wrap_method( + self.set_iam_policy, + default_timeout=60.0, + client_info=client_info, + ), + self.get_iam_policy: gapic_v1.method.wrap_method( + self.get_iam_policy, + default_timeout=60.0, + client_info=client_info, + ), + self.test_iam_permissions: gapic_v1.method.wrap_method( + self.test_iam_permissions, + default_timeout=60.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def list_secrets(self) -> Callable[ + [service.ListSecretsRequest], + Union[ + service.ListSecretsResponse, + Awaitable[service.ListSecretsResponse] + ]]: + raise NotImplementedError() + + @property + def create_secret(self) -> Callable[ + [service.CreateSecretRequest], + Union[ + resources.Secret, + Awaitable[resources.Secret] + ]]: + raise NotImplementedError() + + @property + def add_secret_version(self) -> Callable[ + [service.AddSecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def get_secret(self) -> Callable[ + [service.GetSecretRequest], + Union[ + resources.Secret, + Awaitable[resources.Secret] + ]]: + raise NotImplementedError() + + @property + def update_secret(self) -> Callable[ + [service.UpdateSecretRequest], + Union[ + resources.Secret, + Awaitable[resources.Secret] + ]]: + raise NotImplementedError() + + @property + def delete_secret(self) -> Callable[ + [service.DeleteSecretRequest], + Union[ + empty_pb2.Empty, + Awaitable[empty_pb2.Empty] + ]]: + raise NotImplementedError() + + @property + def list_secret_versions(self) -> Callable[ + [service.ListSecretVersionsRequest], + Union[ + service.ListSecretVersionsResponse, + Awaitable[service.ListSecretVersionsResponse] + ]]: + raise NotImplementedError() + + @property + def get_secret_version(self) -> Callable[ + [service.GetSecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def access_secret_version(self) -> Callable[ + [service.AccessSecretVersionRequest], + Union[ + service.AccessSecretVersionResponse, + Awaitable[service.AccessSecretVersionResponse] + ]]: + raise NotImplementedError() + + @property + def disable_secret_version(self) -> Callable[ + [service.DisableSecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def enable_secret_version(self) -> Callable[ + [service.EnableSecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def destroy_secret_version(self) -> Callable[ + [service.DestroySecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def set_iam_policy(self) -> Callable[ + [iam_policy_pb2.SetIamPolicyRequest], + Union[ + policy_pb2.Policy, + Awaitable[policy_pb2.Policy] + ]]: + raise NotImplementedError() + + @property + def get_iam_policy(self) -> Callable[ + [iam_policy_pb2.GetIamPolicyRequest], + Union[ + policy_pb2.Policy, + Awaitable[policy_pb2.Policy] + ]]: + raise NotImplementedError() + + @property + def test_iam_permissions(self) -> Callable[ + [iam_policy_pb2.TestIamPermissionsRequest], + Union[ + iam_policy_pb2.TestIamPermissionsResponse, + Awaitable[iam_policy_pb2.TestIamPermissionsResponse] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'SecretManagerServiceTransport', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/grpc.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/grpc.py new file mode 100644 index 000000000000..c3be3afa67cd --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/grpc.py @@ -0,0 +1,692 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.secretmanager_v1beta1.types import resources +from google.cloud.secretmanager_v1beta1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import empty_pb2 # type: ignore +from .base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO + + +class SecretManagerServiceGrpcTransport(SecretManagerServiceTransport): + """gRPC backend transport for SecretManagerService. + + Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secrets.v1beta1.Secret] + - [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to (default: 'secretmanager.googleapis.com'). + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def list_secrets(self) -> Callable[ + [service.ListSecretsRequest], + service.ListSecretsResponse]: + r"""Return a callable for the list secrets method over gRPC. + + Lists [Secrets][google.cloud.secrets.v1beta1.Secret]. + + Returns: + Callable[[~.ListSecretsRequest], + ~.ListSecretsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_secrets' not in self._stubs: + self._stubs['list_secrets'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/ListSecrets', + request_serializer=service.ListSecretsRequest.serialize, + response_deserializer=service.ListSecretsResponse.deserialize, + ) + return self._stubs['list_secrets'] + + @property + def create_secret(self) -> Callable[ + [service.CreateSecretRequest], + resources.Secret]: + r"""Return a callable for the create secret method over gRPC. + + Creates a new [Secret][google.cloud.secrets.v1beta1.Secret] + containing no + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. + + Returns: + Callable[[~.CreateSecretRequest], + ~.Secret]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_secret' not in self._stubs: + self._stubs['create_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/CreateSecret', + request_serializer=service.CreateSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['create_secret'] + + @property + def add_secret_version(self) -> Callable[ + [service.AddSecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the add secret version method over gRPC. + + Creates a new + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + containing secret data and attaches it to an existing + [Secret][google.cloud.secrets.v1beta1.Secret]. + + Returns: + Callable[[~.AddSecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'add_secret_version' not in self._stubs: + self._stubs['add_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/AddSecretVersion', + request_serializer=service.AddSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['add_secret_version'] + + @property + def get_secret(self) -> Callable[ + [service.GetSecretRequest], + resources.Secret]: + r"""Return a callable for the get secret method over gRPC. + + Gets metadata for a given + [Secret][google.cloud.secrets.v1beta1.Secret]. + + Returns: + Callable[[~.GetSecretRequest], + ~.Secret]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_secret' not in self._stubs: + self._stubs['get_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/GetSecret', + request_serializer=service.GetSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['get_secret'] + + @property + def update_secret(self) -> Callable[ + [service.UpdateSecretRequest], + resources.Secret]: + r"""Return a callable for the update secret method over gRPC. + + Updates metadata of an existing + [Secret][google.cloud.secrets.v1beta1.Secret]. + + Returns: + Callable[[~.UpdateSecretRequest], + ~.Secret]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_secret' not in self._stubs: + self._stubs['update_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/UpdateSecret', + request_serializer=service.UpdateSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['update_secret'] + + @property + def delete_secret(self) -> Callable[ + [service.DeleteSecretRequest], + empty_pb2.Empty]: + r"""Return a callable for the delete secret method over gRPC. + + Deletes a [Secret][google.cloud.secrets.v1beta1.Secret]. + + Returns: + Callable[[~.DeleteSecretRequest], + ~.Empty]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_secret' not in self._stubs: + self._stubs['delete_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/DeleteSecret', + request_serializer=service.DeleteSecretRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_secret'] + + @property + def list_secret_versions(self) -> Callable[ + [service.ListSecretVersionsRequest], + service.ListSecretVersionsResponse]: + r"""Return a callable for the list secret versions method over gRPC. + + Lists + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. + This call does not return secret data. + + Returns: + Callable[[~.ListSecretVersionsRequest], + ~.ListSecretVersionsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_secret_versions' not in self._stubs: + self._stubs['list_secret_versions'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/ListSecretVersions', + request_serializer=service.ListSecretVersionsRequest.serialize, + response_deserializer=service.ListSecretVersionsResponse.deserialize, + ) + return self._stubs['list_secret_versions'] + + @property + def get_secret_version(self) -> Callable[ + [service.GetSecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the get secret version method over gRPC. + + Gets metadata for a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + ``projects/*/secrets/*/versions/latest`` is an alias to the + ``latest`` + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Returns: + Callable[[~.GetSecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_secret_version' not in self._stubs: + self._stubs['get_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/GetSecretVersion', + request_serializer=service.GetSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['get_secret_version'] + + @property + def access_secret_version(self) -> Callable[ + [service.AccessSecretVersionRequest], + service.AccessSecretVersionResponse]: + r"""Return a callable for the access secret version method over gRPC. + + Accesses a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + This call returns the secret data. + + ``projects/*/secrets/*/versions/latest`` is an alias to the + ``latest`` + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Returns: + Callable[[~.AccessSecretVersionRequest], + ~.AccessSecretVersionResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'access_secret_version' not in self._stubs: + self._stubs['access_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/AccessSecretVersion', + request_serializer=service.AccessSecretVersionRequest.serialize, + response_deserializer=service.AccessSecretVersionResponse.deserialize, + ) + return self._stubs['access_secret_version'] + + @property + def disable_secret_version(self) -> Callable[ + [service.DisableSecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the disable secret version method over gRPC. + + Disables a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Sets the + [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to + [DISABLED][google.cloud.secrets.v1beta1.SecretVersion.State.DISABLED]. + + Returns: + Callable[[~.DisableSecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'disable_secret_version' not in self._stubs: + self._stubs['disable_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/DisableSecretVersion', + request_serializer=service.DisableSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['disable_secret_version'] + + @property + def enable_secret_version(self) -> Callable[ + [service.EnableSecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the enable secret version method over gRPC. + + Enables a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Sets the + [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to + [ENABLED][google.cloud.secrets.v1beta1.SecretVersion.State.ENABLED]. + + Returns: + Callable[[~.EnableSecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'enable_secret_version' not in self._stubs: + self._stubs['enable_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/EnableSecretVersion', + request_serializer=service.EnableSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['enable_secret_version'] + + @property + def destroy_secret_version(self) -> Callable[ + [service.DestroySecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the destroy secret version method over gRPC. + + Destroys a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Sets the + [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to + [DESTROYED][google.cloud.secrets.v1beta1.SecretVersion.State.DESTROYED] + and irrevocably destroys the secret data. + + Returns: + Callable[[~.DestroySecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'destroy_secret_version' not in self._stubs: + self._stubs['destroy_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/DestroySecretVersion', + request_serializer=service.DestroySecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['destroy_secret_version'] + + @property + def set_iam_policy(self) -> Callable[ + [iam_policy_pb2.SetIamPolicyRequest], + policy_pb2.Policy]: + r"""Return a callable for the set iam policy method over gRPC. + + Sets the access control policy on the specified secret. Replaces + any existing policy. + + Permissions on + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] are + enforced according to the policy set on the associated + [Secret][google.cloud.secrets.v1beta1.Secret]. + + Returns: + Callable[[~.SetIamPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'set_iam_policy' not in self._stubs: + self._stubs['set_iam_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/SetIamPolicy', + request_serializer=iam_policy_pb2.SetIamPolicyRequest.SerializeToString, + response_deserializer=policy_pb2.Policy.FromString, + ) + return self._stubs['set_iam_policy'] + + @property + def get_iam_policy(self) -> Callable[ + [iam_policy_pb2.GetIamPolicyRequest], + policy_pb2.Policy]: + r"""Return a callable for the get iam policy method over gRPC. + + Gets the access control policy for a secret. + Returns empty policy if the secret exists and does not + have a policy set. + + Returns: + Callable[[~.GetIamPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_iam_policy' not in self._stubs: + self._stubs['get_iam_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/GetIamPolicy', + request_serializer=iam_policy_pb2.GetIamPolicyRequest.SerializeToString, + response_deserializer=policy_pb2.Policy.FromString, + ) + return self._stubs['get_iam_policy'] + + @property + def test_iam_permissions(self) -> Callable[ + [iam_policy_pb2.TestIamPermissionsRequest], + iam_policy_pb2.TestIamPermissionsResponse]: + r"""Return a callable for the test iam permissions method over gRPC. + + Returns permissions that a caller has for the specified secret. + If the secret does not exist, this call returns an empty set of + permissions, not a NOT_FOUND error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without + warning. + + Returns: + Callable[[~.TestIamPermissionsRequest], + ~.TestIamPermissionsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'test_iam_permissions' not in self._stubs: + self._stubs['test_iam_permissions'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/TestIamPermissions', + request_serializer=iam_policy_pb2.TestIamPermissionsRequest.SerializeToString, + response_deserializer=iam_policy_pb2.TestIamPermissionsResponse.FromString, + ) + return self._stubs['test_iam_permissions'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'SecretManagerServiceGrpcTransport', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/grpc_asyncio.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/grpc_asyncio.py new file mode 100644 index 000000000000..7af0a2c49910 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/grpc_asyncio.py @@ -0,0 +1,691 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.secretmanager_v1beta1.types import resources +from google.cloud.secretmanager_v1beta1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import empty_pb2 # type: ignore +from .base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO +from .grpc import SecretManagerServiceGrpcTransport + + +class SecretManagerServiceGrpcAsyncIOTransport(SecretManagerServiceTransport): + """gRPC AsyncIO backend transport for SecretManagerService. + + Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secrets.v1beta1.Secret] + - [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to (default: 'secretmanager.googleapis.com'). + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def list_secrets(self) -> Callable[ + [service.ListSecretsRequest], + Awaitable[service.ListSecretsResponse]]: + r"""Return a callable for the list secrets method over gRPC. + + Lists [Secrets][google.cloud.secrets.v1beta1.Secret]. + + Returns: + Callable[[~.ListSecretsRequest], + Awaitable[~.ListSecretsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_secrets' not in self._stubs: + self._stubs['list_secrets'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/ListSecrets', + request_serializer=service.ListSecretsRequest.serialize, + response_deserializer=service.ListSecretsResponse.deserialize, + ) + return self._stubs['list_secrets'] + + @property + def create_secret(self) -> Callable[ + [service.CreateSecretRequest], + Awaitable[resources.Secret]]: + r"""Return a callable for the create secret method over gRPC. + + Creates a new [Secret][google.cloud.secrets.v1beta1.Secret] + containing no + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. + + Returns: + Callable[[~.CreateSecretRequest], + Awaitable[~.Secret]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_secret' not in self._stubs: + self._stubs['create_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/CreateSecret', + request_serializer=service.CreateSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['create_secret'] + + @property + def add_secret_version(self) -> Callable[ + [service.AddSecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the add secret version method over gRPC. + + Creates a new + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + containing secret data and attaches it to an existing + [Secret][google.cloud.secrets.v1beta1.Secret]. + + Returns: + Callable[[~.AddSecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'add_secret_version' not in self._stubs: + self._stubs['add_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/AddSecretVersion', + request_serializer=service.AddSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['add_secret_version'] + + @property + def get_secret(self) -> Callable[ + [service.GetSecretRequest], + Awaitable[resources.Secret]]: + r"""Return a callable for the get secret method over gRPC. + + Gets metadata for a given + [Secret][google.cloud.secrets.v1beta1.Secret]. + + Returns: + Callable[[~.GetSecretRequest], + Awaitable[~.Secret]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_secret' not in self._stubs: + self._stubs['get_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/GetSecret', + request_serializer=service.GetSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['get_secret'] + + @property + def update_secret(self) -> Callable[ + [service.UpdateSecretRequest], + Awaitable[resources.Secret]]: + r"""Return a callable for the update secret method over gRPC. + + Updates metadata of an existing + [Secret][google.cloud.secrets.v1beta1.Secret]. + + Returns: + Callable[[~.UpdateSecretRequest], + Awaitable[~.Secret]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_secret' not in self._stubs: + self._stubs['update_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/UpdateSecret', + request_serializer=service.UpdateSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['update_secret'] + + @property + def delete_secret(self) -> Callable[ + [service.DeleteSecretRequest], + Awaitable[empty_pb2.Empty]]: + r"""Return a callable for the delete secret method over gRPC. + + Deletes a [Secret][google.cloud.secrets.v1beta1.Secret]. + + Returns: + Callable[[~.DeleteSecretRequest], + Awaitable[~.Empty]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_secret' not in self._stubs: + self._stubs['delete_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/DeleteSecret', + request_serializer=service.DeleteSecretRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_secret'] + + @property + def list_secret_versions(self) -> Callable[ + [service.ListSecretVersionsRequest], + Awaitable[service.ListSecretVersionsResponse]]: + r"""Return a callable for the list secret versions method over gRPC. + + Lists + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. + This call does not return secret data. + + Returns: + Callable[[~.ListSecretVersionsRequest], + Awaitable[~.ListSecretVersionsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_secret_versions' not in self._stubs: + self._stubs['list_secret_versions'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/ListSecretVersions', + request_serializer=service.ListSecretVersionsRequest.serialize, + response_deserializer=service.ListSecretVersionsResponse.deserialize, + ) + return self._stubs['list_secret_versions'] + + @property + def get_secret_version(self) -> Callable[ + [service.GetSecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the get secret version method over gRPC. + + Gets metadata for a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + ``projects/*/secrets/*/versions/latest`` is an alias to the + ``latest`` + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Returns: + Callable[[~.GetSecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_secret_version' not in self._stubs: + self._stubs['get_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/GetSecretVersion', + request_serializer=service.GetSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['get_secret_version'] + + @property + def access_secret_version(self) -> Callable[ + [service.AccessSecretVersionRequest], + Awaitable[service.AccessSecretVersionResponse]]: + r"""Return a callable for the access secret version method over gRPC. + + Accesses a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + This call returns the secret data. + + ``projects/*/secrets/*/versions/latest`` is an alias to the + ``latest`` + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Returns: + Callable[[~.AccessSecretVersionRequest], + Awaitable[~.AccessSecretVersionResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'access_secret_version' not in self._stubs: + self._stubs['access_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/AccessSecretVersion', + request_serializer=service.AccessSecretVersionRequest.serialize, + response_deserializer=service.AccessSecretVersionResponse.deserialize, + ) + return self._stubs['access_secret_version'] + + @property + def disable_secret_version(self) -> Callable[ + [service.DisableSecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the disable secret version method over gRPC. + + Disables a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Sets the + [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to + [DISABLED][google.cloud.secrets.v1beta1.SecretVersion.State.DISABLED]. + + Returns: + Callable[[~.DisableSecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'disable_secret_version' not in self._stubs: + self._stubs['disable_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/DisableSecretVersion', + request_serializer=service.DisableSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['disable_secret_version'] + + @property + def enable_secret_version(self) -> Callable[ + [service.EnableSecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the enable secret version method over gRPC. + + Enables a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Sets the + [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to + [ENABLED][google.cloud.secrets.v1beta1.SecretVersion.State.ENABLED]. + + Returns: + Callable[[~.EnableSecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'enable_secret_version' not in self._stubs: + self._stubs['enable_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/EnableSecretVersion', + request_serializer=service.EnableSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['enable_secret_version'] + + @property + def destroy_secret_version(self) -> Callable[ + [service.DestroySecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the destroy secret version method over gRPC. + + Destroys a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Sets the + [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to + [DESTROYED][google.cloud.secrets.v1beta1.SecretVersion.State.DESTROYED] + and irrevocably destroys the secret data. + + Returns: + Callable[[~.DestroySecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'destroy_secret_version' not in self._stubs: + self._stubs['destroy_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/DestroySecretVersion', + request_serializer=service.DestroySecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['destroy_secret_version'] + + @property + def set_iam_policy(self) -> Callable[ + [iam_policy_pb2.SetIamPolicyRequest], + Awaitable[policy_pb2.Policy]]: + r"""Return a callable for the set iam policy method over gRPC. + + Sets the access control policy on the specified secret. Replaces + any existing policy. + + Permissions on + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] are + enforced according to the policy set on the associated + [Secret][google.cloud.secrets.v1beta1.Secret]. + + Returns: + Callable[[~.SetIamPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'set_iam_policy' not in self._stubs: + self._stubs['set_iam_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/SetIamPolicy', + request_serializer=iam_policy_pb2.SetIamPolicyRequest.SerializeToString, + response_deserializer=policy_pb2.Policy.FromString, + ) + return self._stubs['set_iam_policy'] + + @property + def get_iam_policy(self) -> Callable[ + [iam_policy_pb2.GetIamPolicyRequest], + Awaitable[policy_pb2.Policy]]: + r"""Return a callable for the get iam policy method over gRPC. + + Gets the access control policy for a secret. + Returns empty policy if the secret exists and does not + have a policy set. + + Returns: + Callable[[~.GetIamPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_iam_policy' not in self._stubs: + self._stubs['get_iam_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/GetIamPolicy', + request_serializer=iam_policy_pb2.GetIamPolicyRequest.SerializeToString, + response_deserializer=policy_pb2.Policy.FromString, + ) + return self._stubs['get_iam_policy'] + + @property + def test_iam_permissions(self) -> Callable[ + [iam_policy_pb2.TestIamPermissionsRequest], + Awaitable[iam_policy_pb2.TestIamPermissionsResponse]]: + r"""Return a callable for the test iam permissions method over gRPC. + + Returns permissions that a caller has for the specified secret. + If the secret does not exist, this call returns an empty set of + permissions, not a NOT_FOUND error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without + warning. + + Returns: + Callable[[~.TestIamPermissionsRequest], + Awaitable[~.TestIamPermissionsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'test_iam_permissions' not in self._stubs: + self._stubs['test_iam_permissions'] = self.grpc_channel.unary_unary( + '/google.cloud.secrets.v1beta1.SecretManagerService/TestIamPermissions', + request_serializer=iam_policy_pb2.TestIamPermissionsRequest.SerializeToString, + response_deserializer=iam_policy_pb2.TestIamPermissionsResponse.FromString, + ) + return self._stubs['test_iam_permissions'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'SecretManagerServiceGrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/rest.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/rest.py new file mode 100644 index 000000000000..0fb1888a2c70 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/rest.py @@ -0,0 +1,2062 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +from google.auth.transport.requests import AuthorizedSession # type: ignore +import json # type: ignore +import grpc # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.api_core import exceptions as core_exceptions +from google.api_core import retry as retries +from google.api_core import rest_helpers +from google.api_core import rest_streaming +from google.api_core import path_template +from google.api_core import gapic_v1 + +from google.protobuf import json_format +from requests import __version__ as requests_version +import dataclasses +import re +from typing import Any, Callable, Dict, List, Optional, Sequence, Tuple, Union +import warnings + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault, None] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object, None] # type: ignore + + +from google.cloud.secretmanager_v1beta1.types import resources +from google.cloud.secretmanager_v1beta1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import empty_pb2 # type: ignore + +from .base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO as BASE_DEFAULT_CLIENT_INFO + + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=BASE_DEFAULT_CLIENT_INFO.gapic_version, + grpc_version=None, + rest_version=requests_version, +) + + +class SecretManagerServiceRestInterceptor: + """Interceptor for SecretManagerService. + + Interceptors are used to manipulate requests, request metadata, and responses + in arbitrary ways. + Example use cases include: + * Logging + * Verifying requests according to service or custom semantics + * Stripping extraneous information from responses + + These use cases and more can be enabled by injecting an + instance of a custom subclass when constructing the SecretManagerServiceRestTransport. + + .. code-block:: python + class MyCustomSecretManagerServiceInterceptor(SecretManagerServiceRestInterceptor): + def pre_access_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_access_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_add_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_add_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_create_secret(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_create_secret(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_delete_secret(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def pre_destroy_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_destroy_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_disable_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_disable_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_enable_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_enable_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_get_iam_policy(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_get_iam_policy(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_get_secret(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_get_secret(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_get_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_get_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_list_secrets(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_list_secrets(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_list_secret_versions(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_list_secret_versions(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_set_iam_policy(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_set_iam_policy(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_test_iam_permissions(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_test_iam_permissions(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_update_secret(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_update_secret(self, response): + logging.log(f"Received response: {response}") + return response + + transport = SecretManagerServiceRestTransport(interceptor=MyCustomSecretManagerServiceInterceptor()) + client = SecretManagerServiceClient(transport=transport) + + + """ + def pre_access_secret_version(self, request: service.AccessSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.AccessSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for access_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_access_secret_version(self, response: service.AccessSecretVersionResponse) -> service.AccessSecretVersionResponse: + """Post-rpc interceptor for access_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_add_secret_version(self, request: service.AddSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.AddSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for add_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_add_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for add_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_create_secret(self, request: service.CreateSecretRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.CreateSecretRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for create_secret + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_create_secret(self, response: resources.Secret) -> resources.Secret: + """Post-rpc interceptor for create_secret + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_delete_secret(self, request: service.DeleteSecretRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.DeleteSecretRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for delete_secret + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def pre_destroy_secret_version(self, request: service.DestroySecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.DestroySecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for destroy_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_destroy_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for destroy_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_disable_secret_version(self, request: service.DisableSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.DisableSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for disable_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_disable_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for disable_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_enable_secret_version(self, request: service.EnableSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.EnableSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for enable_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_enable_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for enable_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_get_iam_policy(self, request: iam_policy_pb2.GetIamPolicyRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[iam_policy_pb2.GetIamPolicyRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for get_iam_policy + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_get_iam_policy(self, response: policy_pb2.Policy) -> policy_pb2.Policy: + """Post-rpc interceptor for get_iam_policy + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_get_secret(self, request: service.GetSecretRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.GetSecretRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for get_secret + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_get_secret(self, response: resources.Secret) -> resources.Secret: + """Post-rpc interceptor for get_secret + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_get_secret_version(self, request: service.GetSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.GetSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for get_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_get_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for get_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_list_secrets(self, request: service.ListSecretsRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.ListSecretsRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for list_secrets + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_list_secrets(self, response: service.ListSecretsResponse) -> service.ListSecretsResponse: + """Post-rpc interceptor for list_secrets + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_list_secret_versions(self, request: service.ListSecretVersionsRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.ListSecretVersionsRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for list_secret_versions + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_list_secret_versions(self, response: service.ListSecretVersionsResponse) -> service.ListSecretVersionsResponse: + """Post-rpc interceptor for list_secret_versions + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_set_iam_policy(self, request: iam_policy_pb2.SetIamPolicyRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[iam_policy_pb2.SetIamPolicyRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for set_iam_policy + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_set_iam_policy(self, response: policy_pb2.Policy) -> policy_pb2.Policy: + """Post-rpc interceptor for set_iam_policy + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_test_iam_permissions(self, request: iam_policy_pb2.TestIamPermissionsRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[iam_policy_pb2.TestIamPermissionsRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for test_iam_permissions + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_test_iam_permissions(self, response: iam_policy_pb2.TestIamPermissionsResponse) -> iam_policy_pb2.TestIamPermissionsResponse: + """Post-rpc interceptor for test_iam_permissions + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_update_secret(self, request: service.UpdateSecretRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.UpdateSecretRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for update_secret + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_update_secret(self, response: resources.Secret) -> resources.Secret: + """Post-rpc interceptor for update_secret + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + + +@dataclasses.dataclass +class SecretManagerServiceRestStub: + _session: AuthorizedSession + _host: str + _interceptor: SecretManagerServiceRestInterceptor + + +class SecretManagerServiceRestTransport(SecretManagerServiceTransport): + """REST backend transport for SecretManagerService. + + Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secrets.v1beta1.Secret] + - [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends JSON representations of protocol buffers over HTTP/1.1 + + """ + + def __init__(self, *, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + client_cert_source_for_mtls: Optional[Callable[[ + ], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + url_scheme: str = 'https', + interceptor: Optional[SecretManagerServiceRestInterceptor] = None, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to (default: 'secretmanager.googleapis.com'). + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + client_cert_source_for_mtls (Callable[[], Tuple[bytes, bytes]]): Client + certificate to configure mutual TLS HTTP channel. It is ignored + if ``channel`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you are developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + url_scheme: the protocol scheme for the API endpoint. Normally + "https", but for testing or local servers, + "http" can be specified. + """ + # Run the base constructor + # TODO(yon-mg): resolve other ctor params i.e. scopes, quota, etc. + # TODO: When custom host (api_endpoint) is set, `scopes` must *also* be set on the + # credentials object + maybe_url_match = re.match("^(?Phttp(?:s)?://)?(?P.*)$", host) + if maybe_url_match is None: + raise ValueError(f"Unexpected hostname structure: {host}") # pragma: NO COVER + + url_match_items = maybe_url_match.groupdict() + + host = f"{url_scheme}://{host}" if not url_match_items["scheme"] else host + + super().__init__( + host=host, + credentials=credentials, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience + ) + self._session = AuthorizedSession( + self._credentials, default_host=self.DEFAULT_HOST) + if client_cert_source_for_mtls: + self._session.configure_mtls_channel(client_cert_source_for_mtls) + self._interceptor = interceptor or SecretManagerServiceRestInterceptor() + self._prep_wrapped_messages(client_info) + + class _AccessSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("AccessSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.AccessSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> service.AccessSecretVersionResponse: + r"""Call the access secret version method over HTTP. + + Args: + request (~.service.AccessSecretVersionRequest): + The request object. Request message for + [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.service.AccessSecretVersionResponse: + Response message for + [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion]. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta1/{name=projects/*/secrets/*/versions/*}:access', + }, + ] + request, metadata = self._interceptor.pre_access_secret_version(request, metadata) + pb_request = service.AccessSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = service.AccessSecretVersionResponse() + pb_resp = service.AccessSecretVersionResponse.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_access_secret_version(resp) + return resp + + class _AddSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("AddSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.AddSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the add secret version method over HTTP. + + Args: + request (~.service.AddSecretVersionRequest): + The request object. Request message for + [SecretManagerService.AddSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AddSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta1/{parent=projects/*/secrets/*}:addVersion', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_add_secret_version(request, metadata) + pb_request = service.AddSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_add_secret_version(resp) + return resp + + class _CreateSecret(SecretManagerServiceRestStub): + def __hash__(self): + return hash("CreateSecret") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + "secretId" : "", } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.CreateSecretRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.Secret: + r"""Call the create secret method over HTTP. + + Args: + request (~.service.CreateSecretRequest): + The request object. Request message for + [SecretManagerService.CreateSecret][google.cloud.secrets.v1beta1.SecretManagerService.CreateSecret]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.Secret: + A [Secret][google.cloud.secrets.v1beta1.Secret] is a + logical secret whose value and versions can be accessed. + + A [Secret][google.cloud.secrets.v1beta1.Secret] is made + up of zero or more + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + that represent the secret data. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta1/{parent=projects/*}/secrets', + 'body': 'secret', + }, + ] + request, metadata = self._interceptor.pre_create_secret(request, metadata) + pb_request = service.CreateSecretRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.Secret() + pb_resp = resources.Secret.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_create_secret(resp) + return resp + + class _DeleteSecret(SecretManagerServiceRestStub): + def __hash__(self): + return hash("DeleteSecret") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.DeleteSecretRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ): + r"""Call the delete secret method over HTTP. + + Args: + request (~.service.DeleteSecretRequest): + The request object. Request message for + [SecretManagerService.DeleteSecret][google.cloud.secrets.v1beta1.SecretManagerService.DeleteSecret]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'delete', + 'uri': '/v1beta1/{name=projects/*/secrets/*}', + }, + ] + request, metadata = self._interceptor.pre_delete_secret(request, metadata) + pb_request = service.DeleteSecretRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + class _DestroySecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("DestroySecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.DestroySecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the destroy secret version method over HTTP. + + Args: + request (~.service.DestroySecretVersionRequest): + The request object. Request message for + [SecretManagerService.DestroySecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DestroySecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta1/{name=projects/*/secrets/*/versions/*}:destroy', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_destroy_secret_version(request, metadata) + pb_request = service.DestroySecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_destroy_secret_version(resp) + return resp + + class _DisableSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("DisableSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.DisableSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the disable secret version method over HTTP. + + Args: + request (~.service.DisableSecretVersionRequest): + The request object. Request message for + [SecretManagerService.DisableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DisableSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta1/{name=projects/*/secrets/*/versions/*}:disable', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_disable_secret_version(request, metadata) + pb_request = service.DisableSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_disable_secret_version(resp) + return resp + + class _EnableSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("EnableSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.EnableSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the enable secret version method over HTTP. + + Args: + request (~.service.EnableSecretVersionRequest): + The request object. Request message for + [SecretManagerService.EnableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.EnableSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta1/{name=projects/*/secrets/*/versions/*}:enable', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_enable_secret_version(request, metadata) + pb_request = service.EnableSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_enable_secret_version(resp) + return resp + + class _GetIamPolicy(SecretManagerServiceRestStub): + def __hash__(self): + return hash("GetIamPolicy") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: iam_policy_pb2.GetIamPolicyRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> policy_pb2.Policy: + r"""Call the get iam policy method over HTTP. + + Args: + request (~.iam_policy_pb2.GetIamPolicyRequest): + The request object. Request message for ``GetIamPolicy`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which + specifies access controls for Google Cloud resources. + + A ``Policy`` is a collection of ``bindings``. A + ``binding`` binds one or more ``members``, or + principals, to a single ``role``. Principals can be user + accounts, service accounts, Google groups, and domains + (such as G Suite). A ``role`` is a named list of + permissions; each ``role`` can be an IAM predefined role + or a user-created custom role. + + For some types of Google Cloud resources, a ``binding`` + can also specify a ``condition``, which is a logical + expression that allows access to a resource only if the + expression evaluates to ``true``. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the `IAM + documentation `__. + + **JSON example:** + + :: + + { + "bindings": [ + { + "role": "roles/resourcemanager.organizationAdmin", + "members": [ + "user:mike@example.com", + "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" + ] + }, + { + "role": "roles/resourcemanager.organizationViewer", + "members": [ + "user:eve@example.com" + ], + "condition": { + "title": "expirable access", + "description": "Does not grant access after Sep 2020", + "expression": "request.time < + timestamp('2020-10-01T00:00:00.000Z')", + } + } + ], + "etag": "BwWWja0YfJA=", + "version": 3 + } + + **YAML example:** + + :: + + bindings: + - members: + - user:mike@example.com + - group:admins@example.com + - domain:google.com + - serviceAccount:my-project-id@appspot.gserviceaccount.com + role: roles/resourcemanager.organizationAdmin + - members: + - user:eve@example.com + role: roles/resourcemanager.organizationViewer + condition: + title: expirable access + description: Does not grant access after Sep 2020 + expression: request.time < timestamp('2020-10-01T00:00:00.000Z') + etag: BwWWja0YfJA= + version: 3 + + For a description of IAM and its features, see the `IAM + documentation `__. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta1/{resource=projects/*/secrets/*}:getIamPolicy', + }, + ] + request, metadata = self._interceptor.pre_get_iam_policy(request, metadata) + pb_request = request + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = policy_pb2.Policy() + pb_resp = resp + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_get_iam_policy(resp) + return resp + + class _GetSecret(SecretManagerServiceRestStub): + def __hash__(self): + return hash("GetSecret") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.GetSecretRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.Secret: + r"""Call the get secret method over HTTP. + + Args: + request (~.service.GetSecretRequest): + The request object. Request message for + [SecretManagerService.GetSecret][google.cloud.secrets.v1beta1.SecretManagerService.GetSecret]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.Secret: + A [Secret][google.cloud.secrets.v1beta1.Secret] is a + logical secret whose value and versions can be accessed. + + A [Secret][google.cloud.secrets.v1beta1.Secret] is made + up of zero or more + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + that represent the secret data. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta1/{name=projects/*/secrets/*}', + }, + ] + request, metadata = self._interceptor.pre_get_secret(request, metadata) + pb_request = service.GetSecretRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.Secret() + pb_resp = resources.Secret.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_get_secret(resp) + return resp + + class _GetSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("GetSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.GetSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the get secret version method over HTTP. + + Args: + request (~.service.GetSecretVersionRequest): + The request object. Request message for + [SecretManagerService.GetSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.GetSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta1/{name=projects/*/secrets/*/versions/*}', + }, + ] + request, metadata = self._interceptor.pre_get_secret_version(request, metadata) + pb_request = service.GetSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_get_secret_version(resp) + return resp + + class _ListSecrets(SecretManagerServiceRestStub): + def __hash__(self): + return hash("ListSecrets") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.ListSecretsRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> service.ListSecretsResponse: + r"""Call the list secrets method over HTTP. + + Args: + request (~.service.ListSecretsRequest): + The request object. Request message for + [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.service.ListSecretsResponse: + Response message for + [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets]. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta1/{parent=projects/*}/secrets', + }, + ] + request, metadata = self._interceptor.pre_list_secrets(request, metadata) + pb_request = service.ListSecretsRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = service.ListSecretsResponse() + pb_resp = service.ListSecretsResponse.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_list_secrets(resp) + return resp + + class _ListSecretVersions(SecretManagerServiceRestStub): + def __hash__(self): + return hash("ListSecretVersions") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.ListSecretVersionsRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> service.ListSecretVersionsResponse: + r"""Call the list secret versions method over HTTP. + + Args: + request (~.service.ListSecretVersionsRequest): + The request object. Request message for + [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.service.ListSecretVersionsResponse: + Response message for + [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions]. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta1/{parent=projects/*/secrets/*}/versions', + }, + ] + request, metadata = self._interceptor.pre_list_secret_versions(request, metadata) + pb_request = service.ListSecretVersionsRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = service.ListSecretVersionsResponse() + pb_resp = service.ListSecretVersionsResponse.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_list_secret_versions(resp) + return resp + + class _SetIamPolicy(SecretManagerServiceRestStub): + def __hash__(self): + return hash("SetIamPolicy") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: iam_policy_pb2.SetIamPolicyRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> policy_pb2.Policy: + r"""Call the set iam policy method over HTTP. + + Args: + request (~.iam_policy_pb2.SetIamPolicyRequest): + The request object. Request message for ``SetIamPolicy`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which + specifies access controls for Google Cloud resources. + + A ``Policy`` is a collection of ``bindings``. A + ``binding`` binds one or more ``members``, or + principals, to a single ``role``. Principals can be user + accounts, service accounts, Google groups, and domains + (such as G Suite). A ``role`` is a named list of + permissions; each ``role`` can be an IAM predefined role + or a user-created custom role. + + For some types of Google Cloud resources, a ``binding`` + can also specify a ``condition``, which is a logical + expression that allows access to a resource only if the + expression evaluates to ``true``. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the `IAM + documentation `__. + + **JSON example:** + + :: + + { + "bindings": [ + { + "role": "roles/resourcemanager.organizationAdmin", + "members": [ + "user:mike@example.com", + "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" + ] + }, + { + "role": "roles/resourcemanager.organizationViewer", + "members": [ + "user:eve@example.com" + ], + "condition": { + "title": "expirable access", + "description": "Does not grant access after Sep 2020", + "expression": "request.time < + timestamp('2020-10-01T00:00:00.000Z')", + } + } + ], + "etag": "BwWWja0YfJA=", + "version": 3 + } + + **YAML example:** + + :: + + bindings: + - members: + - user:mike@example.com + - group:admins@example.com + - domain:google.com + - serviceAccount:my-project-id@appspot.gserviceaccount.com + role: roles/resourcemanager.organizationAdmin + - members: + - user:eve@example.com + role: roles/resourcemanager.organizationViewer + condition: + title: expirable access + description: Does not grant access after Sep 2020 + expression: request.time < timestamp('2020-10-01T00:00:00.000Z') + etag: BwWWja0YfJA= + version: 3 + + For a description of IAM and its features, see the `IAM + documentation `__. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta1/{resource=projects/*/secrets/*}:setIamPolicy', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_set_iam_policy(request, metadata) + pb_request = request + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = policy_pb2.Policy() + pb_resp = resp + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_set_iam_policy(resp) + return resp + + class _TestIamPermissions(SecretManagerServiceRestStub): + def __hash__(self): + return hash("TestIamPermissions") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: iam_policy_pb2.TestIamPermissionsRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> iam_policy_pb2.TestIamPermissionsResponse: + r"""Call the test iam permissions method over HTTP. + + Args: + request (~.iam_policy_pb2.TestIamPermissionsRequest): + The request object. Request message for ``TestIamPermissions`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.iam_policy_pb2.TestIamPermissionsResponse: + Response message for ``TestIamPermissions`` method. + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta1/{resource=projects/*/secrets/*}:testIamPermissions', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_test_iam_permissions(request, metadata) + pb_request = request + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = iam_policy_pb2.TestIamPermissionsResponse() + pb_resp = resp + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_test_iam_permissions(resp) + return resp + + class _UpdateSecret(SecretManagerServiceRestStub): + def __hash__(self): + return hash("UpdateSecret") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + "updateMask" : {}, } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.UpdateSecretRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.Secret: + r"""Call the update secret method over HTTP. + + Args: + request (~.service.UpdateSecretRequest): + The request object. Request message for + [SecretManagerService.UpdateSecret][google.cloud.secrets.v1beta1.SecretManagerService.UpdateSecret]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.Secret: + A [Secret][google.cloud.secrets.v1beta1.Secret] is a + logical secret whose value and versions can be accessed. + + A [Secret][google.cloud.secrets.v1beta1.Secret] is made + up of zero or more + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + that represent the secret data. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'patch', + 'uri': '/v1beta1/{secret.name=projects/*/secrets/*}', + 'body': 'secret', + }, + ] + request, metadata = self._interceptor.pre_update_secret(request, metadata) + pb_request = service.UpdateSecretRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.Secret() + pb_resp = resources.Secret.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_update_secret(resp) + return resp + + @property + def access_secret_version(self) -> Callable[ + [service.AccessSecretVersionRequest], + service.AccessSecretVersionResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._AccessSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def add_secret_version(self) -> Callable[ + [service.AddSecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._AddSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def create_secret(self) -> Callable[ + [service.CreateSecretRequest], + resources.Secret]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._CreateSecret(self._session, self._host, self._interceptor) # type: ignore + + @property + def delete_secret(self) -> Callable[ + [service.DeleteSecretRequest], + empty_pb2.Empty]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._DeleteSecret(self._session, self._host, self._interceptor) # type: ignore + + @property + def destroy_secret_version(self) -> Callable[ + [service.DestroySecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._DestroySecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def disable_secret_version(self) -> Callable[ + [service.DisableSecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._DisableSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def enable_secret_version(self) -> Callable[ + [service.EnableSecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._EnableSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def get_iam_policy(self) -> Callable[ + [iam_policy_pb2.GetIamPolicyRequest], + policy_pb2.Policy]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._GetIamPolicy(self._session, self._host, self._interceptor) # type: ignore + + @property + def get_secret(self) -> Callable[ + [service.GetSecretRequest], + resources.Secret]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._GetSecret(self._session, self._host, self._interceptor) # type: ignore + + @property + def get_secret_version(self) -> Callable[ + [service.GetSecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._GetSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def list_secrets(self) -> Callable[ + [service.ListSecretsRequest], + service.ListSecretsResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._ListSecrets(self._session, self._host, self._interceptor) # type: ignore + + @property + def list_secret_versions(self) -> Callable[ + [service.ListSecretVersionsRequest], + service.ListSecretVersionsResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._ListSecretVersions(self._session, self._host, self._interceptor) # type: ignore + + @property + def set_iam_policy(self) -> Callable[ + [iam_policy_pb2.SetIamPolicyRequest], + policy_pb2.Policy]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._SetIamPolicy(self._session, self._host, self._interceptor) # type: ignore + + @property + def test_iam_permissions(self) -> Callable[ + [iam_policy_pb2.TestIamPermissionsRequest], + iam_policy_pb2.TestIamPermissionsResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._TestIamPermissions(self._session, self._host, self._interceptor) # type: ignore + + @property + def update_secret(self) -> Callable[ + [service.UpdateSecretRequest], + resources.Secret]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._UpdateSecret(self._session, self._host, self._interceptor) # type: ignore + + @property + def kind(self) -> str: + return "rest" + + def close(self): + self._session.close() + + +__all__=( + 'SecretManagerServiceRestTransport', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/types/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/types/__init__.py new file mode 100644 index 000000000000..99ec760afe65 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/types/__init__.py @@ -0,0 +1,60 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .resources import ( + Replication, + Secret, + SecretPayload, + SecretVersion, +) +from .service import ( + AccessSecretVersionRequest, + AccessSecretVersionResponse, + AddSecretVersionRequest, + CreateSecretRequest, + DeleteSecretRequest, + DestroySecretVersionRequest, + DisableSecretVersionRequest, + EnableSecretVersionRequest, + GetSecretRequest, + GetSecretVersionRequest, + ListSecretsRequest, + ListSecretsResponse, + ListSecretVersionsRequest, + ListSecretVersionsResponse, + UpdateSecretRequest, +) + +__all__ = ( + 'Replication', + 'Secret', + 'SecretPayload', + 'SecretVersion', + 'AccessSecretVersionRequest', + 'AccessSecretVersionResponse', + 'AddSecretVersionRequest', + 'CreateSecretRequest', + 'DeleteSecretRequest', + 'DestroySecretVersionRequest', + 'DisableSecretVersionRequest', + 'EnableSecretVersionRequest', + 'GetSecretRequest', + 'GetSecretVersionRequest', + 'ListSecretsRequest', + 'ListSecretsResponse', + 'ListSecretVersionsRequest', + 'ListSecretVersionsResponse', + 'UpdateSecretRequest', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/types/resources.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/types/resources.py new file mode 100644 index 000000000000..fbb4708d6a88 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/types/resources.py @@ -0,0 +1,270 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from __future__ import annotations + +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.secrets.v1beta1', + manifest={ + 'Secret', + 'SecretVersion', + 'Replication', + 'SecretPayload', + }, +) + + +class Secret(proto.Message): + r"""A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret + whose value and versions can be accessed. + + A [Secret][google.cloud.secrets.v1beta1.Secret] is made up of zero + or more [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + that represent the secret data. + + Attributes: + name (str): + Output only. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret] in the format + ``projects/*/secrets/*``. + replication (google.cloud.secretmanager_v1beta1.types.Replication): + Required. Immutable. The replication policy of the secret + data attached to the + [Secret][google.cloud.secrets.v1beta1.Secret]. + + The replication policy cannot be changed after the Secret + has been created. + create_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. The time at which the + [Secret][google.cloud.secrets.v1beta1.Secret] was created. + labels (MutableMapping[str, str]): + The labels assigned to this Secret. + + Label keys must be between 1 and 63 characters long, have a + UTF-8 encoding of maximum 128 bytes, and must conform to the + following PCRE regular expression: + ``[\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}`` + + Label values must be between 0 and 63 characters long, have + a UTF-8 encoding of maximum 128 bytes, and must conform to + the following PCRE regular expression: + ``[\p{Ll}\p{Lo}\p{N}_-]{0,63}`` + + No more than 64 labels can be assigned to a given resource. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + replication: 'Replication' = proto.Field( + proto.MESSAGE, + number=2, + message='Replication', + ) + create_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=3, + message=timestamp_pb2.Timestamp, + ) + labels: MutableMapping[str, str] = proto.MapField( + proto.STRING, + proto.STRING, + number=4, + ) + + +class SecretVersion(proto.Message): + r"""A secret version resource in the Secret Manager API. + + Attributes: + name (str): + Output only. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*``. + + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + IDs in a [Secret][google.cloud.secrets.v1beta1.Secret] start + at 1 and are incremented for each subsequent version of the + secret. + create_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. The time at which the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + was created. + destroy_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. The time this + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + was destroyed. Only present if + [state][google.cloud.secrets.v1beta1.SecretVersion.state] is + [DESTROYED][google.cloud.secrets.v1beta1.SecretVersion.State.DESTROYED]. + state (google.cloud.secretmanager_v1beta1.types.SecretVersion.State): + Output only. The current state of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + """ + class State(proto.Enum): + r"""The state of a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion], + indicating if it can be accessed. + + Values: + STATE_UNSPECIFIED (0): + Not specified. This value is unused and + invalid. + ENABLED (1): + The + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + may be accessed. + DISABLED (2): + The + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + may not be accessed, but the secret data is still available + and can be placed back into the + [ENABLED][google.cloud.secrets.v1beta1.SecretVersion.State.ENABLED] + state. + DESTROYED (3): + The + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + is destroyed and the secret data is no longer stored. A + version may not leave this state once entered. + """ + STATE_UNSPECIFIED = 0 + ENABLED = 1 + DISABLED = 2 + DESTROYED = 3 + + name: str = proto.Field( + proto.STRING, + number=1, + ) + create_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=2, + message=timestamp_pb2.Timestamp, + ) + destroy_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=3, + message=timestamp_pb2.Timestamp, + ) + state: State = proto.Field( + proto.ENUM, + number=4, + enum=State, + ) + + +class Replication(proto.Message): + r"""A policy that defines the replication configuration of data. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + automatic (google.cloud.secretmanager_v1beta1.types.Replication.Automatic): + The [Secret][google.cloud.secrets.v1beta1.Secret] will + automatically be replicated without any restrictions. + + This field is a member of `oneof`_ ``replication``. + user_managed (google.cloud.secretmanager_v1beta1.types.Replication.UserManaged): + The [Secret][google.cloud.secrets.v1beta1.Secret] will only + be replicated into the locations specified. + + This field is a member of `oneof`_ ``replication``. + """ + + class Automatic(proto.Message): + r"""A replication policy that replicates the + [Secret][google.cloud.secrets.v1beta1.Secret] payload without any + restrictions. + + """ + + class UserManaged(proto.Message): + r"""A replication policy that replicates the + [Secret][google.cloud.secrets.v1beta1.Secret] payload into the + locations specified in [Secret.replication.user_managed.replicas][] + + Attributes: + replicas (MutableSequence[google.cloud.secretmanager_v1beta1.types.Replication.UserManaged.Replica]): + Required. The list of Replicas for this + [Secret][google.cloud.secrets.v1beta1.Secret]. + + Cannot be empty. + """ + + class Replica(proto.Message): + r"""Represents a Replica for this + [Secret][google.cloud.secrets.v1beta1.Secret]. + + Attributes: + location (str): + The canonical IDs of the location to replicate data. For + example: ``"us-east1"``. + """ + + location: str = proto.Field( + proto.STRING, + number=1, + ) + + replicas: MutableSequence['Replication.UserManaged.Replica'] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message='Replication.UserManaged.Replica', + ) + + automatic: Automatic = proto.Field( + proto.MESSAGE, + number=1, + oneof='replication', + message=Automatic, + ) + user_managed: UserManaged = proto.Field( + proto.MESSAGE, + number=2, + oneof='replication', + message=UserManaged, + ) + + +class SecretPayload(proto.Message): + r"""A secret payload resource in the Secret Manager API. This contains + the sensitive secret data that is associated with a + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + + Attributes: + data (bytes): + The secret data. Must be no larger than + 64KiB. + """ + + data: bytes = proto.Field( + proto.BYTES, + number=1, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/types/service.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/types/service.py new file mode 100644 index 000000000000..d72ae88161bc --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/google/cloud/secretmanager_v1beta1/types/service.py @@ -0,0 +1,428 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from __future__ import annotations + +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.cloud.secretmanager_v1beta1.types import resources +from google.protobuf import field_mask_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.secrets.v1beta1', + manifest={ + 'ListSecretsRequest', + 'ListSecretsResponse', + 'CreateSecretRequest', + 'AddSecretVersionRequest', + 'GetSecretRequest', + 'ListSecretVersionsRequest', + 'ListSecretVersionsResponse', + 'GetSecretVersionRequest', + 'UpdateSecretRequest', + 'AccessSecretVersionRequest', + 'AccessSecretVersionResponse', + 'DeleteSecretRequest', + 'DisableSecretVersionRequest', + 'EnableSecretVersionRequest', + 'DestroySecretVersionRequest', + }, +) + + +class ListSecretsRequest(proto.Message): + r"""Request message for + [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets]. + + Attributes: + parent (str): + Required. The resource name of the project associated with + the [Secrets][google.cloud.secrets.v1beta1.Secret], in the + format ``projects/*``. + page_size (int): + Optional. The maximum number of results to be + returned in a single page. If set to 0, the + server decides the number of results to return. + If the number is greater than 25000, it is + capped at 25000. + page_token (str): + Optional. Pagination token, returned earlier via + [ListSecretsResponse.next_page_token][google.cloud.secrets.v1beta1.ListSecretsResponse.next_page_token]. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + page_size: int = proto.Field( + proto.INT32, + number=2, + ) + page_token: str = proto.Field( + proto.STRING, + number=3, + ) + + +class ListSecretsResponse(proto.Message): + r"""Response message for + [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets]. + + Attributes: + secrets (MutableSequence[google.cloud.secretmanager_v1beta1.types.Secret]): + The list of [Secrets][google.cloud.secrets.v1beta1.Secret] + sorted in reverse by create_time (newest first). + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in + [ListSecretsRequest.page_token][google.cloud.secrets.v1beta1.ListSecretsRequest.page_token] + to retrieve the next page. + total_size (int): + The total number of + [Secrets][google.cloud.secrets.v1beta1.Secret]. + """ + + @property + def raw_page(self): + return self + + secrets: MutableSequence[resources.Secret] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.Secret, + ) + next_page_token: str = proto.Field( + proto.STRING, + number=2, + ) + total_size: int = proto.Field( + proto.INT32, + number=3, + ) + + +class CreateSecretRequest(proto.Message): + r"""Request message for + [SecretManagerService.CreateSecret][google.cloud.secrets.v1beta1.SecretManagerService.CreateSecret]. + + Attributes: + parent (str): + Required. The resource name of the project to associate with + the [Secret][google.cloud.secrets.v1beta1.Secret], in the + format ``projects/*``. + secret_id (str): + Required. This must be unique within the project. + + A secret ID is a string with a maximum length of 255 + characters and can contain uppercase and lowercase letters, + numerals, and the hyphen (``-``) and underscore (``_``) + characters. + secret (google.cloud.secretmanager_v1beta1.types.Secret): + Required. A [Secret][google.cloud.secrets.v1beta1.Secret] + with initial field values. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + secret_id: str = proto.Field( + proto.STRING, + number=2, + ) + secret: resources.Secret = proto.Field( + proto.MESSAGE, + number=3, + message=resources.Secret, + ) + + +class AddSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.AddSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AddSecretVersion]. + + Attributes: + parent (str): + Required. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret] to associate + with the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + in the format ``projects/*/secrets/*``. + payload (google.cloud.secretmanager_v1beta1.types.SecretPayload): + Required. The secret payload of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + payload: resources.SecretPayload = proto.Field( + proto.MESSAGE, + number=2, + message=resources.SecretPayload, + ) + + +class GetSecretRequest(proto.Message): + r"""Request message for + [SecretManagerService.GetSecret][google.cloud.secrets.v1beta1.SecretManagerService.GetSecret]. + + Attributes: + name (str): + Required. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret], in the format + ``projects/*/secrets/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class ListSecretVersionsRequest(proto.Message): + r"""Request message for + [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions]. + + Attributes: + parent (str): + Required. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret] associated + with the + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + to list, in the format ``projects/*/secrets/*``. + page_size (int): + Optional. The maximum number of results to be + returned in a single page. If set to 0, the + server decides the number of results to return. + If the number is greater than 25000, it is + capped at 25000. + page_token (str): + Optional. Pagination token, returned earlier via + ListSecretVersionsResponse.next_page_token][]. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + page_size: int = proto.Field( + proto.INT32, + number=2, + ) + page_token: str = proto.Field( + proto.STRING, + number=3, + ) + + +class ListSecretVersionsResponse(proto.Message): + r"""Response message for + [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions]. + + Attributes: + versions (MutableSequence[google.cloud.secretmanager_v1beta1.types.SecretVersion]): + The list of + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] + sorted in reverse by create_time (newest first). + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in + [ListSecretVersionsRequest.page_token][google.cloud.secrets.v1beta1.ListSecretVersionsRequest.page_token] + to retrieve the next page. + total_size (int): + The total number of + [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. + """ + + @property + def raw_page(self): + return self + + versions: MutableSequence[resources.SecretVersion] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.SecretVersion, + ) + next_page_token: str = proto.Field( + proto.STRING, + number=2, + ) + total_size: int = proto.Field( + proto.INT32, + number=3, + ) + + +class GetSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.GetSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.GetSecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*``. + ``projects/*/secrets/*/versions/latest`` is an alias to the + ``latest`` + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdateSecretRequest(proto.Message): + r"""Request message for + [SecretManagerService.UpdateSecret][google.cloud.secrets.v1beta1.SecretManagerService.UpdateSecret]. + + Attributes: + secret (google.cloud.secretmanager_v1beta1.types.Secret): + Required. [Secret][google.cloud.secrets.v1beta1.Secret] with + updated field values. + update_mask (google.protobuf.field_mask_pb2.FieldMask): + Required. Specifies the fields to be updated. + """ + + secret: resources.Secret = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Secret, + ) + update_mask: field_mask_pb2.FieldMask = proto.Field( + proto.MESSAGE, + number=2, + message=field_mask_pb2.FieldMask, + ) + + +class AccessSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class AccessSecretVersionResponse(proto.Message): + r"""Response message for + [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion]. + + Attributes: + name (str): + The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + in the format ``projects/*/secrets/*/versions/*``. + payload (google.cloud.secretmanager_v1beta1.types.SecretPayload): + Secret payload + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + payload: resources.SecretPayload = proto.Field( + proto.MESSAGE, + number=2, + message=resources.SecretPayload, + ) + + +class DeleteSecretRequest(proto.Message): + r"""Request message for + [SecretManagerService.DeleteSecret][google.cloud.secrets.v1beta1.SecretManagerService.DeleteSecret]. + + Attributes: + name (str): + Required. The resource name of the + [Secret][google.cloud.secrets.v1beta1.Secret] to delete in + the format ``projects/*/secrets/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class DisableSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.DisableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DisableSecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + to disable in the format + ``projects/*/secrets/*/versions/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class EnableSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.EnableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.EnableSecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + to enable in the format ``projects/*/secrets/*/versions/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class DestroySecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.DestroySecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DestroySecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] + to destroy in the format + ``projects/*/secrets/*/versions/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/mypy.ini b/owl-bot-staging/google-cloud-secret-manager/v1beta1/mypy.ini new file mode 100644 index 000000000000..574c5aed394b --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/mypy.ini @@ -0,0 +1,3 @@ +[mypy] +python_version = 3.7 +namespace_packages = True diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/noxfile.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/noxfile.py new file mode 100644 index 000000000000..576c5d2ea196 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/noxfile.py @@ -0,0 +1,253 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +import pathlib +import re +import shutil +import subprocess +import sys + + +import nox # type: ignore + +ALL_PYTHON = [ + "3.7", + "3.8", + "3.9", + "3.10", + "3.11", + "3.12" +] + +CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() + +LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" +PACKAGE_NAME = 'google-cloud-secretmanager' + +BLACK_VERSION = "black==22.3.0" +BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] +DEFAULT_PYTHON_VERSION = "3.12" + +nox.sessions = [ + "unit", + "cover", + "mypy", + "check_lower_bounds" + # exclude update_lower_bounds from default + "docs", + "blacken", + "lint", + "prerelease_deps", +] + +@nox.session(python=ALL_PYTHON) +def unit(session): + """Run the unit test suite.""" + + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + session.install('-e', '.') + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/secretmanager_v1beta1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + +@nox.session(python=ALL_PYTHON[-1]) +def prerelease_deps(session): + """Run the unit test suite against pre-release versions of dependencies.""" + + # Install test environment dependencies + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + + # Install the package without dependencies + session.install('-e', '.', '--no-deps') + + # We test the minimum dependency versions using the minimum Python + # version so the lowest python runtime that we test has a corresponding constraints + # file, located at `testing/constraints--.txt`, which contains all of the + # dependencies and extras. + with open( + CURRENT_DIRECTORY + / "testing" + / f"constraints-{ALL_PYTHON[0]}.txt", + encoding="utf-8", + ) as constraints_file: + constraints_text = constraints_file.read() + + # Ignore leading whitespace and comment lines. + constraints_deps = [ + match.group(1) + for match in re.finditer( + r"^\s*(\S+)(?===\S+)", constraints_text, flags=re.MULTILINE + ) + ] + + session.install(*constraints_deps) + + prerel_deps = [ + "googleapis-common-protos", + "google-api-core", + "google-auth", + "grpcio", + "grpcio-status", + "protobuf", + "proto-plus", + ] + + for dep in prerel_deps: + session.install("--pre", "--no-deps", "--upgrade", dep) + + # Remaining dependencies + other_deps = [ + "requests", + ] + session.install(*other_deps) + + # Print out prerelease package versions + + session.run("python", "-c", "import google.api_core; print(google.api_core.__version__)") + session.run("python", "-c", "import google.auth; print(google.auth.__version__)") + session.run("python", "-c", "import grpc; print(grpc.__version__)") + session.run( + "python", "-c", "import google.protobuf; print(google.protobuf.__version__)" + ) + session.run( + "python", "-c", "import proto; print(proto.__version__)" + ) + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/secretmanager_v1beta1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def cover(session): + """Run the final coverage report. + This outputs the coverage report aggregating coverage from the unit + test runs (not system test runs), and then erases coverage data. + """ + session.install("coverage", "pytest-cov") + session.run("coverage", "report", "--show-missing", "--fail-under=100") + + session.run("coverage", "erase") + + +@nox.session(python=ALL_PYTHON) +def mypy(session): + """Run the type checker.""" + session.install( + 'mypy', + 'types-requests', + 'types-protobuf' + ) + session.install('.') + session.run( + 'mypy', + '-p', + 'google', + ) + + +@nox.session +def update_lower_bounds(session): + """Update lower bounds in constraints.txt to match setup.py""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'update', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + + +@nox.session +def check_lower_bounds(session): + """Check lower bounds in setup.py are reflected in constraints file""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'check', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def docs(session): + """Build the docs for this library.""" + + session.install("-e", ".") + session.install("sphinx==7.0.1", "alabaster", "recommonmark") + + shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) + session.run( + "sphinx-build", + "-W", # warnings as errors + "-T", # show full traceback on exception + "-N", # no colors + "-b", + "html", + "-d", + os.path.join("docs", "_build", "doctrees", ""), + os.path.join("docs", ""), + os.path.join("docs", "_build", "html", ""), + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint(session): + """Run linters. + + Returns a failure if the linters find linting errors or sufficiently + serious code quality issues. + """ + session.install("flake8", BLACK_VERSION) + session.run( + "black", + "--check", + *BLACK_PATHS, + ) + session.run("flake8", "google", "tests", "samples") + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def blacken(session): + """Run black. Format code to uniform standard.""" + session.install(BLACK_VERSION) + session.run( + "black", + *BLACK_PATHS, + ) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_access_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_access_secret_version_async.py new file mode 100644 index 000000000000..23596fa1abd3 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_access_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for AccessSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_AccessSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +async def sample_access_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.AccessSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.access_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_AccessSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_access_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_access_secret_version_sync.py new file mode 100644 index 000000000000..7f3a9965fa41 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_access_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for AccessSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_AccessSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +def sample_access_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.AccessSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.access_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_AccessSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_add_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_add_secret_version_async.py new file mode 100644 index 000000000000..49ade0f1cb1f --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_add_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for AddSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_AddSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +async def sample_add_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.AddSecretVersionRequest( + parent="parent_value", + ) + + # Make the request + response = await client.add_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_AddSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_add_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_add_secret_version_sync.py new file mode 100644 index 000000000000..d97520cf6951 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_add_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for AddSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_AddSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +def sample_add_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.AddSecretVersionRequest( + parent="parent_value", + ) + + # Make the request + response = client.add_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_AddSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_create_secret_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_create_secret_async.py new file mode 100644 index 000000000000..219533ffa1b6 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_create_secret_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_CreateSecret_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +async def sample_create_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.CreateSecretRequest( + parent="parent_value", + secret_id="secret_id_value", + ) + + # Make the request + response = await client.create_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_CreateSecret_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_create_secret_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_create_secret_sync.py new file mode 100644 index 000000000000..a808cac01363 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_create_secret_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_CreateSecret_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +def sample_create_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.CreateSecretRequest( + parent="parent_value", + secret_id="secret_id_value", + ) + + # Make the request + response = client.create_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_CreateSecret_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_delete_secret_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_delete_secret_async.py new file mode 100644 index 000000000000..f6186f91cc1f --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_delete_secret_async.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_DeleteSecret_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +async def sample_delete_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.DeleteSecretRequest( + name="name_value", + ) + + # Make the request + await client.delete_secret(request=request) + + +# [END secretmanager_v1beta1_generated_SecretManagerService_DeleteSecret_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_delete_secret_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_delete_secret_sync.py new file mode 100644 index 000000000000..a51abb9adad8 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_delete_secret_sync.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_DeleteSecret_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +def sample_delete_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.DeleteSecretRequest( + name="name_value", + ) + + # Make the request + client.delete_secret(request=request) + + +# [END secretmanager_v1beta1_generated_SecretManagerService_DeleteSecret_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_destroy_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_destroy_secret_version_async.py new file mode 100644 index 000000000000..00e68a389965 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_destroy_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DestroySecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_DestroySecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +async def sample_destroy_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.DestroySecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.destroy_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_DestroySecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_destroy_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_destroy_secret_version_sync.py new file mode 100644 index 000000000000..b9c2c410715d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_destroy_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DestroySecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_DestroySecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +def sample_destroy_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.DestroySecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.destroy_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_DestroySecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_disable_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_disable_secret_version_async.py new file mode 100644 index 000000000000..ccc982000bef --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_disable_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DisableSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_DisableSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +async def sample_disable_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.DisableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.disable_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_DisableSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_disable_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_disable_secret_version_sync.py new file mode 100644 index 000000000000..f8e95f49f5e1 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_disable_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DisableSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_DisableSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +def sample_disable_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.DisableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.disable_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_DisableSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_enable_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_enable_secret_version_async.py new file mode 100644 index 000000000000..053dd1b5cf74 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_enable_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for EnableSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_EnableSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +async def sample_enable_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.EnableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.enable_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_EnableSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_enable_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_enable_secret_version_sync.py new file mode 100644 index 000000000000..ab928b0855ca --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_enable_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for EnableSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_EnableSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +def sample_enable_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.EnableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.enable_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_EnableSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_iam_policy_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_iam_policy_async.py new file mode 100644 index 000000000000..2e290da965dd --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_iam_policy_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetIamPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_GetIamPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +async def sample_get_iam_policy(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.GetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = await client.get_iam_policy(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_GetIamPolicy_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_iam_policy_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_iam_policy_sync.py new file mode 100644 index 000000000000..251c50c1c6af --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_iam_policy_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetIamPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_GetIamPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +def sample_get_iam_policy(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.GetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = client.get_iam_policy(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_GetIamPolicy_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_secret_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_secret_async.py new file mode 100644 index 000000000000..e89848b4e1e9 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_secret_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_GetSecret_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +async def sample_get_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.GetSecretRequest( + name="name_value", + ) + + # Make the request + response = await client.get_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_GetSecret_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_secret_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_secret_sync.py new file mode 100644 index 000000000000..69b2d9e7bef7 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_secret_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_GetSecret_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +def sample_get_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.GetSecretRequest( + name="name_value", + ) + + # Make the request + response = client.get_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_GetSecret_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_secret_version_async.py new file mode 100644 index 000000000000..538db4097e6a --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_GetSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +async def sample_get_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.GetSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.get_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_GetSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_secret_version_sync.py new file mode 100644 index 000000000000..2244fe49a19e --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_get_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_GetSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +def sample_get_secret_version(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.GetSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.get_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_GetSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_list_secret_versions_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_list_secret_versions_async.py new file mode 100644 index 000000000000..950e90e1b44b --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_list_secret_versions_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListSecretVersions +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_ListSecretVersions_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +async def sample_list_secret_versions(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.ListSecretVersionsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secret_versions(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_ListSecretVersions_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_list_secret_versions_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_list_secret_versions_sync.py new file mode 100644 index 000000000000..6e1c1d90b291 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_list_secret_versions_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListSecretVersions +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_ListSecretVersions_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +def sample_list_secret_versions(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.ListSecretVersionsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secret_versions(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_ListSecretVersions_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_list_secrets_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_list_secrets_async.py new file mode 100644 index 000000000000..67861a490f78 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_list_secrets_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListSecrets +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_ListSecrets_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +async def sample_list_secrets(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.ListSecretsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secrets(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_ListSecrets_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_list_secrets_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_list_secrets_sync.py new file mode 100644 index 000000000000..63501ff58b43 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_list_secrets_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListSecrets +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_ListSecrets_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +def sample_list_secrets(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.ListSecretsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secrets(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_ListSecrets_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_set_iam_policy_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_set_iam_policy_async.py new file mode 100644 index 000000000000..e40ce313f6c3 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_set_iam_policy_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for SetIamPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_SetIamPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +async def sample_set_iam_policy(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.SetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = await client.set_iam_policy(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_SetIamPolicy_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_set_iam_policy_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_set_iam_policy_sync.py new file mode 100644 index 000000000000..ffe9cc07cf43 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_set_iam_policy_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for SetIamPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_SetIamPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +def sample_set_iam_policy(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.SetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = client.set_iam_policy(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_SetIamPolicy_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_test_iam_permissions_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_test_iam_permissions_async.py new file mode 100644 index 000000000000..2c4c92777ae4 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_test_iam_permissions_async.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for TestIamPermissions +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_TestIamPermissions_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +async def sample_test_iam_permissions(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.TestIamPermissionsRequest( + resource="resource_value", + permissions=['permissions_value1', 'permissions_value2'], + ) + + # Make the request + response = await client.test_iam_permissions(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_TestIamPermissions_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_test_iam_permissions_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_test_iam_permissions_sync.py new file mode 100644 index 000000000000..7f4890478f83 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_test_iam_permissions_sync.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for TestIamPermissions +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_TestIamPermissions_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +def sample_test_iam_permissions(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.TestIamPermissionsRequest( + resource="resource_value", + permissions=['permissions_value1', 'permissions_value2'], + ) + + # Make the request + response = client.test_iam_permissions(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_TestIamPermissions_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_update_secret_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_update_secret_async.py new file mode 100644 index 000000000000..73e5ad78fb25 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_update_secret_async.py @@ -0,0 +1,51 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_UpdateSecret_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +async def sample_update_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.UpdateSecretRequest( + ) + + # Make the request + response = await client.update_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_UpdateSecret_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_update_secret_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_update_secret_sync.py new file mode 100644 index 000000000000..e842e691ee94 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/secretmanager_v1beta1_generated_secret_manager_service_update_secret_sync.py @@ -0,0 +1,51 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta1_generated_SecretManagerService_UpdateSecret_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta1 + + +def sample_update_secret(): + # Create a client + client = secretmanager_v1beta1.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta1.UpdateSecretRequest( + ) + + # Make the request + response = client.update_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta1_generated_SecretManagerService_UpdateSecret_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.secrets.v1beta1.json b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.secrets.v1beta1.json new file mode 100644 index 000000000000..52f1d4e38bcf --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.secrets.v1beta1.json @@ -0,0 +1,2432 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.secrets.v1beta1", + "version": "v1beta1" + } + ], + "language": "PYTHON", + "name": "google-cloud-secretmanager", + "version": "0.1.0" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.access_secret_version", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "AccessSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.AccessSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.AccessSecretVersionResponse", + "shortName": "access_secret_version" + }, + "description": "Sample for AccessSecretVersion", + "file": "secretmanager_v1beta1_generated_secret_manager_service_access_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_AccessSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_access_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.access_secret_version", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "AccessSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.AccessSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.AccessSecretVersionResponse", + "shortName": "access_secret_version" + }, + "description": "Sample for AccessSecretVersion", + "file": "secretmanager_v1beta1_generated_secret_manager_service_access_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_AccessSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_access_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.add_secret_version", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.AddSecretVersion", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "AddSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.AddSecretVersionRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "payload", + "type": "google.cloud.secretmanager_v1beta1.types.SecretPayload" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.SecretVersion", + "shortName": "add_secret_version" + }, + "description": "Sample for AddSecretVersion", + "file": "secretmanager_v1beta1_generated_secret_manager_service_add_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_AddSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_add_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.add_secret_version", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.AddSecretVersion", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "AddSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.AddSecretVersionRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "payload", + "type": "google.cloud.secretmanager_v1beta1.types.SecretPayload" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.SecretVersion", + "shortName": "add_secret_version" + }, + "description": "Sample for AddSecretVersion", + "file": "secretmanager_v1beta1_generated_secret_manager_service_add_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_AddSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_add_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.create_secret", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.CreateSecret", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "CreateSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.CreateSecretRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "secret_id", + "type": "str" + }, + { + "name": "secret", + "type": "google.cloud.secretmanager_v1beta1.types.Secret" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.Secret", + "shortName": "create_secret" + }, + "description": "Sample for CreateSecret", + "file": "secretmanager_v1beta1_generated_secret_manager_service_create_secret_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_CreateSecret_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_create_secret_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.create_secret", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.CreateSecret", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "CreateSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.CreateSecretRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "secret_id", + "type": "str" + }, + { + "name": "secret", + "type": "google.cloud.secretmanager_v1beta1.types.Secret" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.Secret", + "shortName": "create_secret" + }, + "description": "Sample for CreateSecret", + "file": "secretmanager_v1beta1_generated_secret_manager_service_create_secret_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_CreateSecret_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_create_secret_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.delete_secret", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.DeleteSecret", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DeleteSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.DeleteSecretRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_secret" + }, + "description": "Sample for DeleteSecret", + "file": "secretmanager_v1beta1_generated_secret_manager_service_delete_secret_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_DeleteSecret_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_delete_secret_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.delete_secret", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.DeleteSecret", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DeleteSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.DeleteSecretRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_secret" + }, + "description": "Sample for DeleteSecret", + "file": "secretmanager_v1beta1_generated_secret_manager_service_delete_secret_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_DeleteSecret_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_delete_secret_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.destroy_secret_version", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.DestroySecretVersion", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DestroySecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.DestroySecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.SecretVersion", + "shortName": "destroy_secret_version" + }, + "description": "Sample for DestroySecretVersion", + "file": "secretmanager_v1beta1_generated_secret_manager_service_destroy_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_DestroySecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_destroy_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.destroy_secret_version", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.DestroySecretVersion", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DestroySecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.DestroySecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.SecretVersion", + "shortName": "destroy_secret_version" + }, + "description": "Sample for DestroySecretVersion", + "file": "secretmanager_v1beta1_generated_secret_manager_service_destroy_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_DestroySecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_destroy_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.disable_secret_version", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.DisableSecretVersion", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DisableSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.DisableSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.SecretVersion", + "shortName": "disable_secret_version" + }, + "description": "Sample for DisableSecretVersion", + "file": "secretmanager_v1beta1_generated_secret_manager_service_disable_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_DisableSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_disable_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.disable_secret_version", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.DisableSecretVersion", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DisableSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.DisableSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.SecretVersion", + "shortName": "disable_secret_version" + }, + "description": "Sample for DisableSecretVersion", + "file": "secretmanager_v1beta1_generated_secret_manager_service_disable_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_DisableSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_disable_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.enable_secret_version", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.EnableSecretVersion", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "EnableSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.EnableSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.SecretVersion", + "shortName": "enable_secret_version" + }, + "description": "Sample for EnableSecretVersion", + "file": "secretmanager_v1beta1_generated_secret_manager_service_enable_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_EnableSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_enable_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.enable_secret_version", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.EnableSecretVersion", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "EnableSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.EnableSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.SecretVersion", + "shortName": "enable_secret_version" + }, + "description": "Sample for EnableSecretVersion", + "file": "secretmanager_v1beta1_generated_secret_manager_service_enable_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_EnableSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_enable_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.get_iam_policy", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.GetIamPolicy", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetIamPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.GetIamPolicyRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.policy_pb2.Policy", + "shortName": "get_iam_policy" + }, + "description": "Sample for GetIamPolicy", + "file": "secretmanager_v1beta1_generated_secret_manager_service_get_iam_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_GetIamPolicy_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_get_iam_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.get_iam_policy", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.GetIamPolicy", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetIamPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.GetIamPolicyRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.policy_pb2.Policy", + "shortName": "get_iam_policy" + }, + "description": "Sample for GetIamPolicy", + "file": "secretmanager_v1beta1_generated_secret_manager_service_get_iam_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_GetIamPolicy_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_get_iam_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.get_secret_version", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.GetSecretVersion", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.GetSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.SecretVersion", + "shortName": "get_secret_version" + }, + "description": "Sample for GetSecretVersion", + "file": "secretmanager_v1beta1_generated_secret_manager_service_get_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_GetSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_get_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.get_secret_version", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.GetSecretVersion", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.GetSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.SecretVersion", + "shortName": "get_secret_version" + }, + "description": "Sample for GetSecretVersion", + "file": "secretmanager_v1beta1_generated_secret_manager_service_get_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_GetSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_get_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.get_secret", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.GetSecret", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.GetSecretRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.Secret", + "shortName": "get_secret" + }, + "description": "Sample for GetSecret", + "file": "secretmanager_v1beta1_generated_secret_manager_service_get_secret_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_GetSecret_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_get_secret_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.get_secret", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.GetSecret", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.GetSecretRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.Secret", + "shortName": "get_secret" + }, + "description": "Sample for GetSecret", + "file": "secretmanager_v1beta1_generated_secret_manager_service_get_secret_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_GetSecret_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_get_secret_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.list_secret_versions", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "ListSecretVersions" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.ListSecretVersionsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretVersionsAsyncPager", + "shortName": "list_secret_versions" + }, + "description": "Sample for ListSecretVersions", + "file": "secretmanager_v1beta1_generated_secret_manager_service_list_secret_versions_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_ListSecretVersions_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_list_secret_versions_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.list_secret_versions", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "ListSecretVersions" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.ListSecretVersionsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretVersionsPager", + "shortName": "list_secret_versions" + }, + "description": "Sample for ListSecretVersions", + "file": "secretmanager_v1beta1_generated_secret_manager_service_list_secret_versions_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_ListSecretVersions_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_list_secret_versions_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.list_secrets", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "ListSecrets" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.ListSecretsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretsAsyncPager", + "shortName": "list_secrets" + }, + "description": "Sample for ListSecrets", + "file": "secretmanager_v1beta1_generated_secret_manager_service_list_secrets_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_ListSecrets_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_list_secrets_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.list_secrets", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "ListSecrets" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.ListSecretsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretsPager", + "shortName": "list_secrets" + }, + "description": "Sample for ListSecrets", + "file": "secretmanager_v1beta1_generated_secret_manager_service_list_secrets_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_ListSecrets_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_list_secrets_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.set_iam_policy", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.SetIamPolicy", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "SetIamPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.SetIamPolicyRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.policy_pb2.Policy", + "shortName": "set_iam_policy" + }, + "description": "Sample for SetIamPolicy", + "file": "secretmanager_v1beta1_generated_secret_manager_service_set_iam_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_SetIamPolicy_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_set_iam_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.set_iam_policy", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.SetIamPolicy", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "SetIamPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.SetIamPolicyRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.policy_pb2.Policy", + "shortName": "set_iam_policy" + }, + "description": "Sample for SetIamPolicy", + "file": "secretmanager_v1beta1_generated_secret_manager_service_set_iam_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_SetIamPolicy_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_set_iam_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.test_iam_permissions", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.TestIamPermissions", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "TestIamPermissions" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse", + "shortName": "test_iam_permissions" + }, + "description": "Sample for TestIamPermissions", + "file": "secretmanager_v1beta1_generated_secret_manager_service_test_iam_permissions_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_TestIamPermissions_async", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_test_iam_permissions_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.test_iam_permissions", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.TestIamPermissions", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "TestIamPermissions" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse", + "shortName": "test_iam_permissions" + }, + "description": "Sample for TestIamPermissions", + "file": "secretmanager_v1beta1_generated_secret_manager_service_test_iam_permissions_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_TestIamPermissions_sync", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_test_iam_permissions_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceAsyncClient.update_secret", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.UpdateSecret", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "UpdateSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.UpdateSecretRequest" + }, + { + "name": "secret", + "type": "google.cloud.secretmanager_v1beta1.types.Secret" + }, + { + "name": "update_mask", + "type": "google.protobuf.field_mask_pb2.FieldMask" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.Secret", + "shortName": "update_secret" + }, + "description": "Sample for UpdateSecret", + "file": "secretmanager_v1beta1_generated_secret_manager_service_update_secret_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_UpdateSecret_async", + "segments": [ + { + "end": 50, + "start": 27, + "type": "FULL" + }, + { + "end": 50, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 44, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 47, + "start": 45, + "type": "REQUEST_EXECUTION" + }, + { + "end": 51, + "start": 48, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_update_secret_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta1.SecretManagerServiceClient.update_secret", + "method": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService.UpdateSecret", + "service": { + "fullName": "google.cloud.secrets.v1beta1.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "UpdateSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta1.types.UpdateSecretRequest" + }, + { + "name": "secret", + "type": "google.cloud.secretmanager_v1beta1.types.Secret" + }, + { + "name": "update_mask", + "type": "google.protobuf.field_mask_pb2.FieldMask" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta1.types.Secret", + "shortName": "update_secret" + }, + "description": "Sample for UpdateSecret", + "file": "secretmanager_v1beta1_generated_secret_manager_service_update_secret_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta1_generated_SecretManagerService_UpdateSecret_sync", + "segments": [ + { + "end": 50, + "start": 27, + "type": "FULL" + }, + { + "end": 50, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 44, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 47, + "start": 45, + "type": "REQUEST_EXECUTION" + }, + { + "end": 51, + "start": 48, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta1_generated_secret_manager_service_update_secret_sync.py" + } + ] +} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/scripts/fixup_secretmanager_v1beta1_keywords.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/scripts/fixup_secretmanager_v1beta1_keywords.py new file mode 100644 index 000000000000..26486f4c81f6 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/scripts/fixup_secretmanager_v1beta1_keywords.py @@ -0,0 +1,190 @@ +#! /usr/bin/env python3 +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import argparse +import os +import libcst as cst +import pathlib +import sys +from typing import (Any, Callable, Dict, List, Sequence, Tuple) + + +def partition( + predicate: Callable[[Any], bool], + iterator: Sequence[Any] +) -> Tuple[List[Any], List[Any]]: + """A stable, out-of-place partition.""" + results = ([], []) + + for i in iterator: + results[int(predicate(i))].append(i) + + # Returns trueList, falseList + return results[1], results[0] + + +class secretmanagerCallTransformer(cst.CSTTransformer): + CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') + METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { + 'access_secret_version': ('name', ), + 'add_secret_version': ('parent', 'payload', ), + 'create_secret': ('parent', 'secret_id', 'secret', ), + 'delete_secret': ('name', ), + 'destroy_secret_version': ('name', ), + 'disable_secret_version': ('name', ), + 'enable_secret_version': ('name', ), + 'get_iam_policy': ('resource', 'options', ), + 'get_secret': ('name', ), + 'get_secret_version': ('name', ), + 'list_secrets': ('parent', 'page_size', 'page_token', ), + 'list_secret_versions': ('parent', 'page_size', 'page_token', ), + 'set_iam_policy': ('resource', 'policy', 'update_mask', ), + 'test_iam_permissions': ('resource', 'permissions', ), + 'update_secret': ('secret', 'update_mask', ), + } + + def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: + try: + key = original.func.attr.value + kword_params = self.METHOD_TO_PARAMS[key] + except (AttributeError, KeyError): + # Either not a method from the API or too convoluted to be sure. + return updated + + # If the existing code is valid, keyword args come after positional args. + # Therefore, all positional args must map to the first parameters. + args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) + if any(k.keyword.value == "request" for k in kwargs): + # We've already fixed this file, don't fix it again. + return updated + + kwargs, ctrl_kwargs = partition( + lambda a: a.keyword.value not in self.CTRL_PARAMS, + kwargs + ) + + args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] + ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) + for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) + + request_arg = cst.Arg( + value=cst.Dict([ + cst.DictElement( + cst.SimpleString("'{}'".format(name)), +cst.Element(value=arg.value) + ) + # Note: the args + kwargs looks silly, but keep in mind that + # the control parameters had to be stripped out, and that + # those could have been passed positionally or by keyword. + for name, arg in zip(kword_params, args + kwargs)]), + keyword=cst.Name("request") + ) + + return updated.with_changes( + args=[request_arg] + ctrl_kwargs + ) + + +def fix_files( + in_dir: pathlib.Path, + out_dir: pathlib.Path, + *, + transformer=secretmanagerCallTransformer(), +): + """Duplicate the input dir to the output dir, fixing file method calls. + + Preconditions: + * in_dir is a real directory + * out_dir is a real, empty directory + """ + pyfile_gen = ( + pathlib.Path(os.path.join(root, f)) + for root, _, files in os.walk(in_dir) + for f in files if os.path.splitext(f)[1] == ".py" + ) + + for fpath in pyfile_gen: + with open(fpath, 'r') as f: + src = f.read() + + # Parse the code and insert method call fixes. + tree = cst.parse_module(src) + updated = tree.visit(transformer) + + # Create the path and directory structure for the new file. + updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) + updated_path.parent.mkdir(parents=True, exist_ok=True) + + # Generate the updated source file at the corresponding path. + with open(updated_path, 'w') as f: + f.write(updated.code) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description="""Fix up source that uses the secretmanager client library. + +The existing sources are NOT overwritten but are copied to output_dir with changes made. + +Note: This tool operates at a best-effort level at converting positional + parameters in client method calls to keyword based parameters. + Cases where it WILL FAIL include + A) * or ** expansion in a method call. + B) Calls via function or method alias (includes free function calls) + C) Indirect or dispatched calls (e.g. the method is looked up dynamically) + + These all constitute false negatives. The tool will also detect false + positives when an API method shares a name with another method. +""") + parser.add_argument( + '-d', + '--input-directory', + required=True, + dest='input_dir', + help='the input directory to walk for python files to fix up', + ) + parser.add_argument( + '-o', + '--output-directory', + required=True, + dest='output_dir', + help='the directory to output files fixed via un-flattening', + ) + args = parser.parse_args() + input_dir = pathlib.Path(args.input_dir) + output_dir = pathlib.Path(args.output_dir) + if not input_dir.is_dir(): + print( + f"input directory '{input_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if not output_dir.is_dir(): + print( + f"output directory '{output_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if os.listdir(output_dir): + print( + f"output directory '{output_dir}' is not empty", + file=sys.stderr, + ) + sys.exit(-1) + + fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/setup.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/setup.py new file mode 100644 index 000000000000..6f92e038d3dd --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/setup.py @@ -0,0 +1,94 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import io +import os +import re + +import setuptools # type: ignore + +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = 'google-cloud-secretmanager' + + +description = "Google Cloud Secretmanager API client library" + +version = None + +with open(os.path.join(package_root, 'google/cloud/secretmanager/gapic_version.py')) as fp: + version_candidates = re.findall(r"(?<=\")\d+.\d+.\d+(?=\")", fp.read()) + assert (len(version_candidates) == 1) + version = version_candidates[0] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.34.1, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*,!=2.8.*,!=2.9.*,!=2.10.*", + # Exclude incompatible versions of `google-auth` + # See https://github.com/googleapis/google-cloud-python/issues/12364 + "google-auth >= 2.14.1, <3.0.0dev,!=2.24.0,!=2.25.0", + "proto-plus >= 1.22.3, <2.0.0dev", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", + "grpc-google-iam-v1 >= 0.12.4, <1.0.0dev", +] +url = "https://github.com/googleapis/google-cloud-python/tree/main/packages/google-cloud-secretmanager" + +package_root = os.path.abspath(os.path.dirname(__file__)) + +readme_filename = os.path.join(package_root, "README.rst") +with io.open(readme_filename, encoding="utf-8") as readme_file: + readme = readme_file.read() + +packages = [ + package + for package in setuptools.find_namespace_packages() + if package.startswith("google") +] + +setuptools.setup( + name=name, + version=version, + description=description, + long_description=readme, + author="Google LLC", + author_email="googleapis-packages@google.com", + license="Apache 2.0", + url=url, + classifiers=[ + release_status, + "Intended Audience :: Developers", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Operating System :: OS Independent", + "Topic :: Internet", + ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + install_requires=dependencies, + include_package_data=True, + zip_safe=False, +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.10.txt b/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.10.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.10.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.11.txt b/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.11.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.11.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.12.txt b/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.12.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.12.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.7.txt b/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.7.txt new file mode 100644 index 000000000000..4cd2782277d4 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.7.txt @@ -0,0 +1,11 @@ +# This constraints file is used to check that lower bounds +# are correct in setup.py +# List all library dependencies and extras in this file. +# Pin the version to the lower bound. +# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", +# Then this file should have google-cloud-foo==1.14.0 +google-api-core==1.34.1 +google-auth==2.14.1 +proto-plus==1.22.3 +protobuf==3.19.5 +grpc-google-iam-v1==0.12.4 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.8.txt b/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.8.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.8.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.9.txt b/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.9.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/testing/constraints-3.9.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/__init__.py new file mode 100644 index 000000000000..7b3de3117f38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/unit/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/unit/__init__.py new file mode 100644 index 000000000000..7b3de3117f38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/unit/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/unit/gapic/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/unit/gapic/__init__.py new file mode 100644 index 000000000000..7b3de3117f38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/unit/gapic/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/unit/gapic/secretmanager_v1beta1/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/unit/gapic/secretmanager_v1beta1/__init__.py new file mode 100644 index 000000000000..7b3de3117f38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/unit/gapic/secretmanager_v1beta1/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/unit/gapic/secretmanager_v1beta1/test_secret_manager_service.py b/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/unit/gapic/secretmanager_v1beta1/test_secret_manager_service.py new file mode 100644 index 000000000000..f47e1bed0438 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta1/tests/unit/gapic/secretmanager_v1beta1/test_secret_manager_service.py @@ -0,0 +1,9665 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +from collections.abc import Iterable +from google.protobuf import json_format +import json +import math +import pytest +from google.api_core import api_core_version +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers +from requests import Response +from requests import Request, PreparedRequest +from requests.sessions import Session +from google.protobuf import json_format + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.secretmanager_v1beta1.services.secret_manager_service import SecretManagerServiceAsyncClient +from google.cloud.secretmanager_v1beta1.services.secret_manager_service import SecretManagerServiceClient +from google.cloud.secretmanager_v1beta1.services.secret_manager_service import pagers +from google.cloud.secretmanager_v1beta1.services.secret_manager_service import transports +from google.cloud.secretmanager_v1beta1.types import resources +from google.cloud.secretmanager_v1beta1.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import options_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.oauth2 import service_account +from google.protobuf import field_mask_pb2 # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore +from google.type import expr_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + +# If default endpoint template is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint template so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint_template(client): + return "test.{UNIVERSE_DOMAIN}" if ("localhost" in client._DEFAULT_ENDPOINT_TEMPLATE) else client._DEFAULT_ENDPOINT_TEMPLATE + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert SecretManagerServiceClient._get_default_mtls_endpoint(None) is None + assert SecretManagerServiceClient._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert SecretManagerServiceClient._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert SecretManagerServiceClient._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert SecretManagerServiceClient._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert SecretManagerServiceClient._get_default_mtls_endpoint(non_googleapi) == non_googleapi + +def test__read_environment_variables(): + assert SecretManagerServiceClient._read_environment_variables() == (False, "auto", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + assert SecretManagerServiceClient._read_environment_variables() == (True, "auto", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "auto", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError) as excinfo: + SecretManagerServiceClient._read_environment_variables() + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`" + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "never", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "always", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "auto", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError) as excinfo: + SecretManagerServiceClient._read_environment_variables() + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`" + + with mock.patch.dict(os.environ, {"GOOGLE_CLOUD_UNIVERSE_DOMAIN": "foo.com"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "auto", "foo.com") + +def test__get_client_cert_source(): + mock_provided_cert_source = mock.Mock() + mock_default_cert_source = mock.Mock() + + assert SecretManagerServiceClient._get_client_cert_source(None, False) is None + assert SecretManagerServiceClient._get_client_cert_source(mock_provided_cert_source, False) is None + assert SecretManagerServiceClient._get_client_cert_source(mock_provided_cert_source, True) == mock_provided_cert_source + + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_default_cert_source): + assert SecretManagerServiceClient._get_client_cert_source(None, True) is mock_default_cert_source + assert SecretManagerServiceClient._get_client_cert_source(mock_provided_cert_source, "true") is mock_provided_cert_source + +@mock.patch.object(SecretManagerServiceClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceAsyncClient)) +def test__get_api_endpoint(): + api_override = "foo.com" + mock_client_cert_source = mock.Mock() + default_universe = SecretManagerServiceClient._DEFAULT_UNIVERSE + default_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=default_universe) + mock_universe = "bar.com" + mock_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=mock_universe) + + assert SecretManagerServiceClient._get_api_endpoint(api_override, mock_client_cert_source, default_universe, "always") == api_override + assert SecretManagerServiceClient._get_api_endpoint(None, mock_client_cert_source, default_universe, "auto") == SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + assert SecretManagerServiceClient._get_api_endpoint(None, None, default_universe, "auto") == default_endpoint + assert SecretManagerServiceClient._get_api_endpoint(None, None, default_universe, "always") == SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + assert SecretManagerServiceClient._get_api_endpoint(None, mock_client_cert_source, default_universe, "always") == SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + assert SecretManagerServiceClient._get_api_endpoint(None, None, mock_universe, "never") == mock_endpoint + assert SecretManagerServiceClient._get_api_endpoint(None, None, default_universe, "never") == default_endpoint + + with pytest.raises(MutualTLSChannelError) as excinfo: + SecretManagerServiceClient._get_api_endpoint(None, mock_client_cert_source, mock_universe, "auto") + assert str(excinfo.value) == "mTLS is not supported in any universe other than googleapis.com." + +def test__get_universe_domain(): + client_universe_domain = "foo.com" + universe_domain_env = "bar.com" + + assert SecretManagerServiceClient._get_universe_domain(client_universe_domain, universe_domain_env) == client_universe_domain + assert SecretManagerServiceClient._get_universe_domain(None, universe_domain_env) == universe_domain_env + assert SecretManagerServiceClient._get_universe_domain(None, None) == SecretManagerServiceClient._DEFAULT_UNIVERSE + + with pytest.raises(ValueError) as excinfo: + SecretManagerServiceClient._get_universe_domain("", None) + assert str(excinfo.value) == "Universe Domain cannot be an empty string." + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest"), +]) +def test__validate_universe_domain(client_class, transport_class, transport_name): + client = client_class( + transport=transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + ) + assert client._validate_universe_domain() == True + + # Test the case when universe is already validated. + assert client._validate_universe_domain() == True + + if transport_name == "grpc": + # Test the case where credentials are provided by the + # `local_channel_credentials`. The default universes in both match. + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + client = client_class(transport=transport_class(channel=channel)) + assert client._validate_universe_domain() == True + + # Test the case where credentials do not exist: e.g. a transport is provided + # with no credentials. Validation should still succeed because there is no + # mismatch with non-existent credentials. + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + transport=transport_class(channel=channel) + transport._credentials = None + client = client_class(transport=transport) + assert client._validate_universe_domain() == True + + # TODO: This is needed to cater for older versions of google-auth + # Make this test unconditional once the minimum supported version of + # google-auth becomes 2.23.0 or higher. + google_auth_major, google_auth_minor = [int(part) for part in google.auth.__version__.split(".")[0:2]] + if google_auth_major > 2 or (google_auth_major == 2 and google_auth_minor >= 23): + credentials = ga_credentials.AnonymousCredentials() + credentials._universe_domain = "foo.com" + # Test the case when there is a universe mismatch from the credentials. + client = client_class( + transport=transport_class(credentials=credentials) + ) + with pytest.raises(ValueError) as excinfo: + client._validate_universe_domain() + assert str(excinfo.value) == "The configured universe domain (googleapis.com) does not match the universe domain found in the credentials (foo.com). If you haven't configured the universe domain explicitly, `googleapis.com` is the default." + + # Test the case when there is a universe mismatch from the client. + # + # TODO: Make this test unconditional once the minimum supported version of + # google-api-core becomes 2.15.0 or higher. + api_core_major, api_core_minor = [int(part) for part in api_core_version.__version__.split(".")[0:2]] + if api_core_major > 2 or (api_core_major == 2 and api_core_minor >= 15): + client = client_class(client_options={"universe_domain": "bar.com"}, transport=transport_class(credentials=ga_credentials.AnonymousCredentials(),)) + with pytest.raises(ValueError) as excinfo: + client._validate_universe_domain() + assert str(excinfo.value) == "The configured universe domain (bar.com) does not match the universe domain found in the credentials (googleapis.com). If you haven't configured the universe domain explicitly, `googleapis.com` is the default." + + # Test that ValueError is raised if universe_domain is provided via client options and credentials is None + with pytest.raises(ValueError): + client._compare_universes("foo.bar", None) + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SecretManagerServiceClient, "grpc"), + (SecretManagerServiceAsyncClient, "grpc_asyncio"), + (SecretManagerServiceClient, "rest"), +]) +def test_secret_manager_service_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'secretmanager.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else + 'https://secretmanager.googleapis.com' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.SecretManagerServiceGrpcTransport, "grpc"), + (transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (transports.SecretManagerServiceRestTransport, "rest"), +]) +def test_secret_manager_service_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SecretManagerServiceClient, "grpc"), + (SecretManagerServiceAsyncClient, "grpc_asyncio"), + (SecretManagerServiceClient, "rest"), +]) +def test_secret_manager_service_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'secretmanager.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else + 'https://secretmanager.googleapis.com' + ) + + +def test_secret_manager_service_client_get_transport_class(): + transport = SecretManagerServiceClient.get_transport_class() + available_transports = [ + transports.SecretManagerServiceGrpcTransport, + transports.SecretManagerServiceRestTransport, + ] + assert transport in available_transports + + transport = SecretManagerServiceClient.get_transport_class("grpc") + assert transport == transports.SecretManagerServiceGrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc"), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest"), +]) +@mock.patch.object(SecretManagerServiceClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceAsyncClient)) +def test_secret_manager_service_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(SecretManagerServiceClient, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(SecretManagerServiceClient, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError) as excinfo: + client = client_class(transport=transport_name) + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`" + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError) as excinfo: + client = client_class(transport=transport_name) + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`" + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc", "true"), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio", "true"), + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc", "false"), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio", "false"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest", "true"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest", "false"), +]) +@mock.patch.object(SecretManagerServiceClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceAsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_secret_manager_service_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE) + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE) + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + SecretManagerServiceClient, SecretManagerServiceAsyncClient +]) +@mock.patch.object(SecretManagerServiceClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SecretManagerServiceAsyncClient)) +def test_secret_manager_service_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError) as excinfo: + client_class.get_mtls_endpoint_and_cert_source() + + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`" + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError) as excinfo: + client_class.get_mtls_endpoint_and_cert_source() + + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`" + +@pytest.mark.parametrize("client_class", [ + SecretManagerServiceClient, SecretManagerServiceAsyncClient +]) +@mock.patch.object(SecretManagerServiceClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceAsyncClient)) +def test_secret_manager_service_client_client_api_endpoint(client_class): + mock_client_cert_source = client_cert_source_callback + api_override = "foo.com" + default_universe = SecretManagerServiceClient._DEFAULT_UNIVERSE + default_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=default_universe) + mock_universe = "bar.com" + mock_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=mock_universe) + + # If ClientOptions.api_endpoint is set and GOOGLE_API_USE_CLIENT_CERTIFICATE="true", + # use ClientOptions.api_endpoint as the api endpoint regardless. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch("google.auth.transport.requests.AuthorizedSession.configure_mtls_channel"): + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=api_override) + client = client_class(client_options=options, credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == api_override + + # If ClientOptions.api_endpoint is not set and GOOGLE_API_USE_MTLS_ENDPOINT="never", + # use the _DEFAULT_ENDPOINT_TEMPLATE populated with GDU as the api endpoint. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + client = client_class(credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == default_endpoint + + # If ClientOptions.api_endpoint is not set and GOOGLE_API_USE_MTLS_ENDPOINT="always", + # use the DEFAULT_MTLS_ENDPOINT as the api endpoint. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + client = client_class(credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + + # If ClientOptions.api_endpoint is not set, GOOGLE_API_USE_MTLS_ENDPOINT="auto" (default), + # GOOGLE_API_USE_CLIENT_CERTIFICATE="false" (default), default cert source doesn't exist, + # and ClientOptions.universe_domain="bar.com", + # use the _DEFAULT_ENDPOINT_TEMPLATE populated with universe domain as the api endpoint. + options = client_options.ClientOptions() + universe_exists = hasattr(options, "universe_domain") + if universe_exists: + options = client_options.ClientOptions(universe_domain=mock_universe) + client = client_class(client_options=options, credentials=ga_credentials.AnonymousCredentials()) + else: + client = client_class(client_options=options, credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == (mock_endpoint if universe_exists else default_endpoint) + assert client.universe_domain == (mock_universe if universe_exists else default_universe) + + # If ClientOptions does not have a universe domain attribute and GOOGLE_API_USE_MTLS_ENDPOINT="never", + # use the _DEFAULT_ENDPOINT_TEMPLATE populated with GDU as the api endpoint. + options = client_options.ClientOptions() + if hasattr(options, "universe_domain"): + delattr(options, "universe_domain") + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + client = client_class(client_options=options, credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == default_endpoint + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc"), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest"), +]) +def test_secret_manager_service_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc", grpc_helpers), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest", None), +]) +def test_secret_manager_service_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_secret_manager_service_client_client_options_from_dict(): + with mock.patch('google.cloud.secretmanager_v1beta1.services.secret_manager_service.transports.SecretManagerServiceGrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = SecretManagerServiceClient( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc", grpc_helpers), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_secret_manager_service_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "secretmanager.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="secretmanager.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListSecretsRequest, + dict, +]) +def test_list_secrets(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretsResponse( + next_page_token='next_page_token_value', + total_size=1086, + ) + response = client.list_secrets(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.ListSecretsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretsPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +def test_list_secrets_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + client.list_secrets() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretsRequest() + + +def test_list_secrets_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.ListSecretsRequest( + parent='parent_value', + page_token='page_token_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + client.list_secrets(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretsRequest( + parent='parent_value', + page_token='page_token_value', + ) + +@pytest.mark.asyncio +async def test_list_secrets_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretsResponse( + next_page_token='next_page_token_value', + total_size=1086, + )) + response = await client.list_secrets() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretsRequest() + +@pytest.mark.asyncio +async def test_list_secrets_async(transport: str = 'grpc_asyncio', request_type=service.ListSecretsRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretsResponse( + next_page_token='next_page_token_value', + total_size=1086, + )) + response = await client.list_secrets(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.ListSecretsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +@pytest.mark.asyncio +async def test_list_secrets_async_from_dict(): + await test_list_secrets_async(request_type=dict) + + +def test_list_secrets_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListSecretsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + call.return_value = service.ListSecretsResponse() + client.list_secrets(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_secrets_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListSecretsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretsResponse()) + await client.list_secrets(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_secrets_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_secrets( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_secrets_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_secrets( + service.ListSecretsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_secrets_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_secrets( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_secrets_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_secrets( + service.ListSecretsRequest(), + parent='parent_value', + ) + + +def test_list_secrets_pager(transport_name: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_secrets(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Secret) + for i in results) +def test_list_secrets_pages(transport_name: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + RuntimeError, + ) + pages = list(client.list_secrets(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_secrets_async_pager(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_secrets(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.Secret) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_secrets_async_pages(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + RuntimeError, + ) + pages = [] + # Workaround issue in python 3.9 related to code coverage by adding `# pragma: no branch` + # See https://github.com/googleapis/gapic-generator-python/pull/1174#issuecomment-1025132372 + async for page_ in ( # pragma: no branch + await client.list_secrets(request={}) + ).pages: + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.CreateSecretRequest, + dict, +]) +def test_create_secret(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret( + name='name_value', + ) + response = client.create_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.CreateSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + + +def test_create_secret_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + client.create_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateSecretRequest() + + +def test_create_secret_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.CreateSecretRequest( + parent='parent_value', + secret_id='secret_id_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + client.create_secret(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateSecretRequest( + parent='parent_value', + secret_id='secret_id_value', + ) + +@pytest.mark.asyncio +async def test_create_secret_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + )) + response = await client.create_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateSecretRequest() + +@pytest.mark.asyncio +async def test_create_secret_async(transport: str = 'grpc_asyncio', request_type=service.CreateSecretRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + )) + response = await client.create_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.CreateSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + + +@pytest.mark.asyncio +async def test_create_secret_async_from_dict(): + await test_create_secret_async(request_type=dict) + + +def test_create_secret_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateSecretRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + call.return_value = resources.Secret() + client.create_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_create_secret_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateSecretRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + await client.create_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_create_secret_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.create_secret( + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].secret_id + mock_val = 'secret_id_value' + assert arg == mock_val + arg = args[0].secret + mock_val = resources.Secret(name='name_value') + assert arg == mock_val + + +def test_create_secret_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_secret( + service.CreateSecretRequest(), + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_create_secret_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.create_secret( + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].secret_id + mock_val = 'secret_id_value' + assert arg == mock_val + arg = args[0].secret + mock_val = resources.Secret(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_create_secret_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.create_secret( + service.CreateSecretRequest(), + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.AddSecretVersionRequest, + dict, +]) +def test_add_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + ) + response = client.add_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.AddSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +def test_add_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + client.add_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AddSecretVersionRequest() + + +def test_add_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.AddSecretVersionRequest( + parent='parent_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + client.add_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AddSecretVersionRequest( + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_add_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + )) + response = await client.add_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AddSecretVersionRequest() + +@pytest.mark.asyncio +async def test_add_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.AddSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + )) + response = await client.add_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.AddSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +@pytest.mark.asyncio +async def test_add_secret_version_async_from_dict(): + await test_add_secret_version_async(request_type=dict) + + +def test_add_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.AddSecretVersionRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.add_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_add_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.AddSecretVersionRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.add_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_add_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.add_secret_version( + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].payload + mock_val = resources.SecretPayload(data=b'data_blob') + assert arg == mock_val + + +def test_add_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.add_secret_version( + service.AddSecretVersionRequest(), + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + +@pytest.mark.asyncio +async def test_add_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.add_secret_version( + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].payload + mock_val = resources.SecretPayload(data=b'data_blob') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_add_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.add_secret_version( + service.AddSecretVersionRequest(), + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSecretRequest, + dict, +]) +def test_get_secret(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret( + name='name_value', + ) + response = client.get_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.GetSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + + +def test_get_secret_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + client.get_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretRequest() + + +def test_get_secret_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.GetSecretRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + client.get_secret(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_secret_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + )) + response = await client.get_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretRequest() + +@pytest.mark.asyncio +async def test_get_secret_async(transport: str = 'grpc_asyncio', request_type=service.GetSecretRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + )) + response = await client.get_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.GetSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + + +@pytest.mark.asyncio +async def test_get_secret_async_from_dict(): + await test_get_secret_async(request_type=dict) + + +def test_get_secret_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSecretRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + call.return_value = resources.Secret() + client.get_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_secret_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSecretRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + await client.get_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_secret_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_secret( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_secret_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_secret( + service.GetSecretRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_secret_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_secret( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_secret_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_secret( + service.GetSecretRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateSecretRequest, + dict, +]) +def test_update_secret(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret( + name='name_value', + ) + response = client.update_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.UpdateSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + + +def test_update_secret_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + client.update_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateSecretRequest() + + +def test_update_secret_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.UpdateSecretRequest( + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + client.update_secret(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateSecretRequest( + ) + +@pytest.mark.asyncio +async def test_update_secret_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + )) + response = await client.update_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateSecretRequest() + +@pytest.mark.asyncio +async def test_update_secret_async(transport: str = 'grpc_asyncio', request_type=service.UpdateSecretRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + )) + response = await client.update_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.UpdateSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + + +@pytest.mark.asyncio +async def test_update_secret_async_from_dict(): + await test_update_secret_async(request_type=dict) + + +def test_update_secret_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateSecretRequest() + + request.secret.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + call.return_value = resources.Secret() + client.update_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'secret.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_secret_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateSecretRequest() + + request.secret.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + await client.update_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'secret.name=name_value', + ) in kw['metadata'] + + +def test_update_secret_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_secret( + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].secret + mock_val = resources.Secret(name='name_value') + assert arg == mock_val + arg = args[0].update_mask + mock_val = field_mask_pb2.FieldMask(paths=['paths_value']) + assert arg == mock_val + + +def test_update_secret_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_secret( + service.UpdateSecretRequest(), + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + +@pytest.mark.asyncio +async def test_update_secret_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_secret( + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].secret + mock_val = resources.Secret(name='name_value') + assert arg == mock_val + arg = args[0].update_mask + mock_val = field_mask_pb2.FieldMask(paths=['paths_value']) + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_secret_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_secret( + service.UpdateSecretRequest(), + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + + +@pytest.mark.parametrize("request_type", [ + service.DeleteSecretRequest, + dict, +]) +def test_delete_secret(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + response = client.delete_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.DeleteSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_secret_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + client.delete_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteSecretRequest() + + +def test_delete_secret_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.DeleteSecretRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + client.delete_secret(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteSecretRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_delete_secret_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteSecretRequest() + +@pytest.mark.asyncio +async def test_delete_secret_async(transport: str = 'grpc_asyncio', request_type=service.DeleteSecretRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.DeleteSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert response is None + + +@pytest.mark.asyncio +async def test_delete_secret_async_from_dict(): + await test_delete_secret_async(request_type=dict) + + +def test_delete_secret_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteSecretRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + call.return_value = None + client.delete_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_delete_secret_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteSecretRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + await client.delete_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_delete_secret_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.delete_secret( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_delete_secret_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_secret( + service.DeleteSecretRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_delete_secret_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.delete_secret( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_delete_secret_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.delete_secret( + service.DeleteSecretRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListSecretVersionsRequest, + dict, +]) +def test_list_secret_versions(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretVersionsResponse( + next_page_token='next_page_token_value', + total_size=1086, + ) + response = client.list_secret_versions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.ListSecretVersionsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretVersionsPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +def test_list_secret_versions_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + client.list_secret_versions() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretVersionsRequest() + + +def test_list_secret_versions_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.ListSecretVersionsRequest( + parent='parent_value', + page_token='page_token_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + client.list_secret_versions(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretVersionsRequest( + parent='parent_value', + page_token='page_token_value', + ) + +@pytest.mark.asyncio +async def test_list_secret_versions_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretVersionsResponse( + next_page_token='next_page_token_value', + total_size=1086, + )) + response = await client.list_secret_versions() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretVersionsRequest() + +@pytest.mark.asyncio +async def test_list_secret_versions_async(transport: str = 'grpc_asyncio', request_type=service.ListSecretVersionsRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretVersionsResponse( + next_page_token='next_page_token_value', + total_size=1086, + )) + response = await client.list_secret_versions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.ListSecretVersionsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretVersionsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +@pytest.mark.asyncio +async def test_list_secret_versions_async_from_dict(): + await test_list_secret_versions_async(request_type=dict) + + +def test_list_secret_versions_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListSecretVersionsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + call.return_value = service.ListSecretVersionsResponse() + client.list_secret_versions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_secret_versions_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListSecretVersionsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretVersionsResponse()) + await client.list_secret_versions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_secret_versions_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretVersionsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_secret_versions( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_secret_versions_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_secret_versions( + service.ListSecretVersionsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_secret_versions_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretVersionsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretVersionsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_secret_versions( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_secret_versions_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_secret_versions( + service.ListSecretVersionsRequest(), + parent='parent_value', + ) + + +def test_list_secret_versions_pager(transport_name: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_secret_versions(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.SecretVersion) + for i in results) +def test_list_secret_versions_pages(transport_name: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + RuntimeError, + ) + pages = list(client.list_secret_versions(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_secret_versions_async_pager(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_secret_versions(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.SecretVersion) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_secret_versions_async_pages(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + RuntimeError, + ) + pages = [] + # Workaround issue in python 3.9 related to code coverage by adding `# pragma: no branch` + # See https://github.com/googleapis/gapic-generator-python/pull/1174#issuecomment-1025132372 + async for page_ in ( # pragma: no branch + await client.list_secret_versions(request={}) + ).pages: + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.GetSecretVersionRequest, + dict, +]) +def test_get_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + ) + response = client.get_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.GetSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +def test_get_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + client.get_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretVersionRequest() + + +def test_get_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.GetSecretVersionRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + client.get_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretVersionRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + )) + response = await client.get_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretVersionRequest() + +@pytest.mark.asyncio +async def test_get_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.GetSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + )) + response = await client.get_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.GetSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +@pytest.mark.asyncio +async def test_get_secret_version_async_from_dict(): + await test_get_secret_version_async(request_type=dict) + + +def test_get_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.get_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.get_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_secret_version( + service.GetSecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_secret_version( + service.GetSecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.AccessSecretVersionRequest, + dict, +]) +def test_access_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.AccessSecretVersionResponse( + name='name_value', + ) + response = client.access_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.AccessSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, service.AccessSecretVersionResponse) + assert response.name == 'name_value' + + +def test_access_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + client.access_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AccessSecretVersionRequest() + + +def test_access_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.AccessSecretVersionRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + client.access_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AccessSecretVersionRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_access_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.AccessSecretVersionResponse( + name='name_value', + )) + response = await client.access_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AccessSecretVersionRequest() + +@pytest.mark.asyncio +async def test_access_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.AccessSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.AccessSecretVersionResponse( + name='name_value', + )) + response = await client.access_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.AccessSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, service.AccessSecretVersionResponse) + assert response.name == 'name_value' + + +@pytest.mark.asyncio +async def test_access_secret_version_async_from_dict(): + await test_access_secret_version_async(request_type=dict) + + +def test_access_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.AccessSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + call.return_value = service.AccessSecretVersionResponse() + client.access_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_access_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.AccessSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.AccessSecretVersionResponse()) + await client.access_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_access_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.AccessSecretVersionResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.access_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_access_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.access_secret_version( + service.AccessSecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_access_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.AccessSecretVersionResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.AccessSecretVersionResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.access_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_access_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.access_secret_version( + service.AccessSecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.DisableSecretVersionRequest, + dict, +]) +def test_disable_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + ) + response = client.disable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.DisableSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +def test_disable_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + client.disable_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DisableSecretVersionRequest() + + +def test_disable_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.DisableSecretVersionRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + client.disable_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DisableSecretVersionRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_disable_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + )) + response = await client.disable_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DisableSecretVersionRequest() + +@pytest.mark.asyncio +async def test_disable_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.DisableSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + )) + response = await client.disable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.DisableSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +@pytest.mark.asyncio +async def test_disable_secret_version_async_from_dict(): + await test_disable_secret_version_async(request_type=dict) + + +def test_disable_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DisableSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.disable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_disable_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DisableSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.disable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_disable_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.disable_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_disable_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.disable_secret_version( + service.DisableSecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_disable_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.disable_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_disable_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.disable_secret_version( + service.DisableSecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.EnableSecretVersionRequest, + dict, +]) +def test_enable_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + ) + response = client.enable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.EnableSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +def test_enable_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + client.enable_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.EnableSecretVersionRequest() + + +def test_enable_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.EnableSecretVersionRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + client.enable_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.EnableSecretVersionRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_enable_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + )) + response = await client.enable_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.EnableSecretVersionRequest() + +@pytest.mark.asyncio +async def test_enable_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.EnableSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + )) + response = await client.enable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.EnableSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +@pytest.mark.asyncio +async def test_enable_secret_version_async_from_dict(): + await test_enable_secret_version_async(request_type=dict) + + +def test_enable_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.EnableSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.enable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_enable_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.EnableSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.enable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_enable_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.enable_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_enable_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.enable_secret_version( + service.EnableSecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_enable_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.enable_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_enable_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.enable_secret_version( + service.EnableSecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.DestroySecretVersionRequest, + dict, +]) +def test_destroy_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + ) + response = client.destroy_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.DestroySecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +def test_destroy_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + client.destroy_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DestroySecretVersionRequest() + + +def test_destroy_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.DestroySecretVersionRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + client.destroy_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DestroySecretVersionRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_destroy_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + )) + response = await client.destroy_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DestroySecretVersionRequest() + +@pytest.mark.asyncio +async def test_destroy_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.DestroySecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + )) + response = await client.destroy_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.DestroySecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +@pytest.mark.asyncio +async def test_destroy_secret_version_async_from_dict(): + await test_destroy_secret_version_async(request_type=dict) + + +def test_destroy_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DestroySecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.destroy_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_destroy_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DestroySecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.destroy_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_destroy_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.destroy_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_destroy_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.destroy_secret_version( + service.DestroySecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_destroy_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.destroy_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_destroy_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.destroy_secret_version( + service.DestroySecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.SetIamPolicyRequest, + dict, +]) +def test_set_iam_policy(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = policy_pb2.Policy( + version=774, + etag=b'etag_blob', + ) + response = client.set_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.SetIamPolicyRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +def test_set_iam_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + client.set_iam_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.SetIamPolicyRequest() + + +def test_set_iam_policy_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = iam_policy_pb2.SetIamPolicyRequest( + resource='resource_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + client.set_iam_policy(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.SetIamPolicyRequest( + resource='resource_value', + ) + +@pytest.mark.asyncio +async def test_set_iam_policy_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy( + version=774, + etag=b'etag_blob', + )) + response = await client.set_iam_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.SetIamPolicyRequest() + +@pytest.mark.asyncio +async def test_set_iam_policy_async(transport: str = 'grpc_asyncio', request_type=iam_policy_pb2.SetIamPolicyRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy( + version=774, + etag=b'etag_blob', + )) + response = await client.set_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.SetIamPolicyRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +@pytest.mark.asyncio +async def test_set_iam_policy_async_from_dict(): + await test_set_iam_policy_async(request_type=dict) + + +def test_set_iam_policy_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.SetIamPolicyRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + call.return_value = policy_pb2.Policy() + client.set_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_set_iam_policy_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.SetIamPolicyRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy()) + await client.set_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + +def test_set_iam_policy_from_dict_foreign(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = policy_pb2.Policy() + response = client.set_iam_policy(request={ + 'resource': 'resource_value', + 'policy': policy_pb2.Policy(version=774), + 'update_mask': field_mask_pb2.FieldMask(paths=['paths_value']), + } + ) + call.assert_called() + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.GetIamPolicyRequest, + dict, +]) +def test_get_iam_policy(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = policy_pb2.Policy( + version=774, + etag=b'etag_blob', + ) + response = client.get_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.GetIamPolicyRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +def test_get_iam_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + client.get_iam_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.GetIamPolicyRequest() + + +def test_get_iam_policy_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = iam_policy_pb2.GetIamPolicyRequest( + resource='resource_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + client.get_iam_policy(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.GetIamPolicyRequest( + resource='resource_value', + ) + +@pytest.mark.asyncio +async def test_get_iam_policy_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy( + version=774, + etag=b'etag_blob', + )) + response = await client.get_iam_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.GetIamPolicyRequest() + +@pytest.mark.asyncio +async def test_get_iam_policy_async(transport: str = 'grpc_asyncio', request_type=iam_policy_pb2.GetIamPolicyRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy( + version=774, + etag=b'etag_blob', + )) + response = await client.get_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.GetIamPolicyRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +@pytest.mark.asyncio +async def test_get_iam_policy_async_from_dict(): + await test_get_iam_policy_async(request_type=dict) + + +def test_get_iam_policy_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.GetIamPolicyRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + call.return_value = policy_pb2.Policy() + client.get_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_iam_policy_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.GetIamPolicyRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy()) + await client.get_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + +def test_get_iam_policy_from_dict_foreign(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = policy_pb2.Policy() + response = client.get_iam_policy(request={ + 'resource': 'resource_value', + 'options': options_pb2.GetPolicyOptions(requested_policy_version=2598), + } + ) + call.assert_called() + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.TestIamPermissionsRequest, + dict, +]) +def test_test_iam_permissions(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = iam_policy_pb2.TestIamPermissionsResponse( + permissions=['permissions_value'], + ) + response = client.test_iam_permissions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.TestIamPermissionsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, iam_policy_pb2.TestIamPermissionsResponse) + assert response.permissions == ['permissions_value'] + + +def test_test_iam_permissions_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + client.test_iam_permissions() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.TestIamPermissionsRequest() + + +def test_test_iam_permissions_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = iam_policy_pb2.TestIamPermissionsRequest( + resource='resource_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + client.test_iam_permissions(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.TestIamPermissionsRequest( + resource='resource_value', + ) + +@pytest.mark.asyncio +async def test_test_iam_permissions_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(iam_policy_pb2.TestIamPermissionsResponse( + permissions=['permissions_value'], + )) + response = await client.test_iam_permissions() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.TestIamPermissionsRequest() + +@pytest.mark.asyncio +async def test_test_iam_permissions_async(transport: str = 'grpc_asyncio', request_type=iam_policy_pb2.TestIamPermissionsRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(iam_policy_pb2.TestIamPermissionsResponse( + permissions=['permissions_value'], + )) + response = await client.test_iam_permissions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.TestIamPermissionsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, iam_policy_pb2.TestIamPermissionsResponse) + assert response.permissions == ['permissions_value'] + + +@pytest.mark.asyncio +async def test_test_iam_permissions_async_from_dict(): + await test_test_iam_permissions_async(request_type=dict) + + +def test_test_iam_permissions_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.TestIamPermissionsRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + call.return_value = iam_policy_pb2.TestIamPermissionsResponse() + client.test_iam_permissions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_test_iam_permissions_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.TestIamPermissionsRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(iam_policy_pb2.TestIamPermissionsResponse()) + await client.test_iam_permissions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + +def test_test_iam_permissions_from_dict_foreign(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = iam_policy_pb2.TestIamPermissionsResponse() + response = client.test_iam_permissions(request={ + 'resource': 'resource_value', + 'permissions': ['permissions_value'], + } + ) + call.assert_called() + + +@pytest.mark.parametrize("request_type", [ + service.ListSecretsRequest, + dict, +]) +def test_list_secrets_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.ListSecretsResponse( + next_page_token='next_page_token_value', + total_size=1086, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.ListSecretsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.list_secrets(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretsPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +def test_list_secrets_rest_required_fields(request_type=service.ListSecretsRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_secrets._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["parent"] = 'parent_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_secrets._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("page_size", "page_token", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = service.ListSecretsResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = service.ListSecretsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.list_secrets(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_list_secrets_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.list_secrets._get_unset_required_fields({}) + assert set(unset_fields) == (set(("pageSize", "pageToken", )) & set(("parent", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_list_secrets_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_list_secrets") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_list_secrets") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.ListSecretsRequest.pb(service.ListSecretsRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = service.ListSecretsResponse.to_json(service.ListSecretsResponse()) + + request = service.ListSecretsRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = service.ListSecretsResponse() + + client.list_secrets(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_list_secrets_rest_bad_request(transport: str = 'rest', request_type=service.ListSecretsRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.list_secrets(request) + + +def test_list_secrets_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.ListSecretsResponse() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.ListSecretsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.list_secrets(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta1/{parent=projects/*}/secrets" % client.transport._host, args[1]) + + +def test_list_secrets_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_secrets( + service.ListSecretsRequest(), + parent='parent_value', + ) + + +def test_list_secrets_rest_pager(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # TODO(kbandes): remove this mock unless there's a good reason for it. + #with mock.patch.object(path_template, 'transcode') as transcode: + # Set the response as a series of pages + response = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + ) + # Two responses for two calls + response = response + response + + # Wrap the values into proper Response objs + response = tuple(service.ListSecretsResponse.to_json(x) for x in response) + return_values = tuple(Response() for i in response) + for return_val, response_val in zip(return_values, response): + return_val._content = response_val.encode('UTF-8') + return_val.status_code = 200 + req.side_effect = return_values + + sample_request = {'parent': 'projects/sample1'} + + pager = client.list_secrets(request=sample_request) + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Secret) + for i in results) + + pages = list(client.list_secrets(request=sample_request).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + + +@pytest.mark.parametrize("request_type", [ + service.CreateSecretRequest, + dict, +]) +def test_create_secret_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request_init["secret"] = {'name': 'name_value', 'replication': {'automatic': {}, 'user_managed': {'replicas': [{'location': 'location_value'}]}}, 'create_time': {'seconds': 751, 'nanos': 543}, 'labels': {}} + # The version of a generated dependency at test runtime may differ from the version used during generation. + # Delete any fields which are not present in the current runtime dependency + # See https://github.com/googleapis/gapic-generator-python/issues/1748 + + # Determine if the message type is proto-plus or protobuf + test_field = service.CreateSecretRequest.meta.fields["secret"] + + def get_message_fields(field): + # Given a field which is a message (composite type), return a list with + # all the fields of the message. + # If the field is not a composite type, return an empty list. + message_fields = [] + + if hasattr(field, "message") and field.message: + is_field_type_proto_plus_type = not hasattr(field.message, "DESCRIPTOR") + + if is_field_type_proto_plus_type: + message_fields = field.message.meta.fields.values() + # Add `# pragma: NO COVER` because there may not be any `*_pb2` field types + else: # pragma: NO COVER + message_fields = field.message.DESCRIPTOR.fields + return message_fields + + runtime_nested_fields = [ + (field.name, nested_field.name) + for field in get_message_fields(test_field) + for nested_field in get_message_fields(field) + ] + + subfields_not_in_runtime = [] + + # For each item in the sample request, create a list of sub fields which are not present at runtime + # Add `# pragma: NO COVER` because this test code will not run if all subfields are present at runtime + for field, value in request_init["secret"].items(): # pragma: NO COVER + result = None + is_repeated = False + # For repeated fields + if isinstance(value, list) and len(value): + is_repeated = True + result = value[0] + # For fields where the type is another message + if isinstance(value, dict): + result = value + + if result and hasattr(result, "keys"): + for subfield in result.keys(): + if (field, subfield) not in runtime_nested_fields: + subfields_not_in_runtime.append( + {"field": field, "subfield": subfield, "is_repeated": is_repeated} + ) + + # Remove fields from the sample request which are not present in the runtime version of the dependency + # Add `# pragma: NO COVER` because this test code will not run if all subfields are present at runtime + for subfield_to_delete in subfields_not_in_runtime: # pragma: NO COVER + field = subfield_to_delete.get("field") + field_repeated = subfield_to_delete.get("is_repeated") + subfield = subfield_to_delete.get("subfield") + if subfield: + if field_repeated: + for i in range(0, len(request_init["secret"][field])): + del request_init["secret"][field][i][subfield] + else: + del request_init["secret"][field][subfield] + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret( + name='name_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.create_secret(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + + +def test_create_secret_rest_required_fields(request_type=service.CreateSecretRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request_init["secret_id"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + assert "secretId" not in jsonified_request + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).create_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + assert "secretId" in jsonified_request + assert jsonified_request["secretId"] == request_init["secret_id"] + + jsonified_request["parent"] = 'parent_value' + jsonified_request["secretId"] = 'secret_id_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).create_secret._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("secret_id", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + assert "secretId" in jsonified_request + assert jsonified_request["secretId"] == 'secret_id_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.create_secret(request) + + expected_params = [ + ( + "secretId", + "", + ), + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_create_secret_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.create_secret._get_unset_required_fields({}) + assert set(unset_fields) == (set(("secretId", )) & set(("parent", "secretId", "secret", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_create_secret_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_create_secret") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_create_secret") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.CreateSecretRequest.pb(service.CreateSecretRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.Secret.to_json(resources.Secret()) + + request = service.CreateSecretRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.Secret() + + client.create_secret(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_create_secret_rest_bad_request(transport: str = 'rest', request_type=service.CreateSecretRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.create_secret(request) + + +def test_create_secret_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.create_secret(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta1/{parent=projects/*}/secrets" % client.transport._host, args[1]) + + +def test_create_secret_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_secret( + service.CreateSecretRequest(), + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + + +def test_create_secret_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.AddSecretVersionRequest, + dict, +]) +def test_add_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.add_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +def test_add_secret_version_rest_required_fields(request_type=service.AddSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).add_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["parent"] = 'parent_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).add_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.add_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_add_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.add_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("parent", "payload", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_add_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_add_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_add_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.AddSecretVersionRequest.pb(service.AddSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.AddSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.add_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_add_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.AddSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.add_secret_version(request) + + +def test_add_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1/secrets/sample2'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.add_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta1/{parent=projects/*/secrets/*}:addVersion" % client.transport._host, args[1]) + + +def test_add_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.add_secret_version( + service.AddSecretVersionRequest(), + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + + +def test_add_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSecretRequest, + dict, +]) +def test_get_secret_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret( + name='name_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.get_secret(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + + +def test_get_secret_rest_required_fields(request_type=service.GetSecretRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.get_secret(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_get_secret_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.get_secret._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_get_secret_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_get_secret") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_get_secret") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.GetSecretRequest.pb(service.GetSecretRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.Secret.to_json(resources.Secret()) + + request = service.GetSecretRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.Secret() + + client.get_secret(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_get_secret_rest_bad_request(transport: str = 'rest', request_type=service.GetSecretRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.get_secret(request) + + +def test_get_secret_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.get_secret(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta1/{name=projects/*/secrets/*}" % client.transport._host, args[1]) + + +def test_get_secret_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_secret( + service.GetSecretRequest(), + name='name_value', + ) + + +def test_get_secret_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateSecretRequest, + dict, +]) +def test_update_secret_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'secret': {'name': 'projects/sample1/secrets/sample2'}} + request_init["secret"] = {'name': 'projects/sample1/secrets/sample2', 'replication': {'automatic': {}, 'user_managed': {'replicas': [{'location': 'location_value'}]}}, 'create_time': {'seconds': 751, 'nanos': 543}, 'labels': {}} + # The version of a generated dependency at test runtime may differ from the version used during generation. + # Delete any fields which are not present in the current runtime dependency + # See https://github.com/googleapis/gapic-generator-python/issues/1748 + + # Determine if the message type is proto-plus or protobuf + test_field = service.UpdateSecretRequest.meta.fields["secret"] + + def get_message_fields(field): + # Given a field which is a message (composite type), return a list with + # all the fields of the message. + # If the field is not a composite type, return an empty list. + message_fields = [] + + if hasattr(field, "message") and field.message: + is_field_type_proto_plus_type = not hasattr(field.message, "DESCRIPTOR") + + if is_field_type_proto_plus_type: + message_fields = field.message.meta.fields.values() + # Add `# pragma: NO COVER` because there may not be any `*_pb2` field types + else: # pragma: NO COVER + message_fields = field.message.DESCRIPTOR.fields + return message_fields + + runtime_nested_fields = [ + (field.name, nested_field.name) + for field in get_message_fields(test_field) + for nested_field in get_message_fields(field) + ] + + subfields_not_in_runtime = [] + + # For each item in the sample request, create a list of sub fields which are not present at runtime + # Add `# pragma: NO COVER` because this test code will not run if all subfields are present at runtime + for field, value in request_init["secret"].items(): # pragma: NO COVER + result = None + is_repeated = False + # For repeated fields + if isinstance(value, list) and len(value): + is_repeated = True + result = value[0] + # For fields where the type is another message + if isinstance(value, dict): + result = value + + if result and hasattr(result, "keys"): + for subfield in result.keys(): + if (field, subfield) not in runtime_nested_fields: + subfields_not_in_runtime.append( + {"field": field, "subfield": subfield, "is_repeated": is_repeated} + ) + + # Remove fields from the sample request which are not present in the runtime version of the dependency + # Add `# pragma: NO COVER` because this test code will not run if all subfields are present at runtime + for subfield_to_delete in subfields_not_in_runtime: # pragma: NO COVER + field = subfield_to_delete.get("field") + field_repeated = subfield_to_delete.get("is_repeated") + subfield = subfield_to_delete.get("subfield") + if subfield: + if field_repeated: + for i in range(0, len(request_init["secret"][field])): + del request_init["secret"][field][i][subfield] + else: + del request_init["secret"][field][subfield] + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret( + name='name_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.update_secret(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + + +def test_update_secret_rest_required_fields(request_type=service.UpdateSecretRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).update_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).update_secret._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("update_mask", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "patch", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.update_secret(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_update_secret_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.update_secret._get_unset_required_fields({}) + assert set(unset_fields) == (set(("updateMask", )) & set(("secret", "updateMask", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_update_secret_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_update_secret") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_update_secret") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.UpdateSecretRequest.pb(service.UpdateSecretRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.Secret.to_json(resources.Secret()) + + request = service.UpdateSecretRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.Secret() + + client.update_secret(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_update_secret_rest_bad_request(transport: str = 'rest', request_type=service.UpdateSecretRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'secret': {'name': 'projects/sample1/secrets/sample2'}} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.update_secret(request) + + +def test_update_secret_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + + # get arguments that satisfy an http rule for this method + sample_request = {'secret': {'name': 'projects/sample1/secrets/sample2'}} + + # get truthy value for each flattened field + mock_args = dict( + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.update_secret(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta1/{secret.name=projects/*/secrets/*}" % client.transport._host, args[1]) + + +def test_update_secret_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_secret( + service.UpdateSecretRequest(), + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + + +def test_update_secret_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.DeleteSecretRequest, + dict, +]) +def test_delete_secret_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = None + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = '' + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.delete_secret(request) + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_secret_rest_required_fields(request_type=service.DeleteSecretRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).delete_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).delete_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = None + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "delete", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + json_return_value = '' + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.delete_secret(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_delete_secret_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.delete_secret._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_delete_secret_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_delete_secret") as pre: + pre.assert_not_called() + pb_message = service.DeleteSecretRequest.pb(service.DeleteSecretRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + + request = service.DeleteSecretRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + + client.delete_secret(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + + +def test_delete_secret_rest_bad_request(transport: str = 'rest', request_type=service.DeleteSecretRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.delete_secret(request) + + +def test_delete_secret_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = None + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = '' + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.delete_secret(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta1/{name=projects/*/secrets/*}" % client.transport._host, args[1]) + + +def test_delete_secret_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_secret( + service.DeleteSecretRequest(), + name='name_value', + ) + + +def test_delete_secret_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListSecretVersionsRequest, + dict, +]) +def test_list_secret_versions_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.ListSecretVersionsResponse( + next_page_token='next_page_token_value', + total_size=1086, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.ListSecretVersionsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.list_secret_versions(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretVersionsPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +def test_list_secret_versions_rest_required_fields(request_type=service.ListSecretVersionsRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_secret_versions._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["parent"] = 'parent_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_secret_versions._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("page_size", "page_token", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = service.ListSecretVersionsResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = service.ListSecretVersionsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.list_secret_versions(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_list_secret_versions_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.list_secret_versions._get_unset_required_fields({}) + assert set(unset_fields) == (set(("pageSize", "pageToken", )) & set(("parent", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_list_secret_versions_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_list_secret_versions") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_list_secret_versions") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.ListSecretVersionsRequest.pb(service.ListSecretVersionsRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = service.ListSecretVersionsResponse.to_json(service.ListSecretVersionsResponse()) + + request = service.ListSecretVersionsRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = service.ListSecretVersionsResponse() + + client.list_secret_versions(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_list_secret_versions_rest_bad_request(transport: str = 'rest', request_type=service.ListSecretVersionsRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.list_secret_versions(request) + + +def test_list_secret_versions_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.ListSecretVersionsResponse() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1/secrets/sample2'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.ListSecretVersionsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.list_secret_versions(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta1/{parent=projects/*/secrets/*}/versions" % client.transport._host, args[1]) + + +def test_list_secret_versions_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_secret_versions( + service.ListSecretVersionsRequest(), + parent='parent_value', + ) + + +def test_list_secret_versions_rest_pager(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # TODO(kbandes): remove this mock unless there's a good reason for it. + #with mock.patch.object(path_template, 'transcode') as transcode: + # Set the response as a series of pages + response = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + ) + # Two responses for two calls + response = response + response + + # Wrap the values into proper Response objs + response = tuple(service.ListSecretVersionsResponse.to_json(x) for x in response) + return_values = tuple(Response() for i in response) + for return_val, response_val in zip(return_values, response): + return_val._content = response_val.encode('UTF-8') + return_val.status_code = 200 + req.side_effect = return_values + + sample_request = {'parent': 'projects/sample1/secrets/sample2'} + + pager = client.list_secret_versions(request=sample_request) + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.SecretVersion) + for i in results) + + pages = list(client.list_secret_versions(request=sample_request).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + + +@pytest.mark.parametrize("request_type", [ + service.GetSecretVersionRequest, + dict, +]) +def test_get_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.get_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +def test_get_secret_version_rest_required_fields(request_type=service.GetSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.get_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_get_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.get_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_get_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_get_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_get_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.GetSecretVersionRequest.pb(service.GetSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.GetSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.get_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_get_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.GetSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.get_secret_version(request) + + +def test_get_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.get_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta1/{name=projects/*/secrets/*/versions/*}" % client.transport._host, args[1]) + + +def test_get_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_secret_version( + service.GetSecretVersionRequest(), + name='name_value', + ) + + +def test_get_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.AccessSecretVersionRequest, + dict, +]) +def test_access_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.AccessSecretVersionResponse( + name='name_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.AccessSecretVersionResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.access_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, service.AccessSecretVersionResponse) + assert response.name == 'name_value' + + +def test_access_secret_version_rest_required_fields(request_type=service.AccessSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).access_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).access_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = service.AccessSecretVersionResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = service.AccessSecretVersionResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.access_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_access_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.access_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_access_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_access_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_access_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.AccessSecretVersionRequest.pb(service.AccessSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = service.AccessSecretVersionResponse.to_json(service.AccessSecretVersionResponse()) + + request = service.AccessSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = service.AccessSecretVersionResponse() + + client.access_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_access_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.AccessSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.access_secret_version(request) + + +def test_access_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.AccessSecretVersionResponse() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.AccessSecretVersionResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.access_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta1/{name=projects/*/secrets/*/versions/*}:access" % client.transport._host, args[1]) + + +def test_access_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.access_secret_version( + service.AccessSecretVersionRequest(), + name='name_value', + ) + + +def test_access_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.DisableSecretVersionRequest, + dict, +]) +def test_disable_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.disable_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +def test_disable_secret_version_rest_required_fields(request_type=service.DisableSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).disable_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).disable_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.disable_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_disable_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.disable_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_disable_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_disable_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_disable_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.DisableSecretVersionRequest.pb(service.DisableSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.DisableSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.disable_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_disable_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.DisableSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.disable_secret_version(request) + + +def test_disable_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.disable_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta1/{name=projects/*/secrets/*/versions/*}:disable" % client.transport._host, args[1]) + + +def test_disable_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.disable_secret_version( + service.DisableSecretVersionRequest(), + name='name_value', + ) + + +def test_disable_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.EnableSecretVersionRequest, + dict, +]) +def test_enable_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.enable_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +def test_enable_secret_version_rest_required_fields(request_type=service.EnableSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).enable_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).enable_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.enable_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_enable_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.enable_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_enable_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_enable_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_enable_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.EnableSecretVersionRequest.pb(service.EnableSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.EnableSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.enable_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_enable_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.EnableSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.enable_secret_version(request) + + +def test_enable_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.enable_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta1/{name=projects/*/secrets/*/versions/*}:enable" % client.transport._host, args[1]) + + +def test_enable_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.enable_secret_version( + service.EnableSecretVersionRequest(), + name='name_value', + ) + + +def test_enable_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.DestroySecretVersionRequest, + dict, +]) +def test_destroy_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.destroy_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + + +def test_destroy_secret_version_rest_required_fields(request_type=service.DestroySecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).destroy_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).destroy_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.destroy_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_destroy_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.destroy_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_destroy_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_destroy_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_destroy_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.DestroySecretVersionRequest.pb(service.DestroySecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.DestroySecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.destroy_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_destroy_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.DestroySecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.destroy_secret_version(request) + + +def test_destroy_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.destroy_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta1/{name=projects/*/secrets/*/versions/*}:destroy" % client.transport._host, args[1]) + + +def test_destroy_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.destroy_secret_version( + service.DestroySecretVersionRequest(), + name='name_value', + ) + + +def test_destroy_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.SetIamPolicyRequest, + dict, +]) +def test_set_iam_policy_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = policy_pb2.Policy( + version=774, + etag=b'etag_blob', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.set_iam_policy(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +def test_set_iam_policy_rest_required_fields(request_type=iam_policy_pb2.SetIamPolicyRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["resource"] = "" + request = request_type(**request_init) + pb_request = request + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).set_iam_policy._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["resource"] = 'resource_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).set_iam_policy._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "resource" in jsonified_request + assert jsonified_request["resource"] == 'resource_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = policy_pb2.Policy() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.set_iam_policy(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_set_iam_policy_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.set_iam_policy._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("resource", "policy", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_set_iam_policy_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_set_iam_policy") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_set_iam_policy") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = iam_policy_pb2.SetIamPolicyRequest() + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = json_format.MessageToJson(policy_pb2.Policy()) + + request = iam_policy_pb2.SetIamPolicyRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = policy_pb2.Policy() + + client.set_iam_policy(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_set_iam_policy_rest_bad_request(transport: str = 'rest', request_type=iam_policy_pb2.SetIamPolicyRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.set_iam_policy(request) + + +def test_set_iam_policy_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.GetIamPolicyRequest, + dict, +]) +def test_get_iam_policy_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = policy_pb2.Policy( + version=774, + etag=b'etag_blob', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.get_iam_policy(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +def test_get_iam_policy_rest_required_fields(request_type=iam_policy_pb2.GetIamPolicyRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["resource"] = "" + request = request_type(**request_init) + pb_request = request + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_iam_policy._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["resource"] = 'resource_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_iam_policy._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("options", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "resource" in jsonified_request + assert jsonified_request["resource"] == 'resource_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = policy_pb2.Policy() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.get_iam_policy(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_get_iam_policy_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.get_iam_policy._get_unset_required_fields({}) + assert set(unset_fields) == (set(("options", )) & set(("resource", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_get_iam_policy_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_get_iam_policy") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_get_iam_policy") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = iam_policy_pb2.GetIamPolicyRequest() + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = json_format.MessageToJson(policy_pb2.Policy()) + + request = iam_policy_pb2.GetIamPolicyRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = policy_pb2.Policy() + + client.get_iam_policy(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_get_iam_policy_rest_bad_request(transport: str = 'rest', request_type=iam_policy_pb2.GetIamPolicyRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.get_iam_policy(request) + + +def test_get_iam_policy_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.TestIamPermissionsRequest, + dict, +]) +def test_test_iam_permissions_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = iam_policy_pb2.TestIamPermissionsResponse( + permissions=['permissions_value'], + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.test_iam_permissions(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, iam_policy_pb2.TestIamPermissionsResponse) + assert response.permissions == ['permissions_value'] + + +def test_test_iam_permissions_rest_required_fields(request_type=iam_policy_pb2.TestIamPermissionsRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["resource"] = "" + request_init["permissions"] = "" + request = request_type(**request_init) + pb_request = request + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).test_iam_permissions._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["resource"] = 'resource_value' + jsonified_request["permissions"] = 'permissions_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).test_iam_permissions._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "resource" in jsonified_request + assert jsonified_request["resource"] == 'resource_value' + assert "permissions" in jsonified_request + assert jsonified_request["permissions"] == 'permissions_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = iam_policy_pb2.TestIamPermissionsResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.test_iam_permissions(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_test_iam_permissions_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.test_iam_permissions._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("resource", "permissions", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_test_iam_permissions_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_test_iam_permissions") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_test_iam_permissions") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = iam_policy_pb2.TestIamPermissionsRequest() + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = json_format.MessageToJson(iam_policy_pb2.TestIamPermissionsResponse()) + + request = iam_policy_pb2.TestIamPermissionsRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = iam_policy_pb2.TestIamPermissionsResponse() + + client.test_iam_permissions(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_test_iam_permissions_rest_bad_request(transport: str = 'rest', request_type=iam_policy_pb2.TestIamPermissionsRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.test_iam_permissions(request) + + +def test_test_iam_permissions_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = SecretManagerServiceClient(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.SecretManagerServiceGrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.SecretManagerServiceGrpcTransport, + transports.SecretManagerServiceGrpcAsyncIOTransport, + transports.SecretManagerServiceRestTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "rest", +]) +def test_transport_kind(transport_name): + transport = SecretManagerServiceClient.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.SecretManagerServiceGrpcTransport, + ) + +def test_secret_manager_service_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.SecretManagerServiceTransport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_secret_manager_service_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.secretmanager_v1beta1.services.secret_manager_service.transports.SecretManagerServiceTransport.__init__') as Transport: + Transport.return_value = None + transport = transports.SecretManagerServiceTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'list_secrets', + 'create_secret', + 'add_secret_version', + 'get_secret', + 'update_secret', + 'delete_secret', + 'list_secret_versions', + 'get_secret_version', + 'access_secret_version', + 'disable_secret_version', + 'enable_secret_version', + 'destroy_secret_version', + 'set_iam_policy', + 'get_iam_policy', + 'test_iam_permissions', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_secret_manager_service_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.secretmanager_v1beta1.services.secret_manager_service.transports.SecretManagerServiceTransport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SecretManagerServiceTransport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_secret_manager_service_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.secretmanager_v1beta1.services.secret_manager_service.transports.SecretManagerServiceTransport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SecretManagerServiceTransport() + adc.assert_called_once() + + +def test_secret_manager_service_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + SecretManagerServiceClient() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SecretManagerServiceGrpcTransport, + transports.SecretManagerServiceGrpcAsyncIOTransport, + ], +) +def test_secret_manager_service_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SecretManagerServiceGrpcTransport, + transports.SecretManagerServiceGrpcAsyncIOTransport, + transports.SecretManagerServiceRestTransport, + ], +) +def test_secret_manager_service_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.SecretManagerServiceGrpcTransport, grpc_helpers), + (transports.SecretManagerServiceGrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_secret_manager_service_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "secretmanager.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="secretmanager.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.SecretManagerServiceGrpcTransport, transports.SecretManagerServiceGrpcAsyncIOTransport]) +def test_secret_manager_service_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + +def test_secret_manager_service_http_transport_client_cert_source_for_mtls(): + cred = ga_credentials.AnonymousCredentials() + with mock.patch("google.auth.transport.requests.AuthorizedSession.configure_mtls_channel") as mock_configure_mtls_channel: + transports.SecretManagerServiceRestTransport ( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + mock_configure_mtls_channel.assert_called_once_with(client_cert_source_callback) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", + "rest", +]) +def test_secret_manager_service_host_no_port(transport_name): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='secretmanager.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'secretmanager.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else 'https://secretmanager.googleapis.com' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", + "rest", +]) +def test_secret_manager_service_host_with_port(transport_name): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='secretmanager.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'secretmanager.googleapis.com:8000' + if transport_name in ['grpc', 'grpc_asyncio'] + else 'https://secretmanager.googleapis.com:8000' + ) + +@pytest.mark.parametrize("transport_name", [ + "rest", +]) +def test_secret_manager_service_client_transport_session_collision(transport_name): + creds1 = ga_credentials.AnonymousCredentials() + creds2 = ga_credentials.AnonymousCredentials() + client1 = SecretManagerServiceClient( + credentials=creds1, + transport=transport_name, + ) + client2 = SecretManagerServiceClient( + credentials=creds2, + transport=transport_name, + ) + session1 = client1.transport.list_secrets._session + session2 = client2.transport.list_secrets._session + assert session1 != session2 + session1 = client1.transport.create_secret._session + session2 = client2.transport.create_secret._session + assert session1 != session2 + session1 = client1.transport.add_secret_version._session + session2 = client2.transport.add_secret_version._session + assert session1 != session2 + session1 = client1.transport.get_secret._session + session2 = client2.transport.get_secret._session + assert session1 != session2 + session1 = client1.transport.update_secret._session + session2 = client2.transport.update_secret._session + assert session1 != session2 + session1 = client1.transport.delete_secret._session + session2 = client2.transport.delete_secret._session + assert session1 != session2 + session1 = client1.transport.list_secret_versions._session + session2 = client2.transport.list_secret_versions._session + assert session1 != session2 + session1 = client1.transport.get_secret_version._session + session2 = client2.transport.get_secret_version._session + assert session1 != session2 + session1 = client1.transport.access_secret_version._session + session2 = client2.transport.access_secret_version._session + assert session1 != session2 + session1 = client1.transport.disable_secret_version._session + session2 = client2.transport.disable_secret_version._session + assert session1 != session2 + session1 = client1.transport.enable_secret_version._session + session2 = client2.transport.enable_secret_version._session + assert session1 != session2 + session1 = client1.transport.destroy_secret_version._session + session2 = client2.transport.destroy_secret_version._session + assert session1 != session2 + session1 = client1.transport.set_iam_policy._session + session2 = client2.transport.set_iam_policy._session + assert session1 != session2 + session1 = client1.transport.get_iam_policy._session + session2 = client2.transport.get_iam_policy._session + assert session1 != session2 + session1 = client1.transport.test_iam_permissions._session + session2 = client2.transport.test_iam_permissions._session + assert session1 != session2 +def test_secret_manager_service_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SecretManagerServiceGrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_secret_manager_service_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SecretManagerServiceGrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SecretManagerServiceGrpcTransport, transports.SecretManagerServiceGrpcAsyncIOTransport]) +def test_secret_manager_service_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SecretManagerServiceGrpcTransport, transports.SecretManagerServiceGrpcAsyncIOTransport]) +def test_secret_manager_service_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_secret_path(): + project = "squid" + secret = "clam" + expected = "projects/{project}/secrets/{secret}".format(project=project, secret=secret, ) + actual = SecretManagerServiceClient.secret_path(project, secret) + assert expected == actual + + +def test_parse_secret_path(): + expected = { + "project": "whelk", + "secret": "octopus", + } + path = SecretManagerServiceClient.secret_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_secret_path(path) + assert expected == actual + +def test_secret_version_path(): + project = "oyster" + secret = "nudibranch" + secret_version = "cuttlefish" + expected = "projects/{project}/secrets/{secret}/versions/{secret_version}".format(project=project, secret=secret, secret_version=secret_version, ) + actual = SecretManagerServiceClient.secret_version_path(project, secret, secret_version) + assert expected == actual + + +def test_parse_secret_version_path(): + expected = { + "project": "mussel", + "secret": "winkle", + "secret_version": "nautilus", + } + path = SecretManagerServiceClient.secret_version_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_secret_version_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "scallop" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = SecretManagerServiceClient.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "abalone", + } + path = SecretManagerServiceClient.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "squid" + expected = "folders/{folder}".format(folder=folder, ) + actual = SecretManagerServiceClient.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "clam", + } + path = SecretManagerServiceClient.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "whelk" + expected = "organizations/{organization}".format(organization=organization, ) + actual = SecretManagerServiceClient.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "octopus", + } + path = SecretManagerServiceClient.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "oyster" + expected = "projects/{project}".format(project=project, ) + actual = SecretManagerServiceClient.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "nudibranch", + } + path = SecretManagerServiceClient.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "cuttlefish" + location = "mussel" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = SecretManagerServiceClient.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "winkle", + "location": "nautilus", + } + path = SecretManagerServiceClient.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.SecretManagerServiceTransport, '_prep_wrapped_messages') as prep: + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.SecretManagerServiceTransport, '_prep_wrapped_messages') as prep: + transport_class = SecretManagerServiceClient.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "rest": "_session", + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'rest', + 'grpc', + ] + for transport in transports: + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/.coveragerc b/owl-bot-staging/google-cloud-secret-manager/v1beta2/.coveragerc new file mode 100644 index 000000000000..ba39b6e150d0 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/.coveragerc @@ -0,0 +1,13 @@ +[run] +branch = True + +[report] +show_missing = True +omit = + google/cloud/secretmanager/__init__.py + google/cloud/secretmanager/gapic_version.py +exclude_lines = + # Re-enable the standard pragma + pragma: NO COVER + # Ignore debug-only repr + def __repr__ diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/.flake8 b/owl-bot-staging/google-cloud-secret-manager/v1beta2/.flake8 new file mode 100644 index 000000000000..29227d4cf419 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/.flake8 @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generated by synthtool. DO NOT EDIT! +[flake8] +ignore = E203, E266, E501, W503 +exclude = + # Exclude generated code. + **/proto/** + **/gapic/** + **/services/** + **/types/** + *_pb2.py + + # Standard linting exemptions. + **/.nox/** + __pycache__, + .git, + *.pyc, + conf.py diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/MANIFEST.in b/owl-bot-staging/google-cloud-secret-manager/v1beta2/MANIFEST.in new file mode 100644 index 000000000000..2e85641bf0c5 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/MANIFEST.in @@ -0,0 +1,2 @@ +recursive-include google/cloud/secretmanager *.py +recursive-include google/cloud/secretmanager_v1beta2 *.py diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/README.rst b/owl-bot-staging/google-cloud-secret-manager/v1beta2/README.rst new file mode 100644 index 000000000000..358776dacd39 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/README.rst @@ -0,0 +1,49 @@ +Python Client for Google Cloud Secretmanager API +================================================= + +Quick Start +----------- + +In order to use this library, you first need to go through the following steps: + +1. `Select or create a Cloud Platform project.`_ +2. `Enable billing for your project.`_ +3. Enable the Google Cloud Secretmanager API. +4. `Setup Authentication.`_ + +.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project +.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project +.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html + +Installation +~~~~~~~~~~~~ + +Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to +create isolated Python environments. The basic problem it addresses is one of +dependencies and versions, and indirectly permissions. + +With `virtualenv`_, it's possible to install this library without needing system +install permissions, and without clashing with the installed system +dependencies. + +.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ + + +Mac/Linux +^^^^^^^^^ + +.. code-block:: console + + python3 -m venv + source /bin/activate + /bin/pip install /path/to/library + + +Windows +^^^^^^^ + +.. code-block:: console + + python3 -m venv + \Scripts\activate + \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/_static/custom.css b/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/_static/custom.css new file mode 100644 index 000000000000..06423be0b592 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/_static/custom.css @@ -0,0 +1,3 @@ +dl.field-list > dt { + min-width: 100px +} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/conf.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/conf.py new file mode 100644 index 000000000000..5d8513ae6722 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/conf.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# google-cloud-secretmanager documentation build configuration file +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys +import os +import shlex + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +sys.path.insert(0, os.path.abspath("..")) + +__version__ = "0.1.0" + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = "4.0.1" + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + "sphinx.ext.autodoc", + "sphinx.ext.autosummary", + "sphinx.ext.intersphinx", + "sphinx.ext.coverage", + "sphinx.ext.napoleon", + "sphinx.ext.todo", + "sphinx.ext.viewcode", +] + +# autodoc/autosummary flags +autoclass_content = "both" +autodoc_default_flags = ["members"] +autosummary_generate = True + + +# Add any paths that contain templates here, relative to this directory. +templates_path = ["_templates"] + +# Allow markdown includes (so releases.md can include CHANGLEOG.md) +# http://www.sphinx-doc.org/en/master/markdown.html +source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +source_suffix = [".rst", ".md"] + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The root toctree document. +root_doc = "index" + +# General information about the project. +project = u"google-cloud-secretmanager" +copyright = u"2023, Google, LLC" +author = u"Google APIs" # TODO: autogenerate this bit + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The full version, including alpha/beta/rc tags. +release = __version__ +# The short X.Y version. +version = ".".join(release.split(".")[0:2]) + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = 'en' + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ["_build"] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = "sphinx" + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = True + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = "alabaster" + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +html_theme_options = { + "description": "Google Cloud Client Libraries for Python", + "github_user": "googleapis", + "github_repo": "google-cloud-python", + "github_banner": True, + "font_family": "'Roboto', Georgia, sans", + "head_font_family": "'Roboto', Georgia, serif", + "code_font_family": "'Roboto Mono', 'Consolas', monospace", +} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ["_static"] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = "google-cloud-secretmanager-doc" + +# -- Options for warnings ------------------------------------------------------ + + +suppress_warnings = [ + # Temporarily suppress this to avoid "more than one target found for + # cross-reference" warning, which are intractable for us to avoid while in + # a mono-repo. + # See https://github.com/sphinx-doc/sphinx/blob + # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 + "ref.python" +] + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ( + root_doc, + "google-cloud-secretmanager.tex", + u"google-cloud-secretmanager Documentation", + author, + "manual", + ) +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ( + root_doc, + "google-cloud-secretmanager", + u"Google Cloud Secretmanager Documentation", + [author], + 1, + ) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ( + root_doc, + "google-cloud-secretmanager", + u"google-cloud-secretmanager Documentation", + author, + "google-cloud-secretmanager", + "GAPIC library for Google Cloud Secretmanager API", + "APIs", + ) +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = { + "python": ("http://python.readthedocs.org/en/latest/", None), + "gax": ("https://gax-python.readthedocs.org/en/latest/", None), + "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), + "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), + "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), + "grpc": ("https://grpc.io/grpc/python/", None), + "requests": ("http://requests.kennethreitz.org/en/stable/", None), + "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), +} + + +# Napoleon settings +napoleon_google_docstring = True +napoleon_numpy_docstring = True +napoleon_include_private_with_doc = False +napoleon_include_special_with_doc = True +napoleon_use_admonition_for_examples = False +napoleon_use_admonition_for_notes = False +napoleon_use_admonition_for_references = False +napoleon_use_ivar = False +napoleon_use_param = True +napoleon_use_rtype = True diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/index.rst b/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/index.rst new file mode 100644 index 000000000000..216fbae17933 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/index.rst @@ -0,0 +1,7 @@ +API Reference +------------- +.. toctree:: + :maxdepth: 2 + + secretmanager_v1beta2/services + secretmanager_v1beta2/types diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/secretmanager_v1beta2/secret_manager_service.rst b/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/secretmanager_v1beta2/secret_manager_service.rst new file mode 100644 index 000000000000..02de01719256 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/secretmanager_v1beta2/secret_manager_service.rst @@ -0,0 +1,10 @@ +SecretManagerService +-------------------------------------- + +.. automodule:: google.cloud.secretmanager_v1beta2.services.secret_manager_service + :members: + :inherited-members: + +.. automodule:: google.cloud.secretmanager_v1beta2.services.secret_manager_service.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/secretmanager_v1beta2/services_.rst b/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/secretmanager_v1beta2/services_.rst new file mode 100644 index 000000000000..dc01d0472692 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/secretmanager_v1beta2/services_.rst @@ -0,0 +1,6 @@ +Services for Google Cloud Secretmanager v1beta2 API +=================================================== +.. toctree:: + :maxdepth: 2 + + secret_manager_service diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/secretmanager_v1beta2/types_.rst b/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/secretmanager_v1beta2/types_.rst new file mode 100644 index 000000000000..c5caf6dbc391 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/docs/secretmanager_v1beta2/types_.rst @@ -0,0 +1,6 @@ +Types for Google Cloud Secretmanager v1beta2 API +================================================ + +.. automodule:: google.cloud.secretmanager_v1beta2.types + :members: + :show-inheritance: diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager/__init__.py new file mode 100644 index 000000000000..920f86fdf765 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager/__init__.py @@ -0,0 +1,75 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.secretmanager import gapic_version as package_version + +__version__ = package_version.__version__ + + +from google.cloud.secretmanager_v1beta2.services.secret_manager_service.client import SecretManagerServiceClient +from google.cloud.secretmanager_v1beta2.services.secret_manager_service.async_client import SecretManagerServiceAsyncClient + +from google.cloud.secretmanager_v1beta2.types.resources import CustomerManagedEncryption +from google.cloud.secretmanager_v1beta2.types.resources import CustomerManagedEncryptionStatus +from google.cloud.secretmanager_v1beta2.types.resources import Replication +from google.cloud.secretmanager_v1beta2.types.resources import ReplicationStatus +from google.cloud.secretmanager_v1beta2.types.resources import Rotation +from google.cloud.secretmanager_v1beta2.types.resources import Secret +from google.cloud.secretmanager_v1beta2.types.resources import SecretPayload +from google.cloud.secretmanager_v1beta2.types.resources import SecretVersion +from google.cloud.secretmanager_v1beta2.types.resources import Topic +from google.cloud.secretmanager_v1beta2.types.service import AccessSecretVersionRequest +from google.cloud.secretmanager_v1beta2.types.service import AccessSecretVersionResponse +from google.cloud.secretmanager_v1beta2.types.service import AddSecretVersionRequest +from google.cloud.secretmanager_v1beta2.types.service import CreateSecretRequest +from google.cloud.secretmanager_v1beta2.types.service import DeleteSecretRequest +from google.cloud.secretmanager_v1beta2.types.service import DestroySecretVersionRequest +from google.cloud.secretmanager_v1beta2.types.service import DisableSecretVersionRequest +from google.cloud.secretmanager_v1beta2.types.service import EnableSecretVersionRequest +from google.cloud.secretmanager_v1beta2.types.service import GetSecretRequest +from google.cloud.secretmanager_v1beta2.types.service import GetSecretVersionRequest +from google.cloud.secretmanager_v1beta2.types.service import ListSecretsRequest +from google.cloud.secretmanager_v1beta2.types.service import ListSecretsResponse +from google.cloud.secretmanager_v1beta2.types.service import ListSecretVersionsRequest +from google.cloud.secretmanager_v1beta2.types.service import ListSecretVersionsResponse +from google.cloud.secretmanager_v1beta2.types.service import UpdateSecretRequest + +__all__ = ('SecretManagerServiceClient', + 'SecretManagerServiceAsyncClient', + 'CustomerManagedEncryption', + 'CustomerManagedEncryptionStatus', + 'Replication', + 'ReplicationStatus', + 'Rotation', + 'Secret', + 'SecretPayload', + 'SecretVersion', + 'Topic', + 'AccessSecretVersionRequest', + 'AccessSecretVersionResponse', + 'AddSecretVersionRequest', + 'CreateSecretRequest', + 'DeleteSecretRequest', + 'DestroySecretVersionRequest', + 'DisableSecretVersionRequest', + 'EnableSecretVersionRequest', + 'GetSecretRequest', + 'GetSecretVersionRequest', + 'ListSecretsRequest', + 'ListSecretsResponse', + 'ListSecretVersionsRequest', + 'ListSecretVersionsResponse', + 'UpdateSecretRequest', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager/gapic_version.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager/gapic_version.py new file mode 100644 index 000000000000..558c8aab67c5 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.0.0" # {x-release-please-version} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager/py.typed b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager/py.typed new file mode 100644 index 000000000000..188cc03c2873 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-secretmanager package uses inline types. diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/__init__.py new file mode 100644 index 000000000000..4d24777b0477 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/__init__.py @@ -0,0 +1,76 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.secretmanager_v1beta2 import gapic_version as package_version + +__version__ = package_version.__version__ + + +from .services.secret_manager_service import SecretManagerServiceClient +from .services.secret_manager_service import SecretManagerServiceAsyncClient + +from .types.resources import CustomerManagedEncryption +from .types.resources import CustomerManagedEncryptionStatus +from .types.resources import Replication +from .types.resources import ReplicationStatus +from .types.resources import Rotation +from .types.resources import Secret +from .types.resources import SecretPayload +from .types.resources import SecretVersion +from .types.resources import Topic +from .types.service import AccessSecretVersionRequest +from .types.service import AccessSecretVersionResponse +from .types.service import AddSecretVersionRequest +from .types.service import CreateSecretRequest +from .types.service import DeleteSecretRequest +from .types.service import DestroySecretVersionRequest +from .types.service import DisableSecretVersionRequest +from .types.service import EnableSecretVersionRequest +from .types.service import GetSecretRequest +from .types.service import GetSecretVersionRequest +from .types.service import ListSecretsRequest +from .types.service import ListSecretsResponse +from .types.service import ListSecretVersionsRequest +from .types.service import ListSecretVersionsResponse +from .types.service import UpdateSecretRequest + +__all__ = ( + 'SecretManagerServiceAsyncClient', +'AccessSecretVersionRequest', +'AccessSecretVersionResponse', +'AddSecretVersionRequest', +'CreateSecretRequest', +'CustomerManagedEncryption', +'CustomerManagedEncryptionStatus', +'DeleteSecretRequest', +'DestroySecretVersionRequest', +'DisableSecretVersionRequest', +'EnableSecretVersionRequest', +'GetSecretRequest', +'GetSecretVersionRequest', +'ListSecretVersionsRequest', +'ListSecretVersionsResponse', +'ListSecretsRequest', +'ListSecretsResponse', +'Replication', +'ReplicationStatus', +'Rotation', +'Secret', +'SecretManagerServiceClient', +'SecretPayload', +'SecretVersion', +'Topic', +'UpdateSecretRequest', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/gapic_metadata.json b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/gapic_metadata.json new file mode 100644 index 000000000000..3650d78e94c7 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/gapic_metadata.json @@ -0,0 +1,253 @@ + { + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "python", + "libraryPackage": "google.cloud.secretmanager_v1beta2", + "protoPackage": "google.cloud.secretmanager.v1beta2", + "schema": "1.0", + "services": { + "SecretManagerService": { + "clients": { + "grpc": { + "libraryClient": "SecretManagerServiceClient", + "rpcs": { + "AccessSecretVersion": { + "methods": [ + "access_secret_version" + ] + }, + "AddSecretVersion": { + "methods": [ + "add_secret_version" + ] + }, + "CreateSecret": { + "methods": [ + "create_secret" + ] + }, + "DeleteSecret": { + "methods": [ + "delete_secret" + ] + }, + "DestroySecretVersion": { + "methods": [ + "destroy_secret_version" + ] + }, + "DisableSecretVersion": { + "methods": [ + "disable_secret_version" + ] + }, + "EnableSecretVersion": { + "methods": [ + "enable_secret_version" + ] + }, + "GetIamPolicy": { + "methods": [ + "get_iam_policy" + ] + }, + "GetSecret": { + "methods": [ + "get_secret" + ] + }, + "GetSecretVersion": { + "methods": [ + "get_secret_version" + ] + }, + "ListSecretVersions": { + "methods": [ + "list_secret_versions" + ] + }, + "ListSecrets": { + "methods": [ + "list_secrets" + ] + }, + "SetIamPolicy": { + "methods": [ + "set_iam_policy" + ] + }, + "TestIamPermissions": { + "methods": [ + "test_iam_permissions" + ] + }, + "UpdateSecret": { + "methods": [ + "update_secret" + ] + } + } + }, + "grpc-async": { + "libraryClient": "SecretManagerServiceAsyncClient", + "rpcs": { + "AccessSecretVersion": { + "methods": [ + "access_secret_version" + ] + }, + "AddSecretVersion": { + "methods": [ + "add_secret_version" + ] + }, + "CreateSecret": { + "methods": [ + "create_secret" + ] + }, + "DeleteSecret": { + "methods": [ + "delete_secret" + ] + }, + "DestroySecretVersion": { + "methods": [ + "destroy_secret_version" + ] + }, + "DisableSecretVersion": { + "methods": [ + "disable_secret_version" + ] + }, + "EnableSecretVersion": { + "methods": [ + "enable_secret_version" + ] + }, + "GetIamPolicy": { + "methods": [ + "get_iam_policy" + ] + }, + "GetSecret": { + "methods": [ + "get_secret" + ] + }, + "GetSecretVersion": { + "methods": [ + "get_secret_version" + ] + }, + "ListSecretVersions": { + "methods": [ + "list_secret_versions" + ] + }, + "ListSecrets": { + "methods": [ + "list_secrets" + ] + }, + "SetIamPolicy": { + "methods": [ + "set_iam_policy" + ] + }, + "TestIamPermissions": { + "methods": [ + "test_iam_permissions" + ] + }, + "UpdateSecret": { + "methods": [ + "update_secret" + ] + } + } + }, + "rest": { + "libraryClient": "SecretManagerServiceClient", + "rpcs": { + "AccessSecretVersion": { + "methods": [ + "access_secret_version" + ] + }, + "AddSecretVersion": { + "methods": [ + "add_secret_version" + ] + }, + "CreateSecret": { + "methods": [ + "create_secret" + ] + }, + "DeleteSecret": { + "methods": [ + "delete_secret" + ] + }, + "DestroySecretVersion": { + "methods": [ + "destroy_secret_version" + ] + }, + "DisableSecretVersion": { + "methods": [ + "disable_secret_version" + ] + }, + "EnableSecretVersion": { + "methods": [ + "enable_secret_version" + ] + }, + "GetIamPolicy": { + "methods": [ + "get_iam_policy" + ] + }, + "GetSecret": { + "methods": [ + "get_secret" + ] + }, + "GetSecretVersion": { + "methods": [ + "get_secret_version" + ] + }, + "ListSecretVersions": { + "methods": [ + "list_secret_versions" + ] + }, + "ListSecrets": { + "methods": [ + "list_secrets" + ] + }, + "SetIamPolicy": { + "methods": [ + "set_iam_policy" + ] + }, + "TestIamPermissions": { + "methods": [ + "test_iam_permissions" + ] + }, + "UpdateSecret": { + "methods": [ + "update_secret" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/gapic_version.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/gapic_version.py new file mode 100644 index 000000000000..558c8aab67c5 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.0.0" # {x-release-please-version} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/py.typed b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/py.typed new file mode 100644 index 000000000000..188cc03c2873 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-secretmanager package uses inline types. diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/__init__.py new file mode 100644 index 000000000000..8f6cf068242c --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/__init__.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/__init__.py new file mode 100644 index 000000000000..8a012b7ce26e --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import SecretManagerServiceClient +from .async_client import SecretManagerServiceAsyncClient + +__all__ = ( + 'SecretManagerServiceClient', + 'SecretManagerServiceAsyncClient', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/async_client.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/async_client.py new file mode 100644 index 000000000000..360e7324b0f4 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/async_client.py @@ -0,0 +1,2113 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union + +from google.cloud.secretmanager_v1beta2 import gapic_version as package_version + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry_async as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.AsyncRetry, gapic_v1.method._MethodDefault, None] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.AsyncRetry, object, None] # type: ignore + +from google.cloud.location import locations_pb2 # type: ignore +from google.cloud.secretmanager_v1beta2.services.secret_manager_service import pagers +from google.cloud.secretmanager_v1beta2.types import resources +from google.cloud.secretmanager_v1beta2.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import duration_pb2 # type: ignore +from google.protobuf import field_mask_pb2 # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import SecretManagerServiceGrpcAsyncIOTransport +from .client import SecretManagerServiceClient + + +class SecretManagerServiceAsyncClient: + """Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secretmanager.v1beta2.Secret] + - [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + """ + + _client: SecretManagerServiceClient + + # Copy defaults from the synchronous client for use here. + # Note: DEFAULT_ENDPOINT is deprecated. Use _DEFAULT_ENDPOINT_TEMPLATE instead. + DEFAULT_ENDPOINT = SecretManagerServiceClient.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + _DEFAULT_ENDPOINT_TEMPLATE = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE + _DEFAULT_UNIVERSE = SecretManagerServiceClient._DEFAULT_UNIVERSE + + secret_path = staticmethod(SecretManagerServiceClient.secret_path) + parse_secret_path = staticmethod(SecretManagerServiceClient.parse_secret_path) + secret_version_path = staticmethod(SecretManagerServiceClient.secret_version_path) + parse_secret_version_path = staticmethod(SecretManagerServiceClient.parse_secret_version_path) + topic_path = staticmethod(SecretManagerServiceClient.topic_path) + parse_topic_path = staticmethod(SecretManagerServiceClient.parse_topic_path) + common_billing_account_path = staticmethod(SecretManagerServiceClient.common_billing_account_path) + parse_common_billing_account_path = staticmethod(SecretManagerServiceClient.parse_common_billing_account_path) + common_folder_path = staticmethod(SecretManagerServiceClient.common_folder_path) + parse_common_folder_path = staticmethod(SecretManagerServiceClient.parse_common_folder_path) + common_organization_path = staticmethod(SecretManagerServiceClient.common_organization_path) + parse_common_organization_path = staticmethod(SecretManagerServiceClient.parse_common_organization_path) + common_project_path = staticmethod(SecretManagerServiceClient.common_project_path) + parse_common_project_path = staticmethod(SecretManagerServiceClient.parse_common_project_path) + common_location_path = staticmethod(SecretManagerServiceClient.common_location_path) + parse_common_location_path = staticmethod(SecretManagerServiceClient.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecretManagerServiceAsyncClient: The constructed client. + """ + return SecretManagerServiceClient.from_service_account_info.__func__(SecretManagerServiceAsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecretManagerServiceAsyncClient: The constructed client. + """ + return SecretManagerServiceClient.from_service_account_file.__func__(SecretManagerServiceAsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variable is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return SecretManagerServiceClient.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> SecretManagerServiceTransport: + """Returns the transport used by the client instance. + + Returns: + SecretManagerServiceTransport: The transport used by the client instance. + """ + return self._client.transport + + @property + def api_endpoint(self): + """Return the API endpoint used by the client instance. + + Returns: + str: The API endpoint used by the client instance. + """ + return self._client._api_endpoint + + @property + def universe_domain(self) -> str: + """Return the universe domain used by the client instance. + + Returns: + str: The universe domain used + by the client instance. + """ + return self._client._universe_domain + + get_transport_class = functools.partial(type(SecretManagerServiceClient).get_transport_class, type(SecretManagerServiceClient)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, SecretManagerServiceTransport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the secret manager service async client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.SecretManagerServiceTransport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): + Custom options for the client. + + 1. The ``api_endpoint`` property can be used to override the + default endpoint provided by the client when ``transport`` is + not explicitly provided. Only if this property is not set and + ``transport`` was not explicitly provided, the endpoint is + determined by the GOOGLE_API_USE_MTLS_ENDPOINT environment + variable, which have one of the following values: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto-switch to the + default mTLS endpoint if client certificate is present; this is + the default value). + + 2. If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide a client certificate for mTLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + 3. The ``universe_domain`` property can be used to override the + default "googleapis.com" universe. Note that ``api_endpoint`` + property still takes precedence; and ``universe_domain`` is + currently not supported for mTLS. + + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = SecretManagerServiceClient( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def list_secrets(self, + request: Optional[Union[service.ListSecretsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListSecretsAsyncPager: + r"""Lists [Secrets][google.cloud.secretmanager.v1beta2.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + async def sample_list_secrets(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.ListSecretsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secrets(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta2.types.ListSecretsRequest, dict]]): + The request object. Request message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecrets]. + parent (:class:`str`): + Required. The resource name of the project associated + with the + [Secrets][google.cloud.secretmanager.v1beta2.Secret], in + the format ``projects/*`` or ``projects/*/locations/*`` + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.services.secret_manager_service.pagers.ListSecretsAsyncPager: + Response message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecrets]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListSecretsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_secrets, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListSecretsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def create_secret(self, + request: Optional[Union[service.CreateSecretRequest, dict]] = None, + *, + parent: Optional[str] = None, + secret_id: Optional[str] = None, + secret: Optional[resources.Secret] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Creates a new + [Secret][google.cloud.secretmanager.v1beta2.Secret] containing + no + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + async def sample_create_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.CreateSecretRequest( + parent="parent_value", + secret_id="secret_id_value", + ) + + # Make the request + response = await client.create_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta2.types.CreateSecretRequest, dict]]): + The request object. Request message for + [SecretManagerService.CreateSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.CreateSecret]. + parent (:class:`str`): + Required. The resource name of the project to associate + with the + [Secret][google.cloud.secretmanager.v1beta2.Secret], in + the format ``projects/*`` or ``projects/*/locations/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + secret_id (:class:`str`): + Required. This must be unique within the project. + + A secret ID is a string with a maximum length of 255 + characters and can contain uppercase and lowercase + letters, numerals, and the hyphen (``-``) and underscore + (``_``) characters. + + This corresponds to the ``secret_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + secret (:class:`google.cloud.secretmanager_v1beta2.types.Secret`): + Required. A + [Secret][google.cloud.secretmanager.v1beta2.Secret] with + initial field values. + + This corresponds to the ``secret`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.Secret: + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is a logical secret + whose value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1beta2.Secret] + is made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, secret_id, secret]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.CreateSecretRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if secret_id is not None: + request.secret_id = secret_id + if secret is not None: + request.secret = secret + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.create_secret, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def add_secret_version(self, + request: Optional[Union[service.AddSecretVersionRequest, dict]] = None, + *, + parent: Optional[str] = None, + payload: Optional[resources.SecretPayload] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Creates a new + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + containing secret data and attaches it to an existing + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + async def sample_add_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.AddSecretVersionRequest( + parent="parent_value", + ) + + # Make the request + response = await client.add_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta2.types.AddSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AddSecretVersion]. + parent (:class:`str`): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret] to + associate with the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + in the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + payload (:class:`google.cloud.secretmanager_v1beta2.types.SecretPayload`): + Required. The secret payload of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + This corresponds to the ``payload`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, payload]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.AddSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if payload is not None: + request.payload = payload + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.add_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_secret(self, + request: Optional[Union[service.GetSecretRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Gets metadata for a given + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + async def sample_get_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.GetSecretRequest( + name="name_value", + ) + + # Make the request + response = await client.get_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta2.types.GetSecretRequest, dict]]): + The request object. Request message for + [SecretManagerService.GetSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecret]. + name (:class:`str`): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret], in + the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.Secret: + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is a logical secret + whose value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1beta2.Secret] + is made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSecretRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_secret, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_secret(self, + request: Optional[Union[service.UpdateSecretRequest, dict]] = None, + *, + secret: Optional[resources.Secret] = None, + update_mask: Optional[field_mask_pb2.FieldMask] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Updates metadata of an existing + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + async def sample_update_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.UpdateSecretRequest( + ) + + # Make the request + response = await client.update_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta2.types.UpdateSecretRequest, dict]]): + The request object. Request message for + [SecretManagerService.UpdateSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.UpdateSecret]. + secret (:class:`google.cloud.secretmanager_v1beta2.types.Secret`): + Required. + [Secret][google.cloud.secretmanager.v1beta2.Secret] with + updated field values. + + This corresponds to the ``secret`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + update_mask (:class:`google.protobuf.field_mask_pb2.FieldMask`): + Required. Specifies the fields to be + updated. + + This corresponds to the ``update_mask`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.Secret: + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is a logical secret + whose value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1beta2.Secret] + is made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([secret, update_mask]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdateSecretRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if secret is not None: + request.secret = secret + if update_mask is not None: + request.update_mask = update_mask + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_secret, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("secret.name", request.secret.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def delete_secret(self, + request: Optional[Union[service.DeleteSecretRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes a [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + async def sample_delete_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.DeleteSecretRequest( + name="name_value", + ) + + # Make the request + await client.delete_secret(request=request) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta2.types.DeleteSecretRequest, dict]]): + The request object. Request message for + [SecretManagerService.DeleteSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.DeleteSecret]. + name (:class:`str`): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret] to + delete in the format ``projects/*/secrets/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DeleteSecretRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.delete_secret, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + async def list_secret_versions(self, + request: Optional[Union[service.ListSecretVersionsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListSecretVersionsAsyncPager: + r"""Lists + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. + This call does not return secret data. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + async def sample_list_secret_versions(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.ListSecretVersionsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secret_versions(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta2.types.ListSecretVersionsRequest, dict]]): + The request object. Request message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecretVersions]. + parent (:class:`str`): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret] + associated with the + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + to list, in the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.services.secret_manager_service.pagers.ListSecretVersionsAsyncPager: + Response message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecretVersions]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListSecretVersionsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_secret_versions, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListSecretVersionsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_secret_version(self, + request: Optional[Union[service.GetSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Gets metadata for a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + async def sample_get_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.GetSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.get_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta2.types.GetSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.GetSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + ``projects/*/secrets/*/versions/latest`` or + ``projects/*/locations/*/secrets/*/versions/latest`` is + an alias to the most recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def access_secret_version(self, + request: Optional[Union[service.AccessSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.AccessSecretVersionResponse: + r"""Accesses a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + This call returns the secret data. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + async def sample_access_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.AccessSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.access_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta2.types.AccessSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + ``projects/*/secrets/*/versions/latest`` or + ``projects/*/locations/*/secrets/*/versions/latest`` is + an alias to the most recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.AccessSecretVersionResponse: + Response message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion]. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.AccessSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.access_secret_version, + default_retry=retries.AsyncRetry( +initial=2.0,maximum=60.0,multiplier=2.0, predicate=retries.if_exception_type( + core_exceptions.ResourceExhausted, + core_exceptions.ServiceUnavailable, + ), + deadline=60.0, + ), + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def disable_secret_version(self, + request: Optional[Union[service.DisableSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Disables a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to + [DISABLED][google.cloud.secretmanager.v1beta2.SecretVersion.State.DISABLED]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + async def sample_disable_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.DisableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.disable_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta2.types.DisableSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.DisableSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.DisableSecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to disable in the format + ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DisableSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.disable_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def enable_secret_version(self, + request: Optional[Union[service.EnableSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Enables a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to + [ENABLED][google.cloud.secretmanager.v1beta2.SecretVersion.State.ENABLED]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + async def sample_enable_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.EnableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.enable_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta2.types.EnableSecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.EnableSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.EnableSecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to enable in the format + ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.EnableSecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.enable_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def destroy_secret_version(self, + request: Optional[Union[service.DestroySecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Destroys a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to + [DESTROYED][google.cloud.secretmanager.v1beta2.SecretVersion.State.DESTROYED] + and irrevocably destroys the secret data. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + async def sample_destroy_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.DestroySecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.destroy_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.secretmanager_v1beta2.types.DestroySecretVersionRequest, dict]]): + The request object. Request message for + [SecretManagerService.DestroySecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.DestroySecretVersion]. + name (:class:`str`): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to destroy in the format + ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DestroySecretVersionRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.destroy_secret_version, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def set_iam_policy(self, + request: Optional[Union[iam_policy_pb2.SetIamPolicyRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> policy_pb2.Policy: + r"""Sets the access control policy on the specified secret. Replaces + any existing policy. + + Permissions on + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + are enforced according to the policy set on the associated + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + async def sample_set_iam_policy(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.SetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = await client.set_iam_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]]): + The request object. Request message for ``SetIamPolicy`` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. + + A Policy is a collection of bindings. A binding binds + one or more members, or principals, to a single role. + Principals can be user accounts, service accounts, + Google groups, and domains (such as G Suite). A role + is a named list of permissions; each role can be an + IAM predefined role or a user-created custom role. + + For some types of Google Cloud resources, a binding + can also specify a condition, which is a logical + expression that allows access to a resource only if + the expression evaluates to true. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the [IAM + documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). + + **JSON example:** + + :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` + + **YAML example:** + + :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` + + For a description of IAM and its features, see the + [IAM + documentation](\ https://cloud.google.com/iam/docs/). + + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = iam_policy_pb2.SetIamPolicyRequest(**request) + elif not request: + request = iam_policy_pb2.SetIamPolicyRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.set_iam_policy, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_iam_policy(self, + request: Optional[Union[iam_policy_pb2.GetIamPolicyRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> policy_pb2.Policy: + r"""Gets the access control policy for a secret. + Returns empty policy if the secret exists and does not + have a policy set. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + async def sample_get_iam_policy(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.GetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = await client.get_iam_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]]): + The request object. Request message for ``GetIamPolicy`` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. + + A Policy is a collection of bindings. A binding binds + one or more members, or principals, to a single role. + Principals can be user accounts, service accounts, + Google groups, and domains (such as G Suite). A role + is a named list of permissions; each role can be an + IAM predefined role or a user-created custom role. + + For some types of Google Cloud resources, a binding + can also specify a condition, which is a logical + expression that allows access to a resource only if + the expression evaluates to true. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the [IAM + documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). + + **JSON example:** + + :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` + + **YAML example:** + + :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` + + For a description of IAM and its features, see the + [IAM + documentation](\ https://cloud.google.com/iam/docs/). + + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = iam_policy_pb2.GetIamPolicyRequest(**request) + elif not request: + request = iam_policy_pb2.GetIamPolicyRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_iam_policy, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def test_iam_permissions(self, + request: Optional[Union[iam_policy_pb2.TestIamPermissionsRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> iam_policy_pb2.TestIamPermissionsResponse: + r"""Returns permissions that a caller has for the specified secret. + If the secret does not exist, this call returns an empty set of + permissions, not a NOT_FOUND error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without + warning. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + async def sample_test_iam_permissions(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.TestIamPermissionsRequest( + resource="resource_value", + permissions=['permissions_value1', 'permissions_value2'], + ) + + # Make the request + response = await client.test_iam_permissions(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]]): + The request object. Request message for ``TestIamPermissions`` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse: + Response message for TestIamPermissions method. + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = iam_policy_pb2.TestIamPermissionsRequest(**request) + elif not request: + request = iam_policy_pb2.TestIamPermissionsRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.test_iam_permissions, + default_timeout=60.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_location( + self, + request: Optional[locations_pb2.GetLocationRequest] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> locations_pb2.Location: + r"""Gets information about a location. + + Args: + request (:class:`~.location_pb2.GetLocationRequest`): + The request object. Request message for + `GetLocation` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, + if any, should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + Returns: + ~.location_pb2.Location: + Location object. + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = locations_pb2.GetLocationRequest(**request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_location, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata( + (("name", request.name),)), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, retry=retry, timeout=timeout, metadata=metadata,) + + # Done; return the response. + return response + + async def list_locations( + self, + request: Optional[locations_pb2.ListLocationsRequest] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> locations_pb2.ListLocationsResponse: + r"""Lists information about the supported locations for this service. + + Args: + request (:class:`~.location_pb2.ListLocationsRequest`): + The request object. Request message for + `ListLocations` method. + retry (google.api_core.retry_async.AsyncRetry): Designation of what errors, + if any, should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + Returns: + ~.location_pb2.ListLocationsResponse: + Response message for ``ListLocations`` method. + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = locations_pb2.ListLocationsRequest(**request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_locations, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata( + (("name", request.name),)), + ) + + # Validate the universe domain. + self._client._validate_universe_domain() + + # Send the request. + response = await rpc( + request, retry=retry, timeout=timeout, metadata=metadata,) + + # Done; return the response. + return response + + async def __aenter__(self) -> "SecretManagerServiceAsyncClient": + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +__all__ = ( + "SecretManagerServiceAsyncClient", +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/client.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/client.py new file mode 100644 index 000000000000..b9bf4e1a38f3 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/client.py @@ -0,0 +1,2462 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import warnings + +from google.cloud.secretmanager_v1beta2 import gapic_version as package_version + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault, None] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object, None] # type: ignore + +from google.cloud.location import locations_pb2 # type: ignore +from google.cloud.secretmanager_v1beta2.services.secret_manager_service import pagers +from google.cloud.secretmanager_v1beta2.types import resources +from google.cloud.secretmanager_v1beta2.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import duration_pb2 # type: ignore +from google.protobuf import field_mask_pb2 # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO +from .transports.grpc import SecretManagerServiceGrpcTransport +from .transports.grpc_asyncio import SecretManagerServiceGrpcAsyncIOTransport +from .transports.rest import SecretManagerServiceRestTransport + + +class SecretManagerServiceClientMeta(type): + """Metaclass for the SecretManagerService client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[SecretManagerServiceTransport]] + _transport_registry["grpc"] = SecretManagerServiceGrpcTransport + _transport_registry["grpc_asyncio"] = SecretManagerServiceGrpcAsyncIOTransport + _transport_registry["rest"] = SecretManagerServiceRestTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[SecretManagerServiceTransport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class SecretManagerServiceClient(metaclass=SecretManagerServiceClientMeta): + """Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secretmanager.v1beta2.Secret] + - [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + # Note: DEFAULT_ENDPOINT is deprecated. Use _DEFAULT_ENDPOINT_TEMPLATE instead. + DEFAULT_ENDPOINT = "secretmanager.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + _DEFAULT_ENDPOINT_TEMPLATE = "secretmanager.{UNIVERSE_DOMAIN}" + _DEFAULT_UNIVERSE = "googleapis.com" + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecretManagerServiceClient: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecretManagerServiceClient: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> SecretManagerServiceTransport: + """Returns the transport used by the client instance. + + Returns: + SecretManagerServiceTransport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def secret_path(project: str,secret: str,) -> str: + """Returns a fully-qualified secret string.""" + return "projects/{project}/secrets/{secret}".format(project=project, secret=secret, ) + + @staticmethod + def parse_secret_path(path: str) -> Dict[str,str]: + """Parses a secret path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/secrets/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def secret_version_path(project: str,secret: str,secret_version: str,) -> str: + """Returns a fully-qualified secret_version string.""" + return "projects/{project}/secrets/{secret}/versions/{secret_version}".format(project=project, secret=secret, secret_version=secret_version, ) + + @staticmethod + def parse_secret_version_path(path: str) -> Dict[str,str]: + """Parses a secret_version path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/secrets/(?P.+?)/versions/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def topic_path(project: str,topic: str,) -> str: + """Returns a fully-qualified topic string.""" + return "projects/{project}/topics/{topic}".format(project=project, topic=topic, ) + + @staticmethod + def parse_topic_path(path: str) -> Dict[str,str]: + """Parses a topic path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/topics/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Deprecated. Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variable is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + + warnings.warn("get_mtls_endpoint_and_cert_source is deprecated. Use the api_endpoint property instead.", + DeprecationWarning) + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + @staticmethod + def _read_environment_variables(): + """Returns the environment variables used by the client. + + Returns: + Tuple[bool, str, str]: returns the GOOGLE_API_USE_CLIENT_CERTIFICATE, + GOOGLE_API_USE_MTLS_ENDPOINT, and GOOGLE_CLOUD_UNIVERSE_DOMAIN environment variables. + + Raises: + ValueError: If GOOGLE_API_USE_CLIENT_CERTIFICATE is not + any of ["true", "false"]. + google.auth.exceptions.MutualTLSChannelError: If GOOGLE_API_USE_MTLS_ENDPOINT + is not any of ["auto", "never", "always"]. + """ + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false").lower() + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto").lower() + universe_domain_env = os.getenv("GOOGLE_CLOUD_UNIVERSE_DOMAIN") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + return use_client_cert == "true", use_mtls_endpoint, universe_domain_env + + @staticmethod + def _get_client_cert_source(provided_cert_source, use_cert_flag): + """Return the client cert source to be used by the client. + + Args: + provided_cert_source (bytes): The client certificate source provided. + use_cert_flag (bool): A flag indicating whether to use the client certificate. + + Returns: + bytes or None: The client cert source to be used by the client. + """ + client_cert_source = None + if use_cert_flag: + if provided_cert_source: + client_cert_source = provided_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + return client_cert_source + + @staticmethod + def _get_api_endpoint(api_override, client_cert_source, universe_domain, use_mtls_endpoint): + """Return the API endpoint used by the client. + + Args: + api_override (str): The API endpoint override. If specified, this is always + the return value of this function and the other arguments are not used. + client_cert_source (bytes): The client certificate source used by the client. + universe_domain (str): The universe domain used by the client. + use_mtls_endpoint (str): How to use the mTLS endpoint, which depends also on the other parameters. + Possible values are "always", "auto", or "never". + + Returns: + str: The API endpoint to be used by the client. + """ + if api_override is not None: + api_endpoint = api_override + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + _default_universe = SecretManagerServiceClient._DEFAULT_UNIVERSE + if universe_domain != _default_universe: + raise MutualTLSChannelError(f"mTLS is not supported in any universe other than {_default_universe}.") + api_endpoint = SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=universe_domain) + return api_endpoint + + @staticmethod + def _get_universe_domain(client_universe_domain: Optional[str], universe_domain_env: Optional[str]) -> str: + """Return the universe domain used by the client. + + Args: + client_universe_domain (Optional[str]): The universe domain configured via the client options. + universe_domain_env (Optional[str]): The universe domain configured via the "GOOGLE_CLOUD_UNIVERSE_DOMAIN" environment variable. + + Returns: + str: The universe domain to be used by the client. + + Raises: + ValueError: If the universe domain is an empty string. + """ + universe_domain = SecretManagerServiceClient._DEFAULT_UNIVERSE + if client_universe_domain is not None: + universe_domain = client_universe_domain + elif universe_domain_env is not None: + universe_domain = universe_domain_env + if len(universe_domain.strip()) == 0: + raise ValueError("Universe Domain cannot be an empty string.") + return universe_domain + + @staticmethod + def _compare_universes(client_universe: str, + credentials: ga_credentials.Credentials) -> bool: + """Returns True iff the universe domains used by the client and credentials match. + + Args: + client_universe (str): The universe domain configured via the client options. + credentials (ga_credentials.Credentials): The credentials being used in the client. + + Returns: + bool: True iff client_universe matches the universe in credentials. + + Raises: + ValueError: when client_universe does not match the universe in credentials. + """ + + default_universe = SecretManagerServiceClient._DEFAULT_UNIVERSE + credentials_universe = getattr(credentials, "universe_domain", default_universe) + + if client_universe != credentials_universe: + raise ValueError("The configured universe domain " + f"({client_universe}) does not match the universe domain " + f"found in the credentials ({credentials_universe}). " + "If you haven't configured the universe domain explicitly, " + f"`{default_universe}` is the default.") + return True + + def _validate_universe_domain(self): + """Validates client's and credentials' universe domains are consistent. + + Returns: + bool: True iff the configured universe domain is valid. + + Raises: + ValueError: If the configured universe domain is not valid. + """ + self._is_universe_domain_valid = (self._is_universe_domain_valid or + SecretManagerServiceClient._compare_universes(self.universe_domain, self.transport._credentials)) + return self._is_universe_domain_valid + + @property + def api_endpoint(self): + """Return the API endpoint used by the client instance. + + Returns: + str: The API endpoint used by the client instance. + """ + return self._api_endpoint + + @property + def universe_domain(self) -> str: + """Return the universe domain used by the client instance. + + Returns: + str: The universe domain used by the client instance. + """ + return self._universe_domain + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, SecretManagerServiceTransport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the secret manager service client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, SecretManagerServiceTransport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): + Custom options for the client. + + 1. The ``api_endpoint`` property can be used to override the + default endpoint provided by the client when ``transport`` is + not explicitly provided. Only if this property is not set and + ``transport`` was not explicitly provided, the endpoint is + determined by the GOOGLE_API_USE_MTLS_ENDPOINT environment + variable, which have one of the following values: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto-switch to the + default mTLS endpoint if client certificate is present; this is + the default value). + + 2. If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide a client certificate for mTLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + 3. The ``universe_domain`` property can be used to override the + default "googleapis.com" universe. Note that the ``api_endpoint`` + property still takes precedence; and ``universe_domain`` is + currently not supported for mTLS. + + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client_options = client_options + if isinstance(self._client_options, dict): + self._client_options = client_options_lib.from_dict(self._client_options) + if self._client_options is None: + self._client_options = client_options_lib.ClientOptions() + self._client_options = cast(client_options_lib.ClientOptions, self._client_options) + + universe_domain_opt = getattr(self._client_options, 'universe_domain', None) + + self._use_client_cert, self._use_mtls_endpoint, self._universe_domain_env = SecretManagerServiceClient._read_environment_variables() + self._client_cert_source = SecretManagerServiceClient._get_client_cert_source(self._client_options.client_cert_source, self._use_client_cert) + self._universe_domain = SecretManagerServiceClient._get_universe_domain(universe_domain_opt, self._universe_domain_env) + self._api_endpoint = None # updated below, depending on `transport` + + # Initialize the universe domain validation. + self._is_universe_domain_valid = False + + api_key_value = getattr(self._client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + transport_provided = isinstance(transport, SecretManagerServiceTransport) + if transport_provided: + # transport is a SecretManagerServiceTransport instance. + if credentials or self._client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if self._client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = cast(SecretManagerServiceTransport, transport) + self._api_endpoint = self._transport.host + + self._api_endpoint = (self._api_endpoint or + SecretManagerServiceClient._get_api_endpoint( + self._client_options.api_endpoint, + self._client_cert_source, + self._universe_domain, + self._use_mtls_endpoint)) + + if not transport_provided: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(cast(str, transport)) + self._transport = Transport( + credentials=credentials, + credentials_file=self._client_options.credentials_file, + host=self._api_endpoint, + scopes=self._client_options.scopes, + client_cert_source_for_mtls=self._client_cert_source, + quota_project_id=self._client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=self._client_options.api_audience, + ) + + def list_secrets(self, + request: Optional[Union[service.ListSecretsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListSecretsPager: + r"""Lists [Secrets][google.cloud.secretmanager.v1beta2.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + def sample_list_secrets(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.ListSecretsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secrets(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta2.types.ListSecretsRequest, dict]): + The request object. Request message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecrets]. + parent (str): + Required. The resource name of the project associated + with the + [Secrets][google.cloud.secretmanager.v1beta2.Secret], in + the format ``projects/*`` or ``projects/*/locations/*`` + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.services.secret_manager_service.pagers.ListSecretsPager: + Response message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecrets]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListSecretsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListSecretsRequest): + request = service.ListSecretsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_secrets] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListSecretsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def create_secret(self, + request: Optional[Union[service.CreateSecretRequest, dict]] = None, + *, + parent: Optional[str] = None, + secret_id: Optional[str] = None, + secret: Optional[resources.Secret] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Creates a new + [Secret][google.cloud.secretmanager.v1beta2.Secret] containing + no + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + def sample_create_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.CreateSecretRequest( + parent="parent_value", + secret_id="secret_id_value", + ) + + # Make the request + response = client.create_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta2.types.CreateSecretRequest, dict]): + The request object. Request message for + [SecretManagerService.CreateSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.CreateSecret]. + parent (str): + Required. The resource name of the project to associate + with the + [Secret][google.cloud.secretmanager.v1beta2.Secret], in + the format ``projects/*`` or ``projects/*/locations/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + secret_id (str): + Required. This must be unique within the project. + + A secret ID is a string with a maximum length of 255 + characters and can contain uppercase and lowercase + letters, numerals, and the hyphen (``-``) and underscore + (``_``) characters. + + This corresponds to the ``secret_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + secret (google.cloud.secretmanager_v1beta2.types.Secret): + Required. A + [Secret][google.cloud.secretmanager.v1beta2.Secret] with + initial field values. + + This corresponds to the ``secret`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.Secret: + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is a logical secret + whose value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1beta2.Secret] + is made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, secret_id, secret]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.CreateSecretRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.CreateSecretRequest): + request = service.CreateSecretRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if secret_id is not None: + request.secret_id = secret_id + if secret is not None: + request.secret = secret + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.create_secret] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def add_secret_version(self, + request: Optional[Union[service.AddSecretVersionRequest, dict]] = None, + *, + parent: Optional[str] = None, + payload: Optional[resources.SecretPayload] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Creates a new + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + containing secret data and attaches it to an existing + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + def sample_add_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.AddSecretVersionRequest( + parent="parent_value", + ) + + # Make the request + response = client.add_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta2.types.AddSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AddSecretVersion]. + parent (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret] to + associate with the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + in the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + payload (google.cloud.secretmanager_v1beta2.types.SecretPayload): + Required. The secret payload of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + This corresponds to the ``payload`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, payload]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.AddSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.AddSecretVersionRequest): + request = service.AddSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if payload is not None: + request.payload = payload + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.add_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_secret(self, + request: Optional[Union[service.GetSecretRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Gets metadata for a given + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + def sample_get_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.GetSecretRequest( + name="name_value", + ) + + # Make the request + response = client.get_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta2.types.GetSecretRequest, dict]): + The request object. Request message for + [SecretManagerService.GetSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecret]. + name (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret], in + the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.Secret: + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is a logical secret + whose value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1beta2.Secret] + is made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSecretRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSecretRequest): + request = service.GetSecretRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_secret] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_secret(self, + request: Optional[Union[service.UpdateSecretRequest, dict]] = None, + *, + secret: Optional[resources.Secret] = None, + update_mask: Optional[field_mask_pb2.FieldMask] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Secret: + r"""Updates metadata of an existing + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + def sample_update_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.UpdateSecretRequest( + ) + + # Make the request + response = client.update_secret(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta2.types.UpdateSecretRequest, dict]): + The request object. Request message for + [SecretManagerService.UpdateSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.UpdateSecret]. + secret (google.cloud.secretmanager_v1beta2.types.Secret): + Required. + [Secret][google.cloud.secretmanager.v1beta2.Secret] with + updated field values. + + This corresponds to the ``secret`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + update_mask (google.protobuf.field_mask_pb2.FieldMask): + Required. Specifies the fields to be + updated. + + This corresponds to the ``update_mask`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.Secret: + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is a logical secret + whose value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1beta2.Secret] + is made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + that represent the secret data. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([secret, update_mask]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdateSecretRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdateSecretRequest): + request = service.UpdateSecretRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if secret is not None: + request.secret = secret + if update_mask is not None: + request.update_mask = update_mask + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_secret] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("secret.name", request.secret.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def delete_secret(self, + request: Optional[Union[service.DeleteSecretRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes a [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + def sample_delete_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.DeleteSecretRequest( + name="name_value", + ) + + # Make the request + client.delete_secret(request=request) + + Args: + request (Union[google.cloud.secretmanager_v1beta2.types.DeleteSecretRequest, dict]): + The request object. Request message for + [SecretManagerService.DeleteSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.DeleteSecret]. + name (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret] to + delete in the format ``projects/*/secrets/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DeleteSecretRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DeleteSecretRequest): + request = service.DeleteSecretRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.delete_secret] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + def list_secret_versions(self, + request: Optional[Union[service.ListSecretVersionsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListSecretVersionsPager: + r"""Lists + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. + This call does not return secret data. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + def sample_list_secret_versions(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.ListSecretVersionsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secret_versions(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta2.types.ListSecretVersionsRequest, dict]): + The request object. Request message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecretVersions]. + parent (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret] + associated with the + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + to list, in the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.services.secret_manager_service.pagers.ListSecretVersionsPager: + Response message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecretVersions]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListSecretVersionsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListSecretVersionsRequest): + request = service.ListSecretVersionsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_secret_versions] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListSecretVersionsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_secret_version(self, + request: Optional[Union[service.GetSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Gets metadata for a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + def sample_get_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.GetSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.get_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta2.types.GetSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.GetSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + ``projects/*/secrets/*/versions/latest`` or + ``projects/*/locations/*/secrets/*/versions/latest`` is + an alias to the most recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSecretVersionRequest): + request = service.GetSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def access_secret_version(self, + request: Optional[Union[service.AccessSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.AccessSecretVersionResponse: + r"""Accesses a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + This call returns the secret data. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + def sample_access_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.AccessSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.access_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta2.types.AccessSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + ``projects/*/secrets/*/versions/latest`` or + ``projects/*/locations/*/secrets/*/versions/latest`` is + an alias to the most recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.AccessSecretVersionResponse: + Response message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion]. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.AccessSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.AccessSecretVersionRequest): + request = service.AccessSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.access_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def disable_secret_version(self, + request: Optional[Union[service.DisableSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Disables a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to + [DISABLED][google.cloud.secretmanager.v1beta2.SecretVersion.State.DISABLED]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + def sample_disable_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.DisableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.disable_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta2.types.DisableSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.DisableSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.DisableSecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to disable in the format + ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DisableSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DisableSecretVersionRequest): + request = service.DisableSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.disable_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def enable_secret_version(self, + request: Optional[Union[service.EnableSecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Enables a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to + [ENABLED][google.cloud.secretmanager.v1beta2.SecretVersion.State.ENABLED]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + def sample_enable_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.EnableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.enable_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta2.types.EnableSecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.EnableSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.EnableSecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to enable in the format + ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.EnableSecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.EnableSecretVersionRequest): + request = service.EnableSecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.enable_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def destroy_secret_version(self, + request: Optional[Union[service.DestroySecretVersionRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.SecretVersion: + r"""Destroys a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to + [DESTROYED][google.cloud.secretmanager.v1beta2.SecretVersion.State.DESTROYED] + and irrevocably destroys the secret data. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + + def sample_destroy_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.DestroySecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.destroy_secret_version(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.secretmanager_v1beta2.types.DestroySecretVersionRequest, dict]): + The request object. Request message for + [SecretManagerService.DestroySecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.DestroySecretVersion]. + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to destroy in the format + ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.secretmanager_v1beta2.types.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DestroySecretVersionRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DestroySecretVersionRequest): + request = service.DestroySecretVersionRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.destroy_secret_version] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def set_iam_policy(self, + request: Optional[Union[iam_policy_pb2.SetIamPolicyRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> policy_pb2.Policy: + r"""Sets the access control policy on the specified secret. Replaces + any existing policy. + + Permissions on + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + are enforced according to the policy set on the associated + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + def sample_set_iam_policy(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.SetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = client.set_iam_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]): + The request object. Request message for ``SetIamPolicy`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. + + A Policy is a collection of bindings. A binding binds + one or more members, or principals, to a single role. + Principals can be user accounts, service accounts, + Google groups, and domains (such as G Suite). A role + is a named list of permissions; each role can be an + IAM predefined role or a user-created custom role. + + For some types of Google Cloud resources, a binding + can also specify a condition, which is a logical + expression that allows access to a resource only if + the expression evaluates to true. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the [IAM + documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). + + **JSON example:** + + :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` + + **YAML example:** + + :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` + + For a description of IAM and its features, see the + [IAM + documentation](\ https://cloud.google.com/iam/docs/). + + """ + # Create or coerce a protobuf request object. + if isinstance(request, dict): + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + request = iam_policy_pb2.SetIamPolicyRequest(**request) + elif not request: + # Null request, just make one. + request = iam_policy_pb2.SetIamPolicyRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.set_iam_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_iam_policy(self, + request: Optional[Union[iam_policy_pb2.GetIamPolicyRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> policy_pb2.Policy: + r"""Gets the access control policy for a secret. + Returns empty policy if the secret exists and does not + have a policy set. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + def sample_get_iam_policy(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.GetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = client.get_iam_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]): + The request object. Request message for ``GetIamPolicy`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which specifies access + controls for Google Cloud resources. + + A Policy is a collection of bindings. A binding binds + one or more members, or principals, to a single role. + Principals can be user accounts, service accounts, + Google groups, and domains (such as G Suite). A role + is a named list of permissions; each role can be an + IAM predefined role or a user-created custom role. + + For some types of Google Cloud resources, a binding + can also specify a condition, which is a logical + expression that allows access to a resource only if + the expression evaluates to true. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the [IAM + documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). + + **JSON example:** + + :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` + + **YAML example:** + + :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` + + For a description of IAM and its features, see the + [IAM + documentation](\ https://cloud.google.com/iam/docs/). + + """ + # Create or coerce a protobuf request object. + if isinstance(request, dict): + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + request = iam_policy_pb2.GetIamPolicyRequest(**request) + elif not request: + # Null request, just make one. + request = iam_policy_pb2.GetIamPolicyRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_iam_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def test_iam_permissions(self, + request: Optional[Union[iam_policy_pb2.TestIamPermissionsRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> iam_policy_pb2.TestIamPermissionsResponse: + r"""Returns permissions that a caller has for the specified secret. + If the secret does not exist, this call returns an empty set of + permissions, not a NOT_FOUND error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without + warning. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import secretmanager_v1beta2 + from google.iam.v1 import iam_policy_pb2 # type: ignore + + def sample_test_iam_permissions(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.TestIamPermissionsRequest( + resource="resource_value", + permissions=['permissions_value1', 'permissions_value2'], + ) + + # Make the request + response = client.test_iam_permissions(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]): + The request object. Request message for ``TestIamPermissions`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse: + Response message for TestIamPermissions method. + """ + # Create or coerce a protobuf request object. + if isinstance(request, dict): + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + request = iam_policy_pb2.TestIamPermissionsRequest(**request) + elif not request: + # Null request, just make one. + request = iam_policy_pb2.TestIamPermissionsRequest() + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.test_iam_permissions] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("resource", request.resource), + )), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self) -> "SecretManagerServiceClient": + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + def get_location( + self, + request: Optional[locations_pb2.GetLocationRequest] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> locations_pb2.Location: + r"""Gets information about a location. + + Args: + request (:class:`~.location_pb2.GetLocationRequest`): + The request object. Request message for + `GetLocation` method. + retry (google.api_core.retry.Retry): Designation of what errors, + if any, should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + Returns: + ~.location_pb2.Location: + Location object. + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = locations_pb2.GetLocationRequest(**request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method.wrap_method( + self._transport.get_location, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata( + (("name", request.name),)), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, retry=retry, timeout=timeout, metadata=metadata,) + + # Done; return the response. + return response + + def list_locations( + self, + request: Optional[locations_pb2.ListLocationsRequest] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Union[float, object] = gapic_v1.method.DEFAULT, + metadata: Sequence[Tuple[str, str]] = (), + ) -> locations_pb2.ListLocationsResponse: + r"""Lists information about the supported locations for this service. + + Args: + request (:class:`~.location_pb2.ListLocationsRequest`): + The request object. Request message for + `ListLocations` method. + retry (google.api_core.retry.Retry): Designation of what errors, + if any, should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + Returns: + ~.location_pb2.ListLocationsResponse: + Response message for ``ListLocations`` method. + """ + # Create or coerce a protobuf request object. + # The request isn't a proto-plus wrapped type, + # so it must be constructed via keyword expansion. + if isinstance(request, dict): + request = locations_pb2.ListLocationsRequest(**request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method.wrap_method( + self._transport.list_locations, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata( + (("name", request.name),)), + ) + + # Validate the universe domain. + self._validate_universe_domain() + + # Send the request. + response = rpc( + request, retry=retry, timeout=timeout, metadata=metadata,) + + # Done; return the response. + return response + + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +__all__ = ( + "SecretManagerServiceClient", +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/pagers.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/pagers.py new file mode 100644 index 000000000000..95027e6e45f5 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/pagers.py @@ -0,0 +1,261 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.secretmanager_v1beta2.types import resources +from google.cloud.secretmanager_v1beta2.types import service + + +class ListSecretsPager: + """A pager for iterating through ``list_secrets`` requests. + + This class thinly wraps an initial + :class:`google.cloud.secretmanager_v1beta2.types.ListSecretsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``secrets`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListSecrets`` requests and continue to iterate + through the ``secrets`` field on the + corresponding responses. + + All the usual :class:`google.cloud.secretmanager_v1beta2.types.ListSecretsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListSecretsResponse], + request: service.ListSecretsRequest, + response: service.ListSecretsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.secretmanager_v1beta2.types.ListSecretsRequest): + The initial request object. + response (google.cloud.secretmanager_v1beta2.types.ListSecretsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListSecretsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListSecretsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.Secret]: + for page in self.pages: + yield from page.secrets + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListSecretsAsyncPager: + """A pager for iterating through ``list_secrets`` requests. + + This class thinly wraps an initial + :class:`google.cloud.secretmanager_v1beta2.types.ListSecretsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``secrets`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListSecrets`` requests and continue to iterate + through the ``secrets`` field on the + corresponding responses. + + All the usual :class:`google.cloud.secretmanager_v1beta2.types.ListSecretsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListSecretsResponse]], + request: service.ListSecretsRequest, + response: service.ListSecretsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.secretmanager_v1beta2.types.ListSecretsRequest): + The initial request object. + response (google.cloud.secretmanager_v1beta2.types.ListSecretsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListSecretsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListSecretsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.Secret]: + async def async_generator(): + async for page in self.pages: + for response in page.secrets: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListSecretVersionsPager: + """A pager for iterating through ``list_secret_versions`` requests. + + This class thinly wraps an initial + :class:`google.cloud.secretmanager_v1beta2.types.ListSecretVersionsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``versions`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListSecretVersions`` requests and continue to iterate + through the ``versions`` field on the + corresponding responses. + + All the usual :class:`google.cloud.secretmanager_v1beta2.types.ListSecretVersionsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListSecretVersionsResponse], + request: service.ListSecretVersionsRequest, + response: service.ListSecretVersionsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.secretmanager_v1beta2.types.ListSecretVersionsRequest): + The initial request object. + response (google.cloud.secretmanager_v1beta2.types.ListSecretVersionsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListSecretVersionsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListSecretVersionsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.SecretVersion]: + for page in self.pages: + yield from page.versions + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListSecretVersionsAsyncPager: + """A pager for iterating through ``list_secret_versions`` requests. + + This class thinly wraps an initial + :class:`google.cloud.secretmanager_v1beta2.types.ListSecretVersionsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``versions`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListSecretVersions`` requests and continue to iterate + through the ``versions`` field on the + corresponding responses. + + All the usual :class:`google.cloud.secretmanager_v1beta2.types.ListSecretVersionsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListSecretVersionsResponse]], + request: service.ListSecretVersionsRequest, + response: service.ListSecretVersionsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.secretmanager_v1beta2.types.ListSecretVersionsRequest): + The initial request object. + response (google.cloud.secretmanager_v1beta2.types.ListSecretVersionsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListSecretVersionsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListSecretVersionsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.SecretVersion]: + async def async_generator(): + async for page in self.pages: + for response in page.versions: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/__init__.py new file mode 100644 index 000000000000..f9c5d1564d99 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/__init__.py @@ -0,0 +1,38 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import SecretManagerServiceTransport +from .grpc import SecretManagerServiceGrpcTransport +from .grpc_asyncio import SecretManagerServiceGrpcAsyncIOTransport +from .rest import SecretManagerServiceRestTransport +from .rest import SecretManagerServiceRestInterceptor + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[SecretManagerServiceTransport]] +_transport_registry['grpc'] = SecretManagerServiceGrpcTransport +_transport_registry['grpc_asyncio'] = SecretManagerServiceGrpcAsyncIOTransport +_transport_registry['rest'] = SecretManagerServiceRestTransport + +__all__ = ( + 'SecretManagerServiceTransport', + 'SecretManagerServiceGrpcTransport', + 'SecretManagerServiceGrpcAsyncIOTransport', + 'SecretManagerServiceRestTransport', + 'SecretManagerServiceRestInterceptor', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/base.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/base.py new file mode 100644 index 000000000000..0853d2c7a7fe --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/base.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union + +from google.cloud.secretmanager_v1beta2 import gapic_version as package_version + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.location import locations_pb2 # type: ignore +from google.cloud.secretmanager_v1beta2.types import resources +from google.cloud.secretmanager_v1beta2.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import empty_pb2 # type: ignore + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(gapic_version=package_version.__version__) + + +class SecretManagerServiceTransport(abc.ABC): + """Abstract transport class for SecretManagerService.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'secretmanager.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to (default: 'secretmanager.googleapis.com'). + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + @property + def host(self): + return self._host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.list_secrets: gapic_v1.method.wrap_method( + self.list_secrets, + default_timeout=60.0, + client_info=client_info, + ), + self.create_secret: gapic_v1.method.wrap_method( + self.create_secret, + default_timeout=60.0, + client_info=client_info, + ), + self.add_secret_version: gapic_v1.method.wrap_method( + self.add_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.get_secret: gapic_v1.method.wrap_method( + self.get_secret, + default_timeout=60.0, + client_info=client_info, + ), + self.update_secret: gapic_v1.method.wrap_method( + self.update_secret, + default_timeout=60.0, + client_info=client_info, + ), + self.delete_secret: gapic_v1.method.wrap_method( + self.delete_secret, + default_timeout=60.0, + client_info=client_info, + ), + self.list_secret_versions: gapic_v1.method.wrap_method( + self.list_secret_versions, + default_timeout=60.0, + client_info=client_info, + ), + self.get_secret_version: gapic_v1.method.wrap_method( + self.get_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.access_secret_version: gapic_v1.method.wrap_method( + self.access_secret_version, + default_retry=retries.Retry( +initial=2.0,maximum=60.0,multiplier=2.0, predicate=retries.if_exception_type( + core_exceptions.ResourceExhausted, + core_exceptions.ServiceUnavailable, + ), + deadline=60.0, + ), + default_timeout=60.0, + client_info=client_info, + ), + self.disable_secret_version: gapic_v1.method.wrap_method( + self.disable_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.enable_secret_version: gapic_v1.method.wrap_method( + self.enable_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.destroy_secret_version: gapic_v1.method.wrap_method( + self.destroy_secret_version, + default_timeout=60.0, + client_info=client_info, + ), + self.set_iam_policy: gapic_v1.method.wrap_method( + self.set_iam_policy, + default_timeout=60.0, + client_info=client_info, + ), + self.get_iam_policy: gapic_v1.method.wrap_method( + self.get_iam_policy, + default_timeout=60.0, + client_info=client_info, + ), + self.test_iam_permissions: gapic_v1.method.wrap_method( + self.test_iam_permissions, + default_timeout=60.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def list_secrets(self) -> Callable[ + [service.ListSecretsRequest], + Union[ + service.ListSecretsResponse, + Awaitable[service.ListSecretsResponse] + ]]: + raise NotImplementedError() + + @property + def create_secret(self) -> Callable[ + [service.CreateSecretRequest], + Union[ + resources.Secret, + Awaitable[resources.Secret] + ]]: + raise NotImplementedError() + + @property + def add_secret_version(self) -> Callable[ + [service.AddSecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def get_secret(self) -> Callable[ + [service.GetSecretRequest], + Union[ + resources.Secret, + Awaitable[resources.Secret] + ]]: + raise NotImplementedError() + + @property + def update_secret(self) -> Callable[ + [service.UpdateSecretRequest], + Union[ + resources.Secret, + Awaitable[resources.Secret] + ]]: + raise NotImplementedError() + + @property + def delete_secret(self) -> Callable[ + [service.DeleteSecretRequest], + Union[ + empty_pb2.Empty, + Awaitable[empty_pb2.Empty] + ]]: + raise NotImplementedError() + + @property + def list_secret_versions(self) -> Callable[ + [service.ListSecretVersionsRequest], + Union[ + service.ListSecretVersionsResponse, + Awaitable[service.ListSecretVersionsResponse] + ]]: + raise NotImplementedError() + + @property + def get_secret_version(self) -> Callable[ + [service.GetSecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def access_secret_version(self) -> Callable[ + [service.AccessSecretVersionRequest], + Union[ + service.AccessSecretVersionResponse, + Awaitable[service.AccessSecretVersionResponse] + ]]: + raise NotImplementedError() + + @property + def disable_secret_version(self) -> Callable[ + [service.DisableSecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def enable_secret_version(self) -> Callable[ + [service.EnableSecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def destroy_secret_version(self) -> Callable[ + [service.DestroySecretVersionRequest], + Union[ + resources.SecretVersion, + Awaitable[resources.SecretVersion] + ]]: + raise NotImplementedError() + + @property + def set_iam_policy(self) -> Callable[ + [iam_policy_pb2.SetIamPolicyRequest], + Union[ + policy_pb2.Policy, + Awaitable[policy_pb2.Policy] + ]]: + raise NotImplementedError() + + @property + def get_iam_policy(self) -> Callable[ + [iam_policy_pb2.GetIamPolicyRequest], + Union[ + policy_pb2.Policy, + Awaitable[policy_pb2.Policy] + ]]: + raise NotImplementedError() + + @property + def test_iam_permissions(self) -> Callable[ + [iam_policy_pb2.TestIamPermissionsRequest], + Union[ + iam_policy_pb2.TestIamPermissionsResponse, + Awaitable[iam_policy_pb2.TestIamPermissionsResponse] + ]]: + raise NotImplementedError() + + @property + def get_location(self, + ) -> Callable[ + [locations_pb2.GetLocationRequest], + Union[locations_pb2.Location, Awaitable[locations_pb2.Location]], + ]: + raise NotImplementedError() + + @property + def list_locations(self, + ) -> Callable[ + [locations_pb2.ListLocationsRequest], + Union[locations_pb2.ListLocationsResponse, Awaitable[locations_pb2.ListLocationsResponse]], + ]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'SecretManagerServiceTransport', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/grpc.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/grpc.py new file mode 100644 index 000000000000..246e6ed7b238 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/grpc.py @@ -0,0 +1,736 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.location import locations_pb2 # type: ignore +from google.cloud.secretmanager_v1beta2.types import resources +from google.cloud.secretmanager_v1beta2.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import empty_pb2 # type: ignore +from .base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO + + +class SecretManagerServiceGrpcTransport(SecretManagerServiceTransport): + """gRPC backend transport for SecretManagerService. + + Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secretmanager.v1beta2.Secret] + - [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to (default: 'secretmanager.googleapis.com'). + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def list_secrets(self) -> Callable[ + [service.ListSecretsRequest], + service.ListSecretsResponse]: + r"""Return a callable for the list secrets method over gRPC. + + Lists [Secrets][google.cloud.secretmanager.v1beta2.Secret]. + + Returns: + Callable[[~.ListSecretsRequest], + ~.ListSecretsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_secrets' not in self._stubs: + self._stubs['list_secrets'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/ListSecrets', + request_serializer=service.ListSecretsRequest.serialize, + response_deserializer=service.ListSecretsResponse.deserialize, + ) + return self._stubs['list_secrets'] + + @property + def create_secret(self) -> Callable[ + [service.CreateSecretRequest], + resources.Secret]: + r"""Return a callable for the create secret method over gRPC. + + Creates a new + [Secret][google.cloud.secretmanager.v1beta2.Secret] containing + no + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Returns: + Callable[[~.CreateSecretRequest], + ~.Secret]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_secret' not in self._stubs: + self._stubs['create_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/CreateSecret', + request_serializer=service.CreateSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['create_secret'] + + @property + def add_secret_version(self) -> Callable[ + [service.AddSecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the add secret version method over gRPC. + + Creates a new + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + containing secret data and attaches it to an existing + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + Returns: + Callable[[~.AddSecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'add_secret_version' not in self._stubs: + self._stubs['add_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/AddSecretVersion', + request_serializer=service.AddSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['add_secret_version'] + + @property + def get_secret(self) -> Callable[ + [service.GetSecretRequest], + resources.Secret]: + r"""Return a callable for the get secret method over gRPC. + + Gets metadata for a given + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + Returns: + Callable[[~.GetSecretRequest], + ~.Secret]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_secret' not in self._stubs: + self._stubs['get_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/GetSecret', + request_serializer=service.GetSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['get_secret'] + + @property + def update_secret(self) -> Callable[ + [service.UpdateSecretRequest], + resources.Secret]: + r"""Return a callable for the update secret method over gRPC. + + Updates metadata of an existing + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + Returns: + Callable[[~.UpdateSecretRequest], + ~.Secret]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_secret' not in self._stubs: + self._stubs['update_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/UpdateSecret', + request_serializer=service.UpdateSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['update_secret'] + + @property + def delete_secret(self) -> Callable[ + [service.DeleteSecretRequest], + empty_pb2.Empty]: + r"""Return a callable for the delete secret method over gRPC. + + Deletes a [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + Returns: + Callable[[~.DeleteSecretRequest], + ~.Empty]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_secret' not in self._stubs: + self._stubs['delete_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/DeleteSecret', + request_serializer=service.DeleteSecretRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_secret'] + + @property + def list_secret_versions(self) -> Callable[ + [service.ListSecretVersionsRequest], + service.ListSecretVersionsResponse]: + r"""Return a callable for the list secret versions method over gRPC. + + Lists + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. + This call does not return secret data. + + Returns: + Callable[[~.ListSecretVersionsRequest], + ~.ListSecretVersionsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_secret_versions' not in self._stubs: + self._stubs['list_secret_versions'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/ListSecretVersions', + request_serializer=service.ListSecretVersionsRequest.serialize, + response_deserializer=service.ListSecretVersionsResponse.deserialize, + ) + return self._stubs['list_secret_versions'] + + @property + def get_secret_version(self) -> Callable[ + [service.GetSecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the get secret version method over gRPC. + + Gets metadata for a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Returns: + Callable[[~.GetSecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_secret_version' not in self._stubs: + self._stubs['get_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/GetSecretVersion', + request_serializer=service.GetSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['get_secret_version'] + + @property + def access_secret_version(self) -> Callable[ + [service.AccessSecretVersionRequest], + service.AccessSecretVersionResponse]: + r"""Return a callable for the access secret version method over gRPC. + + Accesses a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + This call returns the secret data. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Returns: + Callable[[~.AccessSecretVersionRequest], + ~.AccessSecretVersionResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'access_secret_version' not in self._stubs: + self._stubs['access_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/AccessSecretVersion', + request_serializer=service.AccessSecretVersionRequest.serialize, + response_deserializer=service.AccessSecretVersionResponse.deserialize, + ) + return self._stubs['access_secret_version'] + + @property + def disable_secret_version(self) -> Callable[ + [service.DisableSecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the disable secret version method over gRPC. + + Disables a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to + [DISABLED][google.cloud.secretmanager.v1beta2.SecretVersion.State.DISABLED]. + + Returns: + Callable[[~.DisableSecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'disable_secret_version' not in self._stubs: + self._stubs['disable_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/DisableSecretVersion', + request_serializer=service.DisableSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['disable_secret_version'] + + @property + def enable_secret_version(self) -> Callable[ + [service.EnableSecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the enable secret version method over gRPC. + + Enables a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to + [ENABLED][google.cloud.secretmanager.v1beta2.SecretVersion.State.ENABLED]. + + Returns: + Callable[[~.EnableSecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'enable_secret_version' not in self._stubs: + self._stubs['enable_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/EnableSecretVersion', + request_serializer=service.EnableSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['enable_secret_version'] + + @property + def destroy_secret_version(self) -> Callable[ + [service.DestroySecretVersionRequest], + resources.SecretVersion]: + r"""Return a callable for the destroy secret version method over gRPC. + + Destroys a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to + [DESTROYED][google.cloud.secretmanager.v1beta2.SecretVersion.State.DESTROYED] + and irrevocably destroys the secret data. + + Returns: + Callable[[~.DestroySecretVersionRequest], + ~.SecretVersion]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'destroy_secret_version' not in self._stubs: + self._stubs['destroy_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/DestroySecretVersion', + request_serializer=service.DestroySecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['destroy_secret_version'] + + @property + def set_iam_policy(self) -> Callable[ + [iam_policy_pb2.SetIamPolicyRequest], + policy_pb2.Policy]: + r"""Return a callable for the set iam policy method over gRPC. + + Sets the access control policy on the specified secret. Replaces + any existing policy. + + Permissions on + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + are enforced according to the policy set on the associated + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + Returns: + Callable[[~.SetIamPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'set_iam_policy' not in self._stubs: + self._stubs['set_iam_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/SetIamPolicy', + request_serializer=iam_policy_pb2.SetIamPolicyRequest.SerializeToString, + response_deserializer=policy_pb2.Policy.FromString, + ) + return self._stubs['set_iam_policy'] + + @property + def get_iam_policy(self) -> Callable[ + [iam_policy_pb2.GetIamPolicyRequest], + policy_pb2.Policy]: + r"""Return a callable for the get iam policy method over gRPC. + + Gets the access control policy for a secret. + Returns empty policy if the secret exists and does not + have a policy set. + + Returns: + Callable[[~.GetIamPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_iam_policy' not in self._stubs: + self._stubs['get_iam_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/GetIamPolicy', + request_serializer=iam_policy_pb2.GetIamPolicyRequest.SerializeToString, + response_deserializer=policy_pb2.Policy.FromString, + ) + return self._stubs['get_iam_policy'] + + @property + def test_iam_permissions(self) -> Callable[ + [iam_policy_pb2.TestIamPermissionsRequest], + iam_policy_pb2.TestIamPermissionsResponse]: + r"""Return a callable for the test iam permissions method over gRPC. + + Returns permissions that a caller has for the specified secret. + If the secret does not exist, this call returns an empty set of + permissions, not a NOT_FOUND error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without + warning. + + Returns: + Callable[[~.TestIamPermissionsRequest], + ~.TestIamPermissionsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'test_iam_permissions' not in self._stubs: + self._stubs['test_iam_permissions'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/TestIamPermissions', + request_serializer=iam_policy_pb2.TestIamPermissionsRequest.SerializeToString, + response_deserializer=iam_policy_pb2.TestIamPermissionsResponse.FromString, + ) + return self._stubs['test_iam_permissions'] + + def close(self): + self.grpc_channel.close() + + @property + def list_locations( + self, + ) -> Callable[[locations_pb2.ListLocationsRequest], locations_pb2.ListLocationsResponse]: + r"""Return a callable for the list locations method over gRPC. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if "list_locations" not in self._stubs: + self._stubs["list_locations"] = self.grpc_channel.unary_unary( + "/google.cloud.location.Locations/ListLocations", + request_serializer=locations_pb2.ListLocationsRequest.SerializeToString, + response_deserializer=locations_pb2.ListLocationsResponse.FromString, + ) + return self._stubs["list_locations"] + + @property + def get_location( + self, + ) -> Callable[[locations_pb2.GetLocationRequest], locations_pb2.Location]: + r"""Return a callable for the list locations method over gRPC. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if "get_location" not in self._stubs: + self._stubs["get_location"] = self.grpc_channel.unary_unary( + "/google.cloud.location.Locations/GetLocation", + request_serializer=locations_pb2.GetLocationRequest.SerializeToString, + response_deserializer=locations_pb2.Location.FromString, + ) + return self._stubs["get_location"] + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'SecretManagerServiceGrpcTransport', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/grpc_asyncio.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/grpc_asyncio.py new file mode 100644 index 000000000000..7591905159ec --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/grpc_asyncio.py @@ -0,0 +1,735 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.location import locations_pb2 # type: ignore +from google.cloud.secretmanager_v1beta2.types import resources +from google.cloud.secretmanager_v1beta2.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import empty_pb2 # type: ignore +from .base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO +from .grpc import SecretManagerServiceGrpcTransport + + +class SecretManagerServiceGrpcAsyncIOTransport(SecretManagerServiceTransport): + """gRPC AsyncIO backend transport for SecretManagerService. + + Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secretmanager.v1beta2.Secret] + - [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to (default: 'secretmanager.googleapis.com'). + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def list_secrets(self) -> Callable[ + [service.ListSecretsRequest], + Awaitable[service.ListSecretsResponse]]: + r"""Return a callable for the list secrets method over gRPC. + + Lists [Secrets][google.cloud.secretmanager.v1beta2.Secret]. + + Returns: + Callable[[~.ListSecretsRequest], + Awaitable[~.ListSecretsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_secrets' not in self._stubs: + self._stubs['list_secrets'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/ListSecrets', + request_serializer=service.ListSecretsRequest.serialize, + response_deserializer=service.ListSecretsResponse.deserialize, + ) + return self._stubs['list_secrets'] + + @property + def create_secret(self) -> Callable[ + [service.CreateSecretRequest], + Awaitable[resources.Secret]]: + r"""Return a callable for the create secret method over gRPC. + + Creates a new + [Secret][google.cloud.secretmanager.v1beta2.Secret] containing + no + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Returns: + Callable[[~.CreateSecretRequest], + Awaitable[~.Secret]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_secret' not in self._stubs: + self._stubs['create_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/CreateSecret', + request_serializer=service.CreateSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['create_secret'] + + @property + def add_secret_version(self) -> Callable[ + [service.AddSecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the add secret version method over gRPC. + + Creates a new + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + containing secret data and attaches it to an existing + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + Returns: + Callable[[~.AddSecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'add_secret_version' not in self._stubs: + self._stubs['add_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/AddSecretVersion', + request_serializer=service.AddSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['add_secret_version'] + + @property + def get_secret(self) -> Callable[ + [service.GetSecretRequest], + Awaitable[resources.Secret]]: + r"""Return a callable for the get secret method over gRPC. + + Gets metadata for a given + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + Returns: + Callable[[~.GetSecretRequest], + Awaitable[~.Secret]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_secret' not in self._stubs: + self._stubs['get_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/GetSecret', + request_serializer=service.GetSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['get_secret'] + + @property + def update_secret(self) -> Callable[ + [service.UpdateSecretRequest], + Awaitable[resources.Secret]]: + r"""Return a callable for the update secret method over gRPC. + + Updates metadata of an existing + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + Returns: + Callable[[~.UpdateSecretRequest], + Awaitable[~.Secret]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_secret' not in self._stubs: + self._stubs['update_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/UpdateSecret', + request_serializer=service.UpdateSecretRequest.serialize, + response_deserializer=resources.Secret.deserialize, + ) + return self._stubs['update_secret'] + + @property + def delete_secret(self) -> Callable[ + [service.DeleteSecretRequest], + Awaitable[empty_pb2.Empty]]: + r"""Return a callable for the delete secret method over gRPC. + + Deletes a [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + Returns: + Callable[[~.DeleteSecretRequest], + Awaitable[~.Empty]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_secret' not in self._stubs: + self._stubs['delete_secret'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/DeleteSecret', + request_serializer=service.DeleteSecretRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_secret'] + + @property + def list_secret_versions(self) -> Callable[ + [service.ListSecretVersionsRequest], + Awaitable[service.ListSecretVersionsResponse]]: + r"""Return a callable for the list secret versions method over gRPC. + + Lists + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. + This call does not return secret data. + + Returns: + Callable[[~.ListSecretVersionsRequest], + Awaitable[~.ListSecretVersionsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_secret_versions' not in self._stubs: + self._stubs['list_secret_versions'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/ListSecretVersions', + request_serializer=service.ListSecretVersionsRequest.serialize, + response_deserializer=service.ListSecretVersionsResponse.deserialize, + ) + return self._stubs['list_secret_versions'] + + @property + def get_secret_version(self) -> Callable[ + [service.GetSecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the get secret version method over gRPC. + + Gets metadata for a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Returns: + Callable[[~.GetSecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_secret_version' not in self._stubs: + self._stubs['get_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/GetSecretVersion', + request_serializer=service.GetSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['get_secret_version'] + + @property + def access_secret_version(self) -> Callable[ + [service.AccessSecretVersionRequest], + Awaitable[service.AccessSecretVersionResponse]]: + r"""Return a callable for the access secret version method over gRPC. + + Accesses a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + This call returns the secret data. + + ``projects/*/secrets/*/versions/latest`` is an alias to the most + recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Returns: + Callable[[~.AccessSecretVersionRequest], + Awaitable[~.AccessSecretVersionResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'access_secret_version' not in self._stubs: + self._stubs['access_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/AccessSecretVersion', + request_serializer=service.AccessSecretVersionRequest.serialize, + response_deserializer=service.AccessSecretVersionResponse.deserialize, + ) + return self._stubs['access_secret_version'] + + @property + def disable_secret_version(self) -> Callable[ + [service.DisableSecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the disable secret version method over gRPC. + + Disables a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to + [DISABLED][google.cloud.secretmanager.v1beta2.SecretVersion.State.DISABLED]. + + Returns: + Callable[[~.DisableSecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'disable_secret_version' not in self._stubs: + self._stubs['disable_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/DisableSecretVersion', + request_serializer=service.DisableSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['disable_secret_version'] + + @property + def enable_secret_version(self) -> Callable[ + [service.EnableSecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the enable secret version method over gRPC. + + Enables a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to + [ENABLED][google.cloud.secretmanager.v1beta2.SecretVersion.State.ENABLED]. + + Returns: + Callable[[~.EnableSecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'enable_secret_version' not in self._stubs: + self._stubs['enable_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/EnableSecretVersion', + request_serializer=service.EnableSecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['enable_secret_version'] + + @property + def destroy_secret_version(self) -> Callable[ + [service.DestroySecretVersionRequest], + Awaitable[resources.SecretVersion]]: + r"""Return a callable for the destroy secret version method over gRPC. + + Destroys a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Sets the + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to + [DESTROYED][google.cloud.secretmanager.v1beta2.SecretVersion.State.DESTROYED] + and irrevocably destroys the secret data. + + Returns: + Callable[[~.DestroySecretVersionRequest], + Awaitable[~.SecretVersion]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'destroy_secret_version' not in self._stubs: + self._stubs['destroy_secret_version'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/DestroySecretVersion', + request_serializer=service.DestroySecretVersionRequest.serialize, + response_deserializer=resources.SecretVersion.deserialize, + ) + return self._stubs['destroy_secret_version'] + + @property + def set_iam_policy(self) -> Callable[ + [iam_policy_pb2.SetIamPolicyRequest], + Awaitable[policy_pb2.Policy]]: + r"""Return a callable for the set iam policy method over gRPC. + + Sets the access control policy on the specified secret. Replaces + any existing policy. + + Permissions on + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + are enforced according to the policy set on the associated + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + Returns: + Callable[[~.SetIamPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'set_iam_policy' not in self._stubs: + self._stubs['set_iam_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/SetIamPolicy', + request_serializer=iam_policy_pb2.SetIamPolicyRequest.SerializeToString, + response_deserializer=policy_pb2.Policy.FromString, + ) + return self._stubs['set_iam_policy'] + + @property + def get_iam_policy(self) -> Callable[ + [iam_policy_pb2.GetIamPolicyRequest], + Awaitable[policy_pb2.Policy]]: + r"""Return a callable for the get iam policy method over gRPC. + + Gets the access control policy for a secret. + Returns empty policy if the secret exists and does not + have a policy set. + + Returns: + Callable[[~.GetIamPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_iam_policy' not in self._stubs: + self._stubs['get_iam_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/GetIamPolicy', + request_serializer=iam_policy_pb2.GetIamPolicyRequest.SerializeToString, + response_deserializer=policy_pb2.Policy.FromString, + ) + return self._stubs['get_iam_policy'] + + @property + def test_iam_permissions(self) -> Callable[ + [iam_policy_pb2.TestIamPermissionsRequest], + Awaitable[iam_policy_pb2.TestIamPermissionsResponse]]: + r"""Return a callable for the test iam permissions method over gRPC. + + Returns permissions that a caller has for the specified secret. + If the secret does not exist, this call returns an empty set of + permissions, not a NOT_FOUND error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for + authorization checking. This operation may "fail open" without + warning. + + Returns: + Callable[[~.TestIamPermissionsRequest], + Awaitable[~.TestIamPermissionsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'test_iam_permissions' not in self._stubs: + self._stubs['test_iam_permissions'] = self.grpc_channel.unary_unary( + '/google.cloud.secretmanager.v1beta2.SecretManagerService/TestIamPermissions', + request_serializer=iam_policy_pb2.TestIamPermissionsRequest.SerializeToString, + response_deserializer=iam_policy_pb2.TestIamPermissionsResponse.FromString, + ) + return self._stubs['test_iam_permissions'] + + def close(self): + return self.grpc_channel.close() + + @property + def list_locations( + self, + ) -> Callable[[locations_pb2.ListLocationsRequest], locations_pb2.ListLocationsResponse]: + r"""Return a callable for the list locations method over gRPC. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if "list_locations" not in self._stubs: + self._stubs["list_locations"] = self.grpc_channel.unary_unary( + "/google.cloud.location.Locations/ListLocations", + request_serializer=locations_pb2.ListLocationsRequest.SerializeToString, + response_deserializer=locations_pb2.ListLocationsResponse.FromString, + ) + return self._stubs["list_locations"] + + @property + def get_location( + self, + ) -> Callable[[locations_pb2.GetLocationRequest], locations_pb2.Location]: + r"""Return a callable for the list locations method over gRPC. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if "get_location" not in self._stubs: + self._stubs["get_location"] = self.grpc_channel.unary_unary( + "/google.cloud.location.Locations/GetLocation", + request_serializer=locations_pb2.GetLocationRequest.SerializeToString, + response_deserializer=locations_pb2.Location.FromString, + ) + return self._stubs["get_location"] + + +__all__ = ( + 'SecretManagerServiceGrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/rest.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/rest.py new file mode 100644 index 000000000000..79d4e2f159ed --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/services/secret_manager_service/transports/rest.py @@ -0,0 +1,2305 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +from google.auth.transport.requests import AuthorizedSession # type: ignore +import json # type: ignore +import grpc # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.api_core import exceptions as core_exceptions +from google.api_core import retry as retries +from google.api_core import rest_helpers +from google.api_core import rest_streaming +from google.api_core import path_template +from google.api_core import gapic_v1 + +from google.protobuf import json_format +from google.cloud.location import locations_pb2 # type: ignore +from requests import __version__ as requests_version +import dataclasses +import re +from typing import Any, Callable, Dict, List, Optional, Sequence, Tuple, Union +import warnings + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault, None] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object, None] # type: ignore + + +from google.cloud.secretmanager_v1beta2.types import resources +from google.cloud.secretmanager_v1beta2.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.protobuf import empty_pb2 # type: ignore + +from .base import SecretManagerServiceTransport, DEFAULT_CLIENT_INFO as BASE_DEFAULT_CLIENT_INFO + + +DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=BASE_DEFAULT_CLIENT_INFO.gapic_version, + grpc_version=None, + rest_version=requests_version, +) + + +class SecretManagerServiceRestInterceptor: + """Interceptor for SecretManagerService. + + Interceptors are used to manipulate requests, request metadata, and responses + in arbitrary ways. + Example use cases include: + * Logging + * Verifying requests according to service or custom semantics + * Stripping extraneous information from responses + + These use cases and more can be enabled by injecting an + instance of a custom subclass when constructing the SecretManagerServiceRestTransport. + + .. code-block:: python + class MyCustomSecretManagerServiceInterceptor(SecretManagerServiceRestInterceptor): + def pre_access_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_access_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_add_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_add_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_create_secret(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_create_secret(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_delete_secret(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def pre_destroy_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_destroy_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_disable_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_disable_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_enable_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_enable_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_get_iam_policy(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_get_iam_policy(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_get_secret(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_get_secret(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_get_secret_version(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_get_secret_version(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_list_secrets(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_list_secrets(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_list_secret_versions(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_list_secret_versions(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_set_iam_policy(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_set_iam_policy(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_test_iam_permissions(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_test_iam_permissions(self, response): + logging.log(f"Received response: {response}") + return response + + def pre_update_secret(self, request, metadata): + logging.log(f"Received request: {request}") + return request, metadata + + def post_update_secret(self, response): + logging.log(f"Received response: {response}") + return response + + transport = SecretManagerServiceRestTransport(interceptor=MyCustomSecretManagerServiceInterceptor()) + client = SecretManagerServiceClient(transport=transport) + + + """ + def pre_access_secret_version(self, request: service.AccessSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.AccessSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for access_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_access_secret_version(self, response: service.AccessSecretVersionResponse) -> service.AccessSecretVersionResponse: + """Post-rpc interceptor for access_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_add_secret_version(self, request: service.AddSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.AddSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for add_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_add_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for add_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_create_secret(self, request: service.CreateSecretRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.CreateSecretRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for create_secret + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_create_secret(self, response: resources.Secret) -> resources.Secret: + """Post-rpc interceptor for create_secret + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_delete_secret(self, request: service.DeleteSecretRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.DeleteSecretRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for delete_secret + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def pre_destroy_secret_version(self, request: service.DestroySecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.DestroySecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for destroy_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_destroy_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for destroy_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_disable_secret_version(self, request: service.DisableSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.DisableSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for disable_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_disable_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for disable_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_enable_secret_version(self, request: service.EnableSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.EnableSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for enable_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_enable_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for enable_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_get_iam_policy(self, request: iam_policy_pb2.GetIamPolicyRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[iam_policy_pb2.GetIamPolicyRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for get_iam_policy + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_get_iam_policy(self, response: policy_pb2.Policy) -> policy_pb2.Policy: + """Post-rpc interceptor for get_iam_policy + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_get_secret(self, request: service.GetSecretRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.GetSecretRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for get_secret + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_get_secret(self, response: resources.Secret) -> resources.Secret: + """Post-rpc interceptor for get_secret + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_get_secret_version(self, request: service.GetSecretVersionRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.GetSecretVersionRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for get_secret_version + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_get_secret_version(self, response: resources.SecretVersion) -> resources.SecretVersion: + """Post-rpc interceptor for get_secret_version + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_list_secrets(self, request: service.ListSecretsRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.ListSecretsRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for list_secrets + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_list_secrets(self, response: service.ListSecretsResponse) -> service.ListSecretsResponse: + """Post-rpc interceptor for list_secrets + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_list_secret_versions(self, request: service.ListSecretVersionsRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.ListSecretVersionsRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for list_secret_versions + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_list_secret_versions(self, response: service.ListSecretVersionsResponse) -> service.ListSecretVersionsResponse: + """Post-rpc interceptor for list_secret_versions + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_set_iam_policy(self, request: iam_policy_pb2.SetIamPolicyRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[iam_policy_pb2.SetIamPolicyRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for set_iam_policy + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_set_iam_policy(self, response: policy_pb2.Policy) -> policy_pb2.Policy: + """Post-rpc interceptor for set_iam_policy + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_test_iam_permissions(self, request: iam_policy_pb2.TestIamPermissionsRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[iam_policy_pb2.TestIamPermissionsRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for test_iam_permissions + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_test_iam_permissions(self, response: iam_policy_pb2.TestIamPermissionsResponse) -> iam_policy_pb2.TestIamPermissionsResponse: + """Post-rpc interceptor for test_iam_permissions + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_update_secret(self, request: service.UpdateSecretRequest, metadata: Sequence[Tuple[str, str]]) -> Tuple[service.UpdateSecretRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for update_secret + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_update_secret(self, response: resources.Secret) -> resources.Secret: + """Post-rpc interceptor for update_secret + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + + def pre_get_location( + self, request: locations_pb2.GetLocationRequest, metadata: Sequence[Tuple[str, str]] + ) -> Tuple[locations_pb2.GetLocationRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for get_location + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_get_location( + self, response: locations_pb2.Location + ) -> locations_pb2.Location: + """Post-rpc interceptor for get_location + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + def pre_list_locations( + self, request: locations_pb2.ListLocationsRequest, metadata: Sequence[Tuple[str, str]] + ) -> Tuple[locations_pb2.ListLocationsRequest, Sequence[Tuple[str, str]]]: + """Pre-rpc interceptor for list_locations + + Override in a subclass to manipulate the request or metadata + before they are sent to the SecretManagerService server. + """ + return request, metadata + + def post_list_locations( + self, response: locations_pb2.ListLocationsResponse + ) -> locations_pb2.ListLocationsResponse: + """Post-rpc interceptor for list_locations + + Override in a subclass to manipulate the response + after it is returned by the SecretManagerService server but before + it is returned to user code. + """ + return response + + +@dataclasses.dataclass +class SecretManagerServiceRestStub: + _session: AuthorizedSession + _host: str + _interceptor: SecretManagerServiceRestInterceptor + + +class SecretManagerServiceRestTransport(SecretManagerServiceTransport): + """REST backend transport for SecretManagerService. + + Secret Manager Service + + Manages secrets and operations using those secrets. Implements a + REST model with the following objects: + + - [Secret][google.cloud.secretmanager.v1beta2.Secret] + - [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends JSON representations of protocol buffers over HTTP/1.1 + + """ + + def __init__(self, *, + host: str = 'secretmanager.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + client_cert_source_for_mtls: Optional[Callable[[ + ], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + url_scheme: str = 'https', + interceptor: Optional[SecretManagerServiceRestInterceptor] = None, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to (default: 'secretmanager.googleapis.com'). + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + client_cert_source_for_mtls (Callable[[], Tuple[bytes, bytes]]): Client + certificate to configure mutual TLS HTTP channel. It is ignored + if ``channel`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you are developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + url_scheme: the protocol scheme for the API endpoint. Normally + "https", but for testing or local servers, + "http" can be specified. + """ + # Run the base constructor + # TODO(yon-mg): resolve other ctor params i.e. scopes, quota, etc. + # TODO: When custom host (api_endpoint) is set, `scopes` must *also* be set on the + # credentials object + maybe_url_match = re.match("^(?Phttp(?:s)?://)?(?P.*)$", host) + if maybe_url_match is None: + raise ValueError(f"Unexpected hostname structure: {host}") # pragma: NO COVER + + url_match_items = maybe_url_match.groupdict() + + host = f"{url_scheme}://{host}" if not url_match_items["scheme"] else host + + super().__init__( + host=host, + credentials=credentials, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience + ) + self._session = AuthorizedSession( + self._credentials, default_host=self.DEFAULT_HOST) + if client_cert_source_for_mtls: + self._session.configure_mtls_channel(client_cert_source_for_mtls) + self._interceptor = interceptor or SecretManagerServiceRestInterceptor() + self._prep_wrapped_messages(client_info) + + class _AccessSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("AccessSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.AccessSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> service.AccessSecretVersionResponse: + r"""Call the access secret version method over HTTP. + + Args: + request (~.service.AccessSecretVersionRequest): + The request object. Request message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.service.AccessSecretVersionResponse: + Response message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion]. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta2/{name=projects/*/secrets/*/versions/*}:access', + }, +{ + 'method': 'get', + 'uri': '/v1beta2/{name=projects/*/locations/*/secrets/*/versions/*}:access', + }, + ] + request, metadata = self._interceptor.pre_access_secret_version(request, metadata) + pb_request = service.AccessSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = service.AccessSecretVersionResponse() + pb_resp = service.AccessSecretVersionResponse.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_access_secret_version(resp) + return resp + + class _AddSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("AddSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.AddSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the add secret version method over HTTP. + + Args: + request (~.service.AddSecretVersionRequest): + The request object. Request message for + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AddSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta2/{parent=projects/*/secrets/*}:addVersion', + 'body': '*', + }, +{ + 'method': 'post', + 'uri': '/v1beta2/{parent=projects/*/locations/*/secrets/*}:addVersion', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_add_secret_version(request, metadata) + pb_request = service.AddSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_add_secret_version(resp) + return resp + + class _CreateSecret(SecretManagerServiceRestStub): + def __hash__(self): + return hash("CreateSecret") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + "secretId" : "", } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.CreateSecretRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.Secret: + r"""Call the create secret method over HTTP. + + Args: + request (~.service.CreateSecretRequest): + The request object. Request message for + [SecretManagerService.CreateSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.CreateSecret]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.Secret: + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is + a logical secret whose value and versions can be + accessed. + + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + that represent the secret data. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta2/{parent=projects/*}/secrets', + 'body': 'secret', + }, +{ + 'method': 'post', + 'uri': '/v1beta2/{parent=projects/*/locations/*}/secrets', + 'body': 'secret', + }, + ] + request, metadata = self._interceptor.pre_create_secret(request, metadata) + pb_request = service.CreateSecretRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.Secret() + pb_resp = resources.Secret.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_create_secret(resp) + return resp + + class _DeleteSecret(SecretManagerServiceRestStub): + def __hash__(self): + return hash("DeleteSecret") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.DeleteSecretRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ): + r"""Call the delete secret method over HTTP. + + Args: + request (~.service.DeleteSecretRequest): + The request object. Request message for + [SecretManagerService.DeleteSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.DeleteSecret]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'delete', + 'uri': '/v1beta2/{name=projects/*/secrets/*}', + }, +{ + 'method': 'delete', + 'uri': '/v1beta2/{name=projects/*/locations/*/secrets/*}', + }, + ] + request, metadata = self._interceptor.pre_delete_secret(request, metadata) + pb_request = service.DeleteSecretRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + class _DestroySecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("DestroySecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.DestroySecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the destroy secret version method over HTTP. + + Args: + request (~.service.DestroySecretVersionRequest): + The request object. Request message for + [SecretManagerService.DestroySecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.DestroySecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta2/{name=projects/*/secrets/*/versions/*}:destroy', + 'body': '*', + }, +{ + 'method': 'post', + 'uri': '/v1beta2/{name=projects/*/locations/*/secrets/*/versions/*}:destroy', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_destroy_secret_version(request, metadata) + pb_request = service.DestroySecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_destroy_secret_version(resp) + return resp + + class _DisableSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("DisableSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.DisableSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the disable secret version method over HTTP. + + Args: + request (~.service.DisableSecretVersionRequest): + The request object. Request message for + [SecretManagerService.DisableSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.DisableSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta2/{name=projects/*/secrets/*/versions/*}:disable', + 'body': '*', + }, +{ + 'method': 'post', + 'uri': '/v1beta2/{name=projects/*/locations/*/secrets/*/versions/*}:disable', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_disable_secret_version(request, metadata) + pb_request = service.DisableSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_disable_secret_version(resp) + return resp + + class _EnableSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("EnableSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.EnableSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the enable secret version method over HTTP. + + Args: + request (~.service.EnableSecretVersionRequest): + The request object. Request message for + [SecretManagerService.EnableSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.EnableSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta2/{name=projects/*/secrets/*/versions/*}:enable', + 'body': '*', + }, +{ + 'method': 'post', + 'uri': '/v1beta2/{name=projects/*/locations/*/secrets/*/versions/*}:enable', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_enable_secret_version(request, metadata) + pb_request = service.EnableSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_enable_secret_version(resp) + return resp + + class _GetIamPolicy(SecretManagerServiceRestStub): + def __hash__(self): + return hash("GetIamPolicy") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: iam_policy_pb2.GetIamPolicyRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> policy_pb2.Policy: + r"""Call the get iam policy method over HTTP. + + Args: + request (~.iam_policy_pb2.GetIamPolicyRequest): + The request object. Request message for ``GetIamPolicy`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which + specifies access controls for Google Cloud resources. + + A ``Policy`` is a collection of ``bindings``. A + ``binding`` binds one or more ``members``, or + principals, to a single ``role``. Principals can be user + accounts, service accounts, Google groups, and domains + (such as G Suite). A ``role`` is a named list of + permissions; each ``role`` can be an IAM predefined role + or a user-created custom role. + + For some types of Google Cloud resources, a ``binding`` + can also specify a ``condition``, which is a logical + expression that allows access to a resource only if the + expression evaluates to ``true``. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the `IAM + documentation `__. + + **JSON example:** + + :: + + { + "bindings": [ + { + "role": "roles/resourcemanager.organizationAdmin", + "members": [ + "user:mike@example.com", + "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" + ] + }, + { + "role": "roles/resourcemanager.organizationViewer", + "members": [ + "user:eve@example.com" + ], + "condition": { + "title": "expirable access", + "description": "Does not grant access after Sep 2020", + "expression": "request.time < + timestamp('2020-10-01T00:00:00.000Z')", + } + } + ], + "etag": "BwWWja0YfJA=", + "version": 3 + } + + **YAML example:** + + :: + + bindings: + - members: + - user:mike@example.com + - group:admins@example.com + - domain:google.com + - serviceAccount:my-project-id@appspot.gserviceaccount.com + role: roles/resourcemanager.organizationAdmin + - members: + - user:eve@example.com + role: roles/resourcemanager.organizationViewer + condition: + title: expirable access + description: Does not grant access after Sep 2020 + expression: request.time < timestamp('2020-10-01T00:00:00.000Z') + etag: BwWWja0YfJA= + version: 3 + + For a description of IAM and its features, see the `IAM + documentation `__. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta2/{resource=projects/*/secrets/*}:getIamPolicy', + }, +{ + 'method': 'get', + 'uri': '/v1beta2/{resource=projects/*/locations/*/secrets/*}:getIamPolicy', + }, + ] + request, metadata = self._interceptor.pre_get_iam_policy(request, metadata) + pb_request = request + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = policy_pb2.Policy() + pb_resp = resp + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_get_iam_policy(resp) + return resp + + class _GetSecret(SecretManagerServiceRestStub): + def __hash__(self): + return hash("GetSecret") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.GetSecretRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.Secret: + r"""Call the get secret method over HTTP. + + Args: + request (~.service.GetSecretRequest): + The request object. Request message for + [SecretManagerService.GetSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecret]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.Secret: + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is + a logical secret whose value and versions can be + accessed. + + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + that represent the secret data. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta2/{name=projects/*/secrets/*}', + }, +{ + 'method': 'get', + 'uri': '/v1beta2/{name=projects/*/locations/*/secrets/*}', + }, + ] + request, metadata = self._interceptor.pre_get_secret(request, metadata) + pb_request = service.GetSecretRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.Secret() + pb_resp = resources.Secret.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_get_secret(resp) + return resp + + class _GetSecretVersion(SecretManagerServiceRestStub): + def __hash__(self): + return hash("GetSecretVersion") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.GetSecretVersionRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.SecretVersion: + r"""Call the get secret version method over HTTP. + + Args: + request (~.service.GetSecretVersionRequest): + The request object. Request message for + [SecretManagerService.GetSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecretVersion]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.SecretVersion: + A secret version resource in the + Secret Manager API. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta2/{name=projects/*/secrets/*/versions/*}', + }, +{ + 'method': 'get', + 'uri': '/v1beta2/{name=projects/*/locations/*/secrets/*/versions/*}', + }, + ] + request, metadata = self._interceptor.pre_get_secret_version(request, metadata) + pb_request = service.GetSecretVersionRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.SecretVersion() + pb_resp = resources.SecretVersion.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_get_secret_version(resp) + return resp + + class _ListSecrets(SecretManagerServiceRestStub): + def __hash__(self): + return hash("ListSecrets") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.ListSecretsRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> service.ListSecretsResponse: + r"""Call the list secrets method over HTTP. + + Args: + request (~.service.ListSecretsRequest): + The request object. Request message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecrets]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.service.ListSecretsResponse: + Response message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecrets]. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta2/{parent=projects/*}/secrets', + }, +{ + 'method': 'get', + 'uri': '/v1beta2/{parent=projects/*/locations/*}/secrets', + }, + ] + request, metadata = self._interceptor.pre_list_secrets(request, metadata) + pb_request = service.ListSecretsRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = service.ListSecretsResponse() + pb_resp = service.ListSecretsResponse.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_list_secrets(resp) + return resp + + class _ListSecretVersions(SecretManagerServiceRestStub): + def __hash__(self): + return hash("ListSecretVersions") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.ListSecretVersionsRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> service.ListSecretVersionsResponse: + r"""Call the list secret versions method over HTTP. + + Args: + request (~.service.ListSecretVersionsRequest): + The request object. Request message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecretVersions]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.service.ListSecretVersionsResponse: + Response message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecretVersions]. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta2/{parent=projects/*/secrets/*}/versions', + }, +{ + 'method': 'get', + 'uri': '/v1beta2/{parent=projects/*/locations/*/secrets/*}/versions', + }, + ] + request, metadata = self._interceptor.pre_list_secret_versions(request, metadata) + pb_request = service.ListSecretVersionsRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = service.ListSecretVersionsResponse() + pb_resp = service.ListSecretVersionsResponse.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_list_secret_versions(resp) + return resp + + class _SetIamPolicy(SecretManagerServiceRestStub): + def __hash__(self): + return hash("SetIamPolicy") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: iam_policy_pb2.SetIamPolicyRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> policy_pb2.Policy: + r"""Call the set iam policy method over HTTP. + + Args: + request (~.iam_policy_pb2.SetIamPolicyRequest): + The request object. Request message for ``SetIamPolicy`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.policy_pb2.Policy: + An Identity and Access Management (IAM) policy, which + specifies access controls for Google Cloud resources. + + A ``Policy`` is a collection of ``bindings``. A + ``binding`` binds one or more ``members``, or + principals, to a single ``role``. Principals can be user + accounts, service accounts, Google groups, and domains + (such as G Suite). A ``role`` is a named list of + permissions; each ``role`` can be an IAM predefined role + or a user-created custom role. + + For some types of Google Cloud resources, a ``binding`` + can also specify a ``condition``, which is a logical + expression that allows access to a resource only if the + expression evaluates to ``true``. A condition can add + constraints based on attributes of the request, the + resource, or both. To learn which resources support + conditions in their IAM policies, see the `IAM + documentation `__. + + **JSON example:** + + :: + + { + "bindings": [ + { + "role": "roles/resourcemanager.organizationAdmin", + "members": [ + "user:mike@example.com", + "group:admins@example.com", + "domain:google.com", + "serviceAccount:my-project-id@appspot.gserviceaccount.com" + ] + }, + { + "role": "roles/resourcemanager.organizationViewer", + "members": [ + "user:eve@example.com" + ], + "condition": { + "title": "expirable access", + "description": "Does not grant access after Sep 2020", + "expression": "request.time < + timestamp('2020-10-01T00:00:00.000Z')", + } + } + ], + "etag": "BwWWja0YfJA=", + "version": 3 + } + + **YAML example:** + + :: + + bindings: + - members: + - user:mike@example.com + - group:admins@example.com + - domain:google.com + - serviceAccount:my-project-id@appspot.gserviceaccount.com + role: roles/resourcemanager.organizationAdmin + - members: + - user:eve@example.com + role: roles/resourcemanager.organizationViewer + condition: + title: expirable access + description: Does not grant access after Sep 2020 + expression: request.time < timestamp('2020-10-01T00:00:00.000Z') + etag: BwWWja0YfJA= + version: 3 + + For a description of IAM and its features, see the `IAM + documentation `__. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta2/{resource=projects/*/secrets/*}:setIamPolicy', + 'body': '*', + }, +{ + 'method': 'post', + 'uri': '/v1beta2/{resource=projects/*/locations/*/secrets/*}:setIamPolicy', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_set_iam_policy(request, metadata) + pb_request = request + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = policy_pb2.Policy() + pb_resp = resp + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_set_iam_policy(resp) + return resp + + class _TestIamPermissions(SecretManagerServiceRestStub): + def __hash__(self): + return hash("TestIamPermissions") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: iam_policy_pb2.TestIamPermissionsRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> iam_policy_pb2.TestIamPermissionsResponse: + r"""Call the test iam permissions method over HTTP. + + Args: + request (~.iam_policy_pb2.TestIamPermissionsRequest): + The request object. Request message for ``TestIamPermissions`` method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.iam_policy_pb2.TestIamPermissionsResponse: + Response message for ``TestIamPermissions`` method. + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'post', + 'uri': '/v1beta2/{resource=projects/*/secrets/*}:testIamPermissions', + 'body': '*', + }, +{ + 'method': 'post', + 'uri': '/v1beta2/{resource=projects/*/locations/*/secrets/*}:testIamPermissions', + 'body': '*', + }, + ] + request, metadata = self._interceptor.pre_test_iam_permissions(request, metadata) + pb_request = request + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = iam_policy_pb2.TestIamPermissionsResponse() + pb_resp = resp + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_test_iam_permissions(resp) + return resp + + class _UpdateSecret(SecretManagerServiceRestStub): + def __hash__(self): + return hash("UpdateSecret") + + __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = { + "updateMask" : {}, } + + @classmethod + def _get_unset_required_fields(cls, message_dict): + return {k: v for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items() if k not in message_dict} + + def __call__(self, + request: service.UpdateSecretRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> resources.Secret: + r"""Call the update secret method over HTTP. + + Args: + request (~.service.UpdateSecretRequest): + The request object. Request message for + [SecretManagerService.UpdateSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.UpdateSecret]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + ~.resources.Secret: + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is + a logical secret whose value and versions can be + accessed. + + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is + made up of zero or more + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + that represent the secret data. + + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'patch', + 'uri': '/v1beta2/{secret.name=projects/*/secrets/*}', + 'body': 'secret', + }, +{ + 'method': 'patch', + 'uri': '/v1beta2/{secret.name=projects/*/locations/*/secrets/*}', + 'body': 'secret', + }, + ] + request, metadata = self._interceptor.pre_update_secret(request, metadata) + pb_request = service.UpdateSecretRequest.pb(request) + transcoded_request = path_template.transcode(http_options, pb_request) + + # Jsonify the request body + + body = json_format.MessageToJson( + transcoded_request['body'], + use_integers_for_enums=True + ) + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json_format.MessageToJson( + transcoded_request['query_params'], + use_integers_for_enums=True, + )) + query_params.update(self._get_unset_required_fields(query_params)) + + query_params["$alt"] = "json;enum-encoding=int" + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params, strict=True), + data=body, + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + # Return the response + resp = resources.Secret() + pb_resp = resources.Secret.pb(resp) + + json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True) + resp = self._interceptor.post_update_secret(resp) + return resp + + @property + def access_secret_version(self) -> Callable[ + [service.AccessSecretVersionRequest], + service.AccessSecretVersionResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._AccessSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def add_secret_version(self) -> Callable[ + [service.AddSecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._AddSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def create_secret(self) -> Callable[ + [service.CreateSecretRequest], + resources.Secret]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._CreateSecret(self._session, self._host, self._interceptor) # type: ignore + + @property + def delete_secret(self) -> Callable[ + [service.DeleteSecretRequest], + empty_pb2.Empty]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._DeleteSecret(self._session, self._host, self._interceptor) # type: ignore + + @property + def destroy_secret_version(self) -> Callable[ + [service.DestroySecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._DestroySecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def disable_secret_version(self) -> Callable[ + [service.DisableSecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._DisableSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def enable_secret_version(self) -> Callable[ + [service.EnableSecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._EnableSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def get_iam_policy(self) -> Callable[ + [iam_policy_pb2.GetIamPolicyRequest], + policy_pb2.Policy]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._GetIamPolicy(self._session, self._host, self._interceptor) # type: ignore + + @property + def get_secret(self) -> Callable[ + [service.GetSecretRequest], + resources.Secret]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._GetSecret(self._session, self._host, self._interceptor) # type: ignore + + @property + def get_secret_version(self) -> Callable[ + [service.GetSecretVersionRequest], + resources.SecretVersion]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._GetSecretVersion(self._session, self._host, self._interceptor) # type: ignore + + @property + def list_secrets(self) -> Callable[ + [service.ListSecretsRequest], + service.ListSecretsResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._ListSecrets(self._session, self._host, self._interceptor) # type: ignore + + @property + def list_secret_versions(self) -> Callable[ + [service.ListSecretVersionsRequest], + service.ListSecretVersionsResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._ListSecretVersions(self._session, self._host, self._interceptor) # type: ignore + + @property + def set_iam_policy(self) -> Callable[ + [iam_policy_pb2.SetIamPolicyRequest], + policy_pb2.Policy]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._SetIamPolicy(self._session, self._host, self._interceptor) # type: ignore + + @property + def test_iam_permissions(self) -> Callable[ + [iam_policy_pb2.TestIamPermissionsRequest], + iam_policy_pb2.TestIamPermissionsResponse]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._TestIamPermissions(self._session, self._host, self._interceptor) # type: ignore + + @property + def update_secret(self) -> Callable[ + [service.UpdateSecretRequest], + resources.Secret]: + # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here. + # In C++ this would require a dynamic_cast + return self._UpdateSecret(self._session, self._host, self._interceptor) # type: ignore + + @property + def get_location(self): + return self._GetLocation(self._session, self._host, self._interceptor) # type: ignore + + class _GetLocation(SecretManagerServiceRestStub): + def __call__(self, + request: locations_pb2.GetLocationRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> locations_pb2.Location: + + r"""Call the get location method over HTTP. + + Args: + request (locations_pb2.GetLocationRequest): + The request object for GetLocation method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + locations_pb2.Location: Response from GetLocation method. + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta2/{name=projects/*/locations/*}', + }, + ] + + request, metadata = self._interceptor.pre_get_location(request, metadata) + request_kwargs = json_format.MessageToDict(request) + transcoded_request = path_template.transcode( + http_options, **request_kwargs) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json.dumps(transcoded_request['query_params'])) + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + resp = locations_pb2.Location() + resp = json_format.Parse(response.content.decode("utf-8"), resp) + resp = self._interceptor.post_get_location(resp) + return resp + + @property + def list_locations(self): + return self._ListLocations(self._session, self._host, self._interceptor) # type: ignore + + class _ListLocations(SecretManagerServiceRestStub): + def __call__(self, + request: locations_pb2.ListLocationsRequest, *, + retry: OptionalRetry=gapic_v1.method.DEFAULT, + timeout: Optional[float]=None, + metadata: Sequence[Tuple[str, str]]=(), + ) -> locations_pb2.ListLocationsResponse: + + r"""Call the list locations method over HTTP. + + Args: + request (locations_pb2.ListLocationsRequest): + The request object for ListLocations method. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + locations_pb2.ListLocationsResponse: Response from ListLocations method. + """ + + http_options: List[Dict[str, str]] = [{ + 'method': 'get', + 'uri': '/v1beta2/{name=projects/*}/locations', + }, + ] + + request, metadata = self._interceptor.pre_list_locations(request, metadata) + request_kwargs = json_format.MessageToDict(request) + transcoded_request = path_template.transcode( + http_options, **request_kwargs) + + uri = transcoded_request['uri'] + method = transcoded_request['method'] + + # Jsonify the query params + query_params = json.loads(json.dumps(transcoded_request['query_params'])) + + # Send the request + headers = dict(metadata) + headers['Content-Type'] = 'application/json' + + response = getattr(self._session, method)( + "{host}{uri}".format(host=self._host, uri=uri), + timeout=timeout, + headers=headers, + params=rest_helpers.flatten_query_params(query_params), + ) + + # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception + # subclass. + if response.status_code >= 400: + raise core_exceptions.from_http_response(response) + + resp = locations_pb2.ListLocationsResponse() + resp = json_format.Parse(response.content.decode("utf-8"), resp) + resp = self._interceptor.post_list_locations(resp) + return resp + + @property + def kind(self) -> str: + return "rest" + + def close(self): + self._session.close() + + +__all__=( + 'SecretManagerServiceRestTransport', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/types/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/types/__init__.py new file mode 100644 index 000000000000..9f27a30d3afc --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/types/__init__.py @@ -0,0 +1,70 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .resources import ( + CustomerManagedEncryption, + CustomerManagedEncryptionStatus, + Replication, + ReplicationStatus, + Rotation, + Secret, + SecretPayload, + SecretVersion, + Topic, +) +from .service import ( + AccessSecretVersionRequest, + AccessSecretVersionResponse, + AddSecretVersionRequest, + CreateSecretRequest, + DeleteSecretRequest, + DestroySecretVersionRequest, + DisableSecretVersionRequest, + EnableSecretVersionRequest, + GetSecretRequest, + GetSecretVersionRequest, + ListSecretsRequest, + ListSecretsResponse, + ListSecretVersionsRequest, + ListSecretVersionsResponse, + UpdateSecretRequest, +) + +__all__ = ( + 'CustomerManagedEncryption', + 'CustomerManagedEncryptionStatus', + 'Replication', + 'ReplicationStatus', + 'Rotation', + 'Secret', + 'SecretPayload', + 'SecretVersion', + 'Topic', + 'AccessSecretVersionRequest', + 'AccessSecretVersionResponse', + 'AddSecretVersionRequest', + 'CreateSecretRequest', + 'DeleteSecretRequest', + 'DestroySecretVersionRequest', + 'DisableSecretVersionRequest', + 'EnableSecretVersionRequest', + 'GetSecretRequest', + 'GetSecretVersionRequest', + 'ListSecretsRequest', + 'ListSecretsResponse', + 'ListSecretVersionsRequest', + 'ListSecretVersionsResponse', + 'UpdateSecretRequest', +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/types/resources.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/types/resources.py new file mode 100644 index 000000000000..899ce6fcaf91 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/types/resources.py @@ -0,0 +1,752 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from __future__ import annotations + +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.protobuf import duration_pb2 # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.secretmanager.v1beta2', + manifest={ + 'Secret', + 'SecretVersion', + 'Replication', + 'CustomerManagedEncryption', + 'ReplicationStatus', + 'CustomerManagedEncryptionStatus', + 'Topic', + 'Rotation', + 'SecretPayload', + }, +) + + +class Secret(proto.Message): + r"""A [Secret][google.cloud.secretmanager.v1beta2.Secret] is a logical + secret whose value and versions can be accessed. + + A [Secret][google.cloud.secretmanager.v1beta2.Secret] is made up of + zero or more + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + that represent the secret data. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + name (str): + Output only. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret] in the + format ``projects/*/secrets/*``. + replication (google.cloud.secretmanager_v1beta2.types.Replication): + Optional. Immutable. The replication policy of the secret + data attached to the + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + The replication policy cannot be changed after the Secret + has been created. + create_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. The time at which the + [Secret][google.cloud.secretmanager.v1beta2.Secret] was + created. + labels (MutableMapping[str, str]): + The labels assigned to this Secret. + + Label keys must be between 1 and 63 characters long, have a + UTF-8 encoding of maximum 128 bytes, and must conform to the + following PCRE regular expression: + ``[\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}`` + + Label values must be between 0 and 63 characters long, have + a UTF-8 encoding of maximum 128 bytes, and must conform to + the following PCRE regular expression: + ``[\p{Ll}\p{Lo}\p{N}_-]{0,63}`` + + No more than 64 labels can be assigned to a given resource. + topics (MutableSequence[google.cloud.secretmanager_v1beta2.types.Topic]): + Optional. A list of up to 10 Pub/Sub topics + to which messages are published when control + plane operations are called on the secret or its + versions. + expire_time (google.protobuf.timestamp_pb2.Timestamp): + Optional. Timestamp in UTC when the + [Secret][google.cloud.secretmanager.v1beta2.Secret] is + scheduled to expire. This is always provided on output, + regardless of what was sent on input. + + This field is a member of `oneof`_ ``expiration``. + ttl (google.protobuf.duration_pb2.Duration): + Input only. The TTL for the + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + This field is a member of `oneof`_ ``expiration``. + etag (str): + Optional. Etag of the currently stored + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + rotation (google.cloud.secretmanager_v1beta2.types.Rotation): + Optional. Rotation policy attached to the + [Secret][google.cloud.secretmanager.v1beta2.Secret]. May be + excluded if there is no rotation policy. + version_aliases (MutableMapping[str, int]): + Optional. Mapping from version alias to version name. + + A version alias is a string with a maximum length of 63 + characters and can contain uppercase and lowercase letters, + numerals, and the hyphen (``-``) and underscore ('_') + characters. An alias string must start with a letter and + cannot be the string 'latest' or 'NEW'. No more than 50 + aliases can be assigned to a given secret. + + Version-Alias pairs will be viewable via GetSecret and + modifiable via UpdateSecret. Access by alias is only + supported for GetSecretVersion and AccessSecretVersion. + annotations (MutableMapping[str, str]): + Optional. Custom metadata about the secret. + + Annotations are distinct from various forms of labels. + Annotations exist to allow client tools to store their own + state information without requiring a database. + + Annotation keys must be between 1 and 63 characters long, + have a UTF-8 encoding of maximum 128 bytes, begin and end + with an alphanumeric character ([a-z0-9A-Z]), and may have + dashes (-), underscores (_), dots (.), and alphanumerics in + between these symbols. + + The total size of annotation keys and values must be less + than 16KiB. + version_destroy_ttl (google.protobuf.duration_pb2.Duration): + Optional. Secret Version TTL after + destruction request + This is a part of the Delayed secret version + destroy feature. For secret with TTL>0, version + destruction doesn't happen immediately on + calling destroy instead the version goes to a + disabled state and destruction happens after the + TTL expires. + customer_managed_encryption (google.cloud.secretmanager_v1beta2.types.CustomerManagedEncryption): + Optional. The customer-managed encryption configuration of + the Regionalised Secrets. If no configuration is provided, + Google-managed default encryption is used. + + Updates to the + [Secret][google.cloud.secretmanager.v1beta2.Secret] + encryption configuration only apply to + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + added afterwards. They do not apply retroactively to + existing + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + replication: 'Replication' = proto.Field( + proto.MESSAGE, + number=2, + message='Replication', + ) + create_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=3, + message=timestamp_pb2.Timestamp, + ) + labels: MutableMapping[str, str] = proto.MapField( + proto.STRING, + proto.STRING, + number=4, + ) + topics: MutableSequence['Topic'] = proto.RepeatedField( + proto.MESSAGE, + number=5, + message='Topic', + ) + expire_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=6, + oneof='expiration', + message=timestamp_pb2.Timestamp, + ) + ttl: duration_pb2.Duration = proto.Field( + proto.MESSAGE, + number=7, + oneof='expiration', + message=duration_pb2.Duration, + ) + etag: str = proto.Field( + proto.STRING, + number=8, + ) + rotation: 'Rotation' = proto.Field( + proto.MESSAGE, + number=9, + message='Rotation', + ) + version_aliases: MutableMapping[str, int] = proto.MapField( + proto.STRING, + proto.INT64, + number=11, + ) + annotations: MutableMapping[str, str] = proto.MapField( + proto.STRING, + proto.STRING, + number=13, + ) + version_destroy_ttl: duration_pb2.Duration = proto.Field( + proto.MESSAGE, + number=14, + message=duration_pb2.Duration, + ) + customer_managed_encryption: 'CustomerManagedEncryption' = proto.Field( + proto.MESSAGE, + number=15, + message='CustomerManagedEncryption', + ) + + +class SecretVersion(proto.Message): + r"""A secret version resource in the Secret Manager API. + + Attributes: + name (str): + Output only. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + in the format ``projects/*/secrets/*/versions/*``. + + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + IDs in a [Secret][google.cloud.secretmanager.v1beta2.Secret] + start at 1 and are incremented for each subsequent version + of the secret. + create_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. The time at which the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + was created. + destroy_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. The time this + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + was destroyed. Only present if + [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] + is + [DESTROYED][google.cloud.secretmanager.v1beta2.SecretVersion.State.DESTROYED]. + state (google.cloud.secretmanager_v1beta2.types.SecretVersion.State): + Output only. The current state of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + replication_status (google.cloud.secretmanager_v1beta2.types.ReplicationStatus): + The replication status of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + etag (str): + Output only. Etag of the currently stored + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + client_specified_payload_checksum (bool): + Output only. True if payload checksum specified in + [SecretPayload][google.cloud.secretmanager.v1beta2.SecretPayload] + object has been received by + [SecretManagerService][google.cloud.secretmanager.v1beta2.SecretManagerService] + on + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AddSecretVersion]. + scheduled_destroy_time (google.protobuf.timestamp_pb2.Timestamp): + Optional. Output only. Scheduled destroy time for secret + version. This is a part of the Delayed secret version + destroy feature. For a Secret with a valid version destroy + TTL, when a secert version is destroyed, version is moved to + disabled state and it is scheduled for destruction Version + is destroyed only after the scheduled_destroy_time. + customer_managed_encryption (google.cloud.secretmanager_v1beta2.types.CustomerManagedEncryptionStatus): + Output only. The customer-managed encryption status of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + Only populated if customer-managed encryption is used and + [Secret][google.cloud.secretmanager.v1beta2.Secret] is a + Regionalised Secret. + """ + class State(proto.Enum): + r"""The state of a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion], + indicating if it can be accessed. + + Values: + STATE_UNSPECIFIED (0): + Not specified. This value is unused and + invalid. + ENABLED (1): + The + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + may be accessed. + DISABLED (2): + The + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + may not be accessed, but the secret data is still available + and can be placed back into the + [ENABLED][google.cloud.secretmanager.v1beta2.SecretVersion.State.ENABLED] + state. + DESTROYED (3): + The + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + is destroyed and the secret data is no longer stored. A + version may not leave this state once entered. + """ + STATE_UNSPECIFIED = 0 + ENABLED = 1 + DISABLED = 2 + DESTROYED = 3 + + name: str = proto.Field( + proto.STRING, + number=1, + ) + create_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=2, + message=timestamp_pb2.Timestamp, + ) + destroy_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=3, + message=timestamp_pb2.Timestamp, + ) + state: State = proto.Field( + proto.ENUM, + number=4, + enum=State, + ) + replication_status: 'ReplicationStatus' = proto.Field( + proto.MESSAGE, + number=5, + message='ReplicationStatus', + ) + etag: str = proto.Field( + proto.STRING, + number=6, + ) + client_specified_payload_checksum: bool = proto.Field( + proto.BOOL, + number=7, + ) + scheduled_destroy_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=8, + message=timestamp_pb2.Timestamp, + ) + customer_managed_encryption: 'CustomerManagedEncryptionStatus' = proto.Field( + proto.MESSAGE, + number=9, + message='CustomerManagedEncryptionStatus', + ) + + +class Replication(proto.Message): + r"""A policy that defines the replication and encryption + configuration of data. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + automatic (google.cloud.secretmanager_v1beta2.types.Replication.Automatic): + The [Secret][google.cloud.secretmanager.v1beta2.Secret] will + automatically be replicated without any restrictions. + + This field is a member of `oneof`_ ``replication``. + user_managed (google.cloud.secretmanager_v1beta2.types.Replication.UserManaged): + The [Secret][google.cloud.secretmanager.v1beta2.Secret] will + only be replicated into the locations specified. + + This field is a member of `oneof`_ ``replication``. + """ + + class Automatic(proto.Message): + r"""A replication policy that replicates the + [Secret][google.cloud.secretmanager.v1beta2.Secret] payload without + any restrictions. + + Attributes: + customer_managed_encryption (google.cloud.secretmanager_v1beta2.types.CustomerManagedEncryption): + Optional. The customer-managed encryption configuration of + the [Secret][google.cloud.secretmanager.v1beta2.Secret]. If + no configuration is provided, Google-managed default + encryption is used. + + Updates to the + [Secret][google.cloud.secretmanager.v1beta2.Secret] + encryption configuration only apply to + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + added afterwards. They do not apply retroactively to + existing + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. + """ + + customer_managed_encryption: 'CustomerManagedEncryption' = proto.Field( + proto.MESSAGE, + number=1, + message='CustomerManagedEncryption', + ) + + class UserManaged(proto.Message): + r"""A replication policy that replicates the + [Secret][google.cloud.secretmanager.v1beta2.Secret] payload into the + locations specified in [Secret.replication.user_managed.replicas][] + + Attributes: + replicas (MutableSequence[google.cloud.secretmanager_v1beta2.types.Replication.UserManaged.Replica]): + Required. The list of Replicas for this + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + Cannot be empty. + """ + + class Replica(proto.Message): + r"""Represents a Replica for this + [Secret][google.cloud.secretmanager.v1beta2.Secret]. + + Attributes: + location (str): + The canonical IDs of the location to replicate data. For + example: ``"us-east1"``. + customer_managed_encryption (google.cloud.secretmanager_v1beta2.types.CustomerManagedEncryption): + Optional. The customer-managed encryption configuration of + the [User-Managed Replica][Replication.UserManaged.Replica]. + If no configuration is provided, Google-managed default + encryption is used. + + Updates to the + [Secret][google.cloud.secretmanager.v1beta2.Secret] + encryption configuration only apply to + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + added afterwards. They do not apply retroactively to + existing + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. + """ + + location: str = proto.Field( + proto.STRING, + number=1, + ) + customer_managed_encryption: 'CustomerManagedEncryption' = proto.Field( + proto.MESSAGE, + number=2, + message='CustomerManagedEncryption', + ) + + replicas: MutableSequence['Replication.UserManaged.Replica'] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message='Replication.UserManaged.Replica', + ) + + automatic: Automatic = proto.Field( + proto.MESSAGE, + number=1, + oneof='replication', + message=Automatic, + ) + user_managed: UserManaged = proto.Field( + proto.MESSAGE, + number=2, + oneof='replication', + message=UserManaged, + ) + + +class CustomerManagedEncryption(proto.Message): + r"""Configuration for encrypting secret payloads using + customer-managed encryption keys (CMEK). + + Attributes: + kms_key_name (str): + Required. The resource name of the Cloud KMS CryptoKey used + to encrypt secret payloads. + + For secrets using the + [UserManaged][google.cloud.secretmanager.v1beta2.Replication.UserManaged] + replication policy type, Cloud KMS CryptoKeys must reside in + the same location as the [replica + location][Secret.UserManaged.Replica.location]. + + For secrets using the + [Automatic][google.cloud.secretmanager.v1beta2.Replication.Automatic] + replication policy type, Cloud KMS CryptoKeys must reside in + ``global``. + + The expected format is + ``projects/*/locations/*/keyRings/*/cryptoKeys/*``. + """ + + kms_key_name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class ReplicationStatus(proto.Message): + r"""The replication status of a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + automatic (google.cloud.secretmanager_v1beta2.types.ReplicationStatus.AutomaticStatus): + Describes the replication status of a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + with automatic replication. + + Only populated if the parent + [Secret][google.cloud.secretmanager.v1beta2.Secret] has an + automatic replication policy. + + This field is a member of `oneof`_ ``replication_status``. + user_managed (google.cloud.secretmanager_v1beta2.types.ReplicationStatus.UserManagedStatus): + Describes the replication status of a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + with user-managed replication. + + Only populated if the parent + [Secret][google.cloud.secretmanager.v1beta2.Secret] has a + user-managed replication policy. + + This field is a member of `oneof`_ ``replication_status``. + """ + + class AutomaticStatus(proto.Message): + r"""The replication status of a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + using automatic replication. + + Only populated if the parent + [Secret][google.cloud.secretmanager.v1beta2.Secret] has an automatic + replication policy. + + Attributes: + customer_managed_encryption (google.cloud.secretmanager_v1beta2.types.CustomerManagedEncryptionStatus): + Output only. The customer-managed encryption status of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + Only populated if customer-managed encryption is used. + """ + + customer_managed_encryption: 'CustomerManagedEncryptionStatus' = proto.Field( + proto.MESSAGE, + number=1, + message='CustomerManagedEncryptionStatus', + ) + + class UserManagedStatus(proto.Message): + r"""The replication status of a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + using user-managed replication. + + Only populated if the parent + [Secret][google.cloud.secretmanager.v1beta2.Secret] has a + user-managed replication policy. + + Attributes: + replicas (MutableSequence[google.cloud.secretmanager_v1beta2.types.ReplicationStatus.UserManagedStatus.ReplicaStatus]): + Output only. The list of replica statuses for the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + """ + + class ReplicaStatus(proto.Message): + r"""Describes the status of a user-managed replica for the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + Attributes: + location (str): + Output only. The canonical ID of the replica location. For + example: ``"us-east1"``. + customer_managed_encryption (google.cloud.secretmanager_v1beta2.types.CustomerManagedEncryptionStatus): + Output only. The customer-managed encryption status of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + Only populated if customer-managed encryption is used. + """ + + location: str = proto.Field( + proto.STRING, + number=1, + ) + customer_managed_encryption: 'CustomerManagedEncryptionStatus' = proto.Field( + proto.MESSAGE, + number=2, + message='CustomerManagedEncryptionStatus', + ) + + replicas: MutableSequence['ReplicationStatus.UserManagedStatus.ReplicaStatus'] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message='ReplicationStatus.UserManagedStatus.ReplicaStatus', + ) + + automatic: AutomaticStatus = proto.Field( + proto.MESSAGE, + number=1, + oneof='replication_status', + message=AutomaticStatus, + ) + user_managed: UserManagedStatus = proto.Field( + proto.MESSAGE, + number=2, + oneof='replication_status', + message=UserManagedStatus, + ) + + +class CustomerManagedEncryptionStatus(proto.Message): + r"""Describes the status of customer-managed encryption. + + Attributes: + kms_key_version_name (str): + Required. The resource name of the Cloud KMS + CryptoKeyVersion used to encrypt the secret payload, in the + following format: + ``projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*``. + """ + + kms_key_version_name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class Topic(proto.Message): + r"""A Pub/Sub topic which Secret Manager will publish to when + control plane events occur on this secret. + + Attributes: + name (str): + Required. The resource name of the Pub/Sub topic that will + be published to, in the following format: + ``projects/*/topics/*``. For publication to succeed, the + Secret Manager service agent must have the + ``pubsub.topic.publish`` permission on the topic. The + Pub/Sub Publisher role (``roles/pubsub.publisher``) includes + this permission. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class Rotation(proto.Message): + r"""The rotation time and period for a + [Secret][google.cloud.secretmanager.v1beta2.Secret]. At + next_rotation_time, Secret Manager will send a Pub/Sub notification + to the topics configured on the Secret. + [Secret.topics][google.cloud.secretmanager.v1beta2.Secret.topics] + must be set to configure rotation. + + Attributes: + next_rotation_time (google.protobuf.timestamp_pb2.Timestamp): + Optional. Timestamp in UTC at which the + [Secret][google.cloud.secretmanager.v1beta2.Secret] is + scheduled to rotate. Cannot be set to less than 300s (5 min) + in the future and at most 3153600000s (100 years). + + [next_rotation_time][google.cloud.secretmanager.v1beta2.Rotation.next_rotation_time] + MUST be set if + [rotation_period][google.cloud.secretmanager.v1beta2.Rotation.rotation_period] + is set. + rotation_period (google.protobuf.duration_pb2.Duration): + Input only. The Duration between rotation notifications. + Must be in seconds and at least 3600s (1h) and at most + 3153600000s (100 years). + + If + [rotation_period][google.cloud.secretmanager.v1beta2.Rotation.rotation_period] + is set, + [next_rotation_time][google.cloud.secretmanager.v1beta2.Rotation.next_rotation_time] + must be set. + [next_rotation_time][google.cloud.secretmanager.v1beta2.Rotation.next_rotation_time] + will be advanced by this period when the service + automatically sends rotation notifications. + """ + + next_rotation_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=1, + message=timestamp_pb2.Timestamp, + ) + rotation_period: duration_pb2.Duration = proto.Field( + proto.MESSAGE, + number=2, + message=duration_pb2.Duration, + ) + + +class SecretPayload(proto.Message): + r"""A secret payload resource in the Secret Manager API. This contains + the sensitive secret payload that is associated with a + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + data (bytes): + The secret data. Must be no larger than + 64KiB. + data_crc32c (int): + Optional. If specified, + [SecretManagerService][google.cloud.secretmanager.v1beta2.SecretManagerService] + will verify the integrity of the received + [data][google.cloud.secretmanager.v1beta2.SecretPayload.data] + on + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AddSecretVersion] + calls using the crc32c checksum and store it to include in + future + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion] + responses. If a checksum is not provided in the + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AddSecretVersion] + request, the + [SecretManagerService][google.cloud.secretmanager.v1beta2.SecretManagerService] + will generate and store one for you. + + The CRC32C value is encoded as a Int64 for compatibility, + and can be safely downconverted to uint32 in languages that + support this type. + https://cloud.google.com/apis/design/design_patterns#integer_types + + This field is a member of `oneof`_ ``_data_crc32c``. + """ + + data: bytes = proto.Field( + proto.BYTES, + number=1, + ) + data_crc32c: int = proto.Field( + proto.INT64, + number=2, + optional=True, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/types/service.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/types/service.py new file mode 100644 index 000000000000..59aa5d28e0e2 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/google/cloud/secretmanager_v1beta2/types/service.py @@ -0,0 +1,511 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from __future__ import annotations + +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.cloud.secretmanager_v1beta2.types import resources +from google.protobuf import field_mask_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.secretmanager.v1beta2', + manifest={ + 'ListSecretsRequest', + 'ListSecretsResponse', + 'CreateSecretRequest', + 'AddSecretVersionRequest', + 'GetSecretRequest', + 'ListSecretVersionsRequest', + 'ListSecretVersionsResponse', + 'GetSecretVersionRequest', + 'UpdateSecretRequest', + 'AccessSecretVersionRequest', + 'AccessSecretVersionResponse', + 'DeleteSecretRequest', + 'DisableSecretVersionRequest', + 'EnableSecretVersionRequest', + 'DestroySecretVersionRequest', + }, +) + + +class ListSecretsRequest(proto.Message): + r"""Request message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecrets]. + + Attributes: + parent (str): + Required. The resource name of the project associated with + the [Secrets][google.cloud.secretmanager.v1beta2.Secret], in + the format ``projects/*`` or ``projects/*/locations/*`` + page_size (int): + Optional. The maximum number of results to be + returned in a single page. If set to 0, the + server decides the number of results to return. + If the number is greater than 25000, it is + capped at 25000. + page_token (str): + Optional. Pagination token, returned earlier via + [ListSecretsResponse.next_page_token][google.cloud.secretmanager.v1beta2.ListSecretsResponse.next_page_token]. + filter (str): + Optional. Filter string, adhering to the rules in + `List-operation + filtering `__. + List only secrets matching the filter. If filter is empty, + all secrets are listed. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + page_size: int = proto.Field( + proto.INT32, + number=2, + ) + page_token: str = proto.Field( + proto.STRING, + number=3, + ) + filter: str = proto.Field( + proto.STRING, + number=4, + ) + + +class ListSecretsResponse(proto.Message): + r"""Response message for + [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecrets]. + + Attributes: + secrets (MutableSequence[google.cloud.secretmanager_v1beta2.types.Secret]): + The list of + [Secrets][google.cloud.secretmanager.v1beta2.Secret] sorted + in reverse by create_time (newest first). + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in + [ListSecretsRequest.page_token][google.cloud.secretmanager.v1beta2.ListSecretsRequest.page_token] + to retrieve the next page. + total_size (int): + The total number of + [Secrets][google.cloud.secretmanager.v1beta2.Secret] but 0 + when the + [ListSecretsRequest.filter][google.cloud.secretmanager.v1beta2.ListSecretsRequest.filter] + field is set. + """ + + @property + def raw_page(self): + return self + + secrets: MutableSequence[resources.Secret] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.Secret, + ) + next_page_token: str = proto.Field( + proto.STRING, + number=2, + ) + total_size: int = proto.Field( + proto.INT32, + number=3, + ) + + +class CreateSecretRequest(proto.Message): + r"""Request message for + [SecretManagerService.CreateSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.CreateSecret]. + + Attributes: + parent (str): + Required. The resource name of the project to associate with + the [Secret][google.cloud.secretmanager.v1beta2.Secret], in + the format ``projects/*`` or ``projects/*/locations/*``. + secret_id (str): + Required. This must be unique within the project. + + A secret ID is a string with a maximum length of 255 + characters and can contain uppercase and lowercase letters, + numerals, and the hyphen (``-``) and underscore (``_``) + characters. + secret (google.cloud.secretmanager_v1beta2.types.Secret): + Required. A + [Secret][google.cloud.secretmanager.v1beta2.Secret] with + initial field values. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + secret_id: str = proto.Field( + proto.STRING, + number=2, + ) + secret: resources.Secret = proto.Field( + proto.MESSAGE, + number=3, + message=resources.Secret, + ) + + +class AddSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AddSecretVersion]. + + Attributes: + parent (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret] to + associate with the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + in the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + payload (google.cloud.secretmanager_v1beta2.types.SecretPayload): + Required. The secret payload of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + payload: resources.SecretPayload = proto.Field( + proto.MESSAGE, + number=2, + message=resources.SecretPayload, + ) + + +class GetSecretRequest(proto.Message): + r"""Request message for + [SecretManagerService.GetSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecret]. + + Attributes: + name (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret], in the + format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class ListSecretVersionsRequest(proto.Message): + r"""Request message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecretVersions]. + + Attributes: + parent (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret] + associated with the + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + to list, in the format ``projects/*/secrets/*`` or + ``projects/*/locations/*/secrets/*``. + page_size (int): + Optional. The maximum number of results to be + returned in a single page. If set to 0, the + server decides the number of results to return. + If the number is greater than 25000, it is + capped at 25000. + page_token (str): + Optional. Pagination token, returned earlier via + ListSecretVersionsResponse.next_page_token][]. + filter (str): + Optional. Filter string, adhering to the rules in + `List-operation + filtering `__. + List only secret versions matching the filter. If filter is + empty, all secret versions are listed. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + page_size: int = proto.Field( + proto.INT32, + number=2, + ) + page_token: str = proto.Field( + proto.STRING, + number=3, + ) + filter: str = proto.Field( + proto.STRING, + number=4, + ) + + +class ListSecretVersionsResponse(proto.Message): + r"""Response message for + [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecretVersions]. + + Attributes: + versions (MutableSequence[google.cloud.secretmanager_v1beta2.types.SecretVersion]): + The list of + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + sorted in reverse by create_time (newest first). + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in + [ListSecretVersionsRequest.page_token][google.cloud.secretmanager.v1beta2.ListSecretVersionsRequest.page_token] + to retrieve the next page. + total_size (int): + The total number of + [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] + but 0 when the + [ListSecretsRequest.filter][google.cloud.secretmanager.v1beta2.ListSecretsRequest.filter] + field is set. + """ + + @property + def raw_page(self): + return self + + versions: MutableSequence[resources.SecretVersion] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.SecretVersion, + ) + next_page_token: str = proto.Field( + proto.STRING, + number=2, + ) + total_size: int = proto.Field( + proto.INT32, + number=3, + ) + + +class GetSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.GetSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + ``projects/*/secrets/*/versions/latest`` or + ``projects/*/locations/*/secrets/*/versions/latest`` is an + alias to the most recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdateSecretRequest(proto.Message): + r"""Request message for + [SecretManagerService.UpdateSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.UpdateSecret]. + + Attributes: + secret (google.cloud.secretmanager_v1beta2.types.Secret): + Required. + [Secret][google.cloud.secretmanager.v1beta2.Secret] with + updated field values. + update_mask (google.protobuf.field_mask_pb2.FieldMask): + Required. Specifies the fields to be updated. + """ + + secret: resources.Secret = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Secret, + ) + update_mask: field_mask_pb2.FieldMask = proto.Field( + proto.MESSAGE, + number=2, + message=field_mask_pb2.FieldMask, + ) + + +class AccessSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + + ``projects/*/secrets/*/versions/latest`` or + ``projects/*/locations/*/secrets/*/versions/latest`` is an + alias to the most recently created + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class AccessSecretVersionResponse(proto.Message): + r"""Response message for + [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion]. + + Attributes: + name (str): + The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + in the format ``projects/*/secrets/*/versions/*`` or + ``projects/*/locations/*/secrets/*/versions/*``. + payload (google.cloud.secretmanager_v1beta2.types.SecretPayload): + Secret payload + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + payload: resources.SecretPayload = proto.Field( + proto.MESSAGE, + number=2, + message=resources.SecretPayload, + ) + + +class DeleteSecretRequest(proto.Message): + r"""Request message for + [SecretManagerService.DeleteSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.DeleteSecret]. + + Attributes: + name (str): + Required. The resource name of the + [Secret][google.cloud.secretmanager.v1beta2.Secret] to + delete in the format ``projects/*/secrets/*``. + etag (str): + Optional. Etag of the + [Secret][google.cloud.secretmanager.v1beta2.Secret]. The + request succeeds if it matches the etag of the currently + stored secret object. If the etag is omitted, the request + succeeds. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + etag: str = proto.Field( + proto.STRING, + number=2, + ) + + +class DisableSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.DisableSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.DisableSecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to disable in the format ``projects/*/secrets/*/versions/*`` + or ``projects/*/locations/*/secrets/*/versions/*``. + etag (str): + Optional. Etag of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + The request succeeds if it matches the etag of the currently + stored secret version object. If the etag is omitted, the + request succeeds. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + etag: str = proto.Field( + proto.STRING, + number=2, + ) + + +class EnableSecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.EnableSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.EnableSecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to enable in the format ``projects/*/secrets/*/versions/*`` + or ``projects/*/locations/*/secrets/*/versions/*``. + etag (str): + Optional. Etag of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + The request succeeds if it matches the etag of the currently + stored secret version object. If the etag is omitted, the + request succeeds. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + etag: str = proto.Field( + proto.STRING, + number=2, + ) + + +class DestroySecretVersionRequest(proto.Message): + r"""Request message for + [SecretManagerService.DestroySecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.DestroySecretVersion]. + + Attributes: + name (str): + Required. The resource name of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] + to destroy in the format ``projects/*/secrets/*/versions/*`` + or ``projects/*/locations/*/secrets/*/versions/*``. + etag (str): + Optional. Etag of the + [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. + The request succeeds if it matches the etag of the currently + stored secret version object. If the etag is omitted, the + request succeeds. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + etag: str = proto.Field( + proto.STRING, + number=2, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/mypy.ini b/owl-bot-staging/google-cloud-secret-manager/v1beta2/mypy.ini new file mode 100644 index 000000000000..574c5aed394b --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/mypy.ini @@ -0,0 +1,3 @@ +[mypy] +python_version = 3.7 +namespace_packages = True diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/noxfile.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/noxfile.py new file mode 100644 index 000000000000..d89e08172ca7 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/noxfile.py @@ -0,0 +1,253 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +import pathlib +import re +import shutil +import subprocess +import sys + + +import nox # type: ignore + +ALL_PYTHON = [ + "3.7", + "3.8", + "3.9", + "3.10", + "3.11", + "3.12" +] + +CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() + +LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" +PACKAGE_NAME = 'google-cloud-secretmanager' + +BLACK_VERSION = "black==22.3.0" +BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] +DEFAULT_PYTHON_VERSION = "3.12" + +nox.sessions = [ + "unit", + "cover", + "mypy", + "check_lower_bounds" + # exclude update_lower_bounds from default + "docs", + "blacken", + "lint", + "prerelease_deps", +] + +@nox.session(python=ALL_PYTHON) +def unit(session): + """Run the unit test suite.""" + + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + session.install('-e', '.') + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/secretmanager_v1beta2/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + +@nox.session(python=ALL_PYTHON[-1]) +def prerelease_deps(session): + """Run the unit test suite against pre-release versions of dependencies.""" + + # Install test environment dependencies + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + + # Install the package without dependencies + session.install('-e', '.', '--no-deps') + + # We test the minimum dependency versions using the minimum Python + # version so the lowest python runtime that we test has a corresponding constraints + # file, located at `testing/constraints--.txt`, which contains all of the + # dependencies and extras. + with open( + CURRENT_DIRECTORY + / "testing" + / f"constraints-{ALL_PYTHON[0]}.txt", + encoding="utf-8", + ) as constraints_file: + constraints_text = constraints_file.read() + + # Ignore leading whitespace and comment lines. + constraints_deps = [ + match.group(1) + for match in re.finditer( + r"^\s*(\S+)(?===\S+)", constraints_text, flags=re.MULTILINE + ) + ] + + session.install(*constraints_deps) + + prerel_deps = [ + "googleapis-common-protos", + "google-api-core", + "google-auth", + "grpcio", + "grpcio-status", + "protobuf", + "proto-plus", + ] + + for dep in prerel_deps: + session.install("--pre", "--no-deps", "--upgrade", dep) + + # Remaining dependencies + other_deps = [ + "requests", + ] + session.install(*other_deps) + + # Print out prerelease package versions + + session.run("python", "-c", "import google.api_core; print(google.api_core.__version__)") + session.run("python", "-c", "import google.auth; print(google.auth.__version__)") + session.run("python", "-c", "import grpc; print(grpc.__version__)") + session.run( + "python", "-c", "import google.protobuf; print(google.protobuf.__version__)" + ) + session.run( + "python", "-c", "import proto; print(proto.__version__)" + ) + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/secretmanager_v1beta2/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def cover(session): + """Run the final coverage report. + This outputs the coverage report aggregating coverage from the unit + test runs (not system test runs), and then erases coverage data. + """ + session.install("coverage", "pytest-cov") + session.run("coverage", "report", "--show-missing", "--fail-under=100") + + session.run("coverage", "erase") + + +@nox.session(python=ALL_PYTHON) +def mypy(session): + """Run the type checker.""" + session.install( + 'mypy', + 'types-requests', + 'types-protobuf' + ) + session.install('.') + session.run( + 'mypy', + '-p', + 'google', + ) + + +@nox.session +def update_lower_bounds(session): + """Update lower bounds in constraints.txt to match setup.py""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'update', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + + +@nox.session +def check_lower_bounds(session): + """Check lower bounds in setup.py are reflected in constraints file""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'check', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def docs(session): + """Build the docs for this library.""" + + session.install("-e", ".") + session.install("sphinx==7.0.1", "alabaster", "recommonmark") + + shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) + session.run( + "sphinx-build", + "-W", # warnings as errors + "-T", # show full traceback on exception + "-N", # no colors + "-b", + "html", + "-d", + os.path.join("docs", "_build", "doctrees", ""), + os.path.join("docs", ""), + os.path.join("docs", "_build", "html", ""), + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint(session): + """Run linters. + + Returns a failure if the linters find linting errors or sufficiently + serious code quality issues. + """ + session.install("flake8", BLACK_VERSION) + session.run( + "black", + "--check", + *BLACK_PATHS, + ) + session.run("flake8", "google", "tests", "samples") + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def blacken(session): + """Run black. Format code to uniform standard.""" + session.install(BLACK_VERSION) + session.run( + "black", + *BLACK_PATHS, + ) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_access_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_access_secret_version_async.py new file mode 100644 index 000000000000..14294670cdb9 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_access_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for AccessSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_AccessSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +async def sample_access_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.AccessSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.access_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_AccessSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_access_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_access_secret_version_sync.py new file mode 100644 index 000000000000..eb7c68876c86 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_access_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for AccessSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_AccessSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +def sample_access_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.AccessSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.access_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_AccessSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_add_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_add_secret_version_async.py new file mode 100644 index 000000000000..90758c97222b --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_add_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for AddSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_AddSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +async def sample_add_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.AddSecretVersionRequest( + parent="parent_value", + ) + + # Make the request + response = await client.add_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_AddSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_add_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_add_secret_version_sync.py new file mode 100644 index 000000000000..9ada08d5e34b --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_add_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for AddSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_AddSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +def sample_add_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.AddSecretVersionRequest( + parent="parent_value", + ) + + # Make the request + response = client.add_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_AddSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_create_secret_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_create_secret_async.py new file mode 100644 index 000000000000..e6c8882ffdad --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_create_secret_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_CreateSecret_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +async def sample_create_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.CreateSecretRequest( + parent="parent_value", + secret_id="secret_id_value", + ) + + # Make the request + response = await client.create_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_CreateSecret_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_create_secret_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_create_secret_sync.py new file mode 100644 index 000000000000..c180160bda99 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_create_secret_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_CreateSecret_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +def sample_create_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.CreateSecretRequest( + parent="parent_value", + secret_id="secret_id_value", + ) + + # Make the request + response = client.create_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_CreateSecret_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_delete_secret_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_delete_secret_async.py new file mode 100644 index 000000000000..093d5f8e6e10 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_delete_secret_async.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_DeleteSecret_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +async def sample_delete_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.DeleteSecretRequest( + name="name_value", + ) + + # Make the request + await client.delete_secret(request=request) + + +# [END secretmanager_v1beta2_generated_SecretManagerService_DeleteSecret_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_delete_secret_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_delete_secret_sync.py new file mode 100644 index 000000000000..716c522e9e58 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_delete_secret_sync.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_DeleteSecret_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +def sample_delete_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.DeleteSecretRequest( + name="name_value", + ) + + # Make the request + client.delete_secret(request=request) + + +# [END secretmanager_v1beta2_generated_SecretManagerService_DeleteSecret_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_destroy_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_destroy_secret_version_async.py new file mode 100644 index 000000000000..cad6e7dc76ed --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_destroy_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DestroySecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_DestroySecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +async def sample_destroy_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.DestroySecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.destroy_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_DestroySecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_destroy_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_destroy_secret_version_sync.py new file mode 100644 index 000000000000..76ca488bace8 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_destroy_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DestroySecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_DestroySecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +def sample_destroy_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.DestroySecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.destroy_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_DestroySecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_disable_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_disable_secret_version_async.py new file mode 100644 index 000000000000..e621f6ceac69 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_disable_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DisableSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_DisableSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +async def sample_disable_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.DisableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.disable_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_DisableSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_disable_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_disable_secret_version_sync.py new file mode 100644 index 000000000000..19d142117273 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_disable_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DisableSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_DisableSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +def sample_disable_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.DisableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.disable_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_DisableSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_enable_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_enable_secret_version_async.py new file mode 100644 index 000000000000..82388dfe881e --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_enable_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for EnableSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_EnableSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +async def sample_enable_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.EnableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.enable_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_EnableSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_enable_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_enable_secret_version_sync.py new file mode 100644 index 000000000000..3a4ad04a0ba0 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_enable_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for EnableSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_EnableSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +def sample_enable_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.EnableSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.enable_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_EnableSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_iam_policy_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_iam_policy_async.py new file mode 100644 index 000000000000..2eca36c19c1d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_iam_policy_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetIamPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_GetIamPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +async def sample_get_iam_policy(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.GetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = await client.get_iam_policy(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_GetIamPolicy_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_iam_policy_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_iam_policy_sync.py new file mode 100644 index 000000000000..919ec864cc15 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_iam_policy_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetIamPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_GetIamPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +def sample_get_iam_policy(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.GetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = client.get_iam_policy(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_GetIamPolicy_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_secret_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_secret_async.py new file mode 100644 index 000000000000..20f92c1a08d9 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_secret_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_GetSecret_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +async def sample_get_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.GetSecretRequest( + name="name_value", + ) + + # Make the request + response = await client.get_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_GetSecret_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_secret_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_secret_sync.py new file mode 100644 index 000000000000..760b16625c1c --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_secret_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_GetSecret_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +def sample_get_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.GetSecretRequest( + name="name_value", + ) + + # Make the request + response = client.get_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_GetSecret_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_secret_version_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_secret_version_async.py new file mode 100644 index 000000000000..11bcbebfa019 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_secret_version_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_GetSecretVersion_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +async def sample_get_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.GetSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = await client.get_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_GetSecretVersion_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_secret_version_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_secret_version_sync.py new file mode 100644 index 000000000000..00571ac9e8c3 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_get_secret_version_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSecretVersion +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_GetSecretVersion_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +def sample_get_secret_version(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.GetSecretVersionRequest( + name="name_value", + ) + + # Make the request + response = client.get_secret_version(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_GetSecretVersion_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_list_secret_versions_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_list_secret_versions_async.py new file mode 100644 index 000000000000..de850247d0fc --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_list_secret_versions_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListSecretVersions +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_ListSecretVersions_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +async def sample_list_secret_versions(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.ListSecretVersionsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secret_versions(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_ListSecretVersions_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_list_secret_versions_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_list_secret_versions_sync.py new file mode 100644 index 000000000000..4435ad44067a --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_list_secret_versions_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListSecretVersions +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_ListSecretVersions_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +def sample_list_secret_versions(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.ListSecretVersionsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secret_versions(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_ListSecretVersions_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_list_secrets_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_list_secrets_async.py new file mode 100644 index 000000000000..431c26a85a02 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_list_secrets_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListSecrets +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_ListSecrets_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +async def sample_list_secrets(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.ListSecretsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secrets(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_ListSecrets_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_list_secrets_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_list_secrets_sync.py new file mode 100644 index 000000000000..49727df87cca --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_list_secrets_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListSecrets +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_ListSecrets_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +def sample_list_secrets(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.ListSecretsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_secrets(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_ListSecrets_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_set_iam_policy_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_set_iam_policy_async.py new file mode 100644 index 000000000000..ffe80a92d5d1 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_set_iam_policy_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for SetIamPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_SetIamPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +async def sample_set_iam_policy(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.SetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = await client.set_iam_policy(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_SetIamPolicy_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_set_iam_policy_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_set_iam_policy_sync.py new file mode 100644 index 000000000000..6b572c8afa1b --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_set_iam_policy_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for SetIamPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_SetIamPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +def sample_set_iam_policy(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.SetIamPolicyRequest( + resource="resource_value", + ) + + # Make the request + response = client.set_iam_policy(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_SetIamPolicy_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_test_iam_permissions_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_test_iam_permissions_async.py new file mode 100644 index 000000000000..558b99b30ad7 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_test_iam_permissions_async.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for TestIamPermissions +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_TestIamPermissions_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +async def sample_test_iam_permissions(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = iam_policy_pb2.TestIamPermissionsRequest( + resource="resource_value", + permissions=['permissions_value1', 'permissions_value2'], + ) + + # Make the request + response = await client.test_iam_permissions(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_TestIamPermissions_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_test_iam_permissions_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_test_iam_permissions_sync.py new file mode 100644 index 000000000000..0bf540ec18a2 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_test_iam_permissions_sync.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for TestIamPermissions +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_TestIamPermissions_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 +from google.iam.v1 import iam_policy_pb2 # type: ignore + + +def sample_test_iam_permissions(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = iam_policy_pb2.TestIamPermissionsRequest( + resource="resource_value", + permissions=['permissions_value1', 'permissions_value2'], + ) + + # Make the request + response = client.test_iam_permissions(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_TestIamPermissions_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_update_secret_async.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_update_secret_async.py new file mode 100644 index 000000000000..ea0b13c18db7 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_update_secret_async.py @@ -0,0 +1,51 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_UpdateSecret_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +async def sample_update_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceAsyncClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.UpdateSecretRequest( + ) + + # Make the request + response = await client.update_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_UpdateSecret_async] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_update_secret_sync.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_update_secret_sync.py new file mode 100644 index 000000000000..09bd498c6a6a --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/secretmanager_v1beta2_generated_secret_manager_service_update_secret_sync.py @@ -0,0 +1,51 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateSecret +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-secretmanager + + +# [START secretmanager_v1beta2_generated_SecretManagerService_UpdateSecret_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import secretmanager_v1beta2 + + +def sample_update_secret(): + # Create a client + client = secretmanager_v1beta2.SecretManagerServiceClient() + + # Initialize request argument(s) + request = secretmanager_v1beta2.UpdateSecretRequest( + ) + + # Make the request + response = client.update_secret(request=request) + + # Handle the response + print(response) + +# [END secretmanager_v1beta2_generated_SecretManagerService_UpdateSecret_sync] diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/snippet_metadata_google.cloud.secretmanager.v1beta2.json b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/snippet_metadata_google.cloud.secretmanager.v1beta2.json new file mode 100644 index 000000000000..9eff2f7a2910 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/samples/generated_samples/snippet_metadata_google.cloud.secretmanager.v1beta2.json @@ -0,0 +1,2432 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.secretmanager.v1beta2", + "version": "v1beta2" + } + ], + "language": "PYTHON", + "name": "google-cloud-secretmanager", + "version": "0.1.0" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.access_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "AccessSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.AccessSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.AccessSecretVersionResponse", + "shortName": "access_secret_version" + }, + "description": "Sample for AccessSecretVersion", + "file": "secretmanager_v1beta2_generated_secret_manager_service_access_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_AccessSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_access_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.access_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "AccessSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.AccessSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.AccessSecretVersionResponse", + "shortName": "access_secret_version" + }, + "description": "Sample for AccessSecretVersion", + "file": "secretmanager_v1beta2_generated_secret_manager_service_access_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_AccessSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_access_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.add_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.AddSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "AddSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.AddSecretVersionRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "payload", + "type": "google.cloud.secretmanager_v1beta2.types.SecretPayload" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.SecretVersion", + "shortName": "add_secret_version" + }, + "description": "Sample for AddSecretVersion", + "file": "secretmanager_v1beta2_generated_secret_manager_service_add_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_AddSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_add_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.add_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.AddSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "AddSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.AddSecretVersionRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "payload", + "type": "google.cloud.secretmanager_v1beta2.types.SecretPayload" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.SecretVersion", + "shortName": "add_secret_version" + }, + "description": "Sample for AddSecretVersion", + "file": "secretmanager_v1beta2_generated_secret_manager_service_add_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_AddSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_add_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.create_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.CreateSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "CreateSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.CreateSecretRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "secret_id", + "type": "str" + }, + { + "name": "secret", + "type": "google.cloud.secretmanager_v1beta2.types.Secret" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.Secret", + "shortName": "create_secret" + }, + "description": "Sample for CreateSecret", + "file": "secretmanager_v1beta2_generated_secret_manager_service_create_secret_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_CreateSecret_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_create_secret_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.create_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.CreateSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "CreateSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.CreateSecretRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "secret_id", + "type": "str" + }, + { + "name": "secret", + "type": "google.cloud.secretmanager_v1beta2.types.Secret" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.Secret", + "shortName": "create_secret" + }, + "description": "Sample for CreateSecret", + "file": "secretmanager_v1beta2_generated_secret_manager_service_create_secret_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_CreateSecret_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_create_secret_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.delete_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.DeleteSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DeleteSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.DeleteSecretRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_secret" + }, + "description": "Sample for DeleteSecret", + "file": "secretmanager_v1beta2_generated_secret_manager_service_delete_secret_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_DeleteSecret_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_delete_secret_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.delete_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.DeleteSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DeleteSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.DeleteSecretRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_secret" + }, + "description": "Sample for DeleteSecret", + "file": "secretmanager_v1beta2_generated_secret_manager_service_delete_secret_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_DeleteSecret_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_delete_secret_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.destroy_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.DestroySecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DestroySecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.DestroySecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.SecretVersion", + "shortName": "destroy_secret_version" + }, + "description": "Sample for DestroySecretVersion", + "file": "secretmanager_v1beta2_generated_secret_manager_service_destroy_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_DestroySecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_destroy_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.destroy_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.DestroySecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DestroySecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.DestroySecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.SecretVersion", + "shortName": "destroy_secret_version" + }, + "description": "Sample for DestroySecretVersion", + "file": "secretmanager_v1beta2_generated_secret_manager_service_destroy_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_DestroySecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_destroy_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.disable_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.DisableSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DisableSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.DisableSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.SecretVersion", + "shortName": "disable_secret_version" + }, + "description": "Sample for DisableSecretVersion", + "file": "secretmanager_v1beta2_generated_secret_manager_service_disable_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_DisableSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_disable_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.disable_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.DisableSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "DisableSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.DisableSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.SecretVersion", + "shortName": "disable_secret_version" + }, + "description": "Sample for DisableSecretVersion", + "file": "secretmanager_v1beta2_generated_secret_manager_service_disable_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_DisableSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_disable_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.enable_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.EnableSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "EnableSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.EnableSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.SecretVersion", + "shortName": "enable_secret_version" + }, + "description": "Sample for EnableSecretVersion", + "file": "secretmanager_v1beta2_generated_secret_manager_service_enable_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_EnableSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_enable_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.enable_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.EnableSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "EnableSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.EnableSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.SecretVersion", + "shortName": "enable_secret_version" + }, + "description": "Sample for EnableSecretVersion", + "file": "secretmanager_v1beta2_generated_secret_manager_service_enable_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_EnableSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_enable_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.get_iam_policy", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.GetIamPolicy", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetIamPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.GetIamPolicyRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.policy_pb2.Policy", + "shortName": "get_iam_policy" + }, + "description": "Sample for GetIamPolicy", + "file": "secretmanager_v1beta2_generated_secret_manager_service_get_iam_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_GetIamPolicy_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_get_iam_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.get_iam_policy", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.GetIamPolicy", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetIamPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.GetIamPolicyRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.policy_pb2.Policy", + "shortName": "get_iam_policy" + }, + "description": "Sample for GetIamPolicy", + "file": "secretmanager_v1beta2_generated_secret_manager_service_get_iam_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_GetIamPolicy_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_get_iam_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.get_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.GetSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.SecretVersion", + "shortName": "get_secret_version" + }, + "description": "Sample for GetSecretVersion", + "file": "secretmanager_v1beta2_generated_secret_manager_service_get_secret_version_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_GetSecretVersion_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_get_secret_version_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.get_secret_version", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecretVersion", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetSecretVersion" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.GetSecretVersionRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.SecretVersion", + "shortName": "get_secret_version" + }, + "description": "Sample for GetSecretVersion", + "file": "secretmanager_v1beta2_generated_secret_manager_service_get_secret_version_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_GetSecretVersion_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_get_secret_version_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.get_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.GetSecretRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.Secret", + "shortName": "get_secret" + }, + "description": "Sample for GetSecret", + "file": "secretmanager_v1beta2_generated_secret_manager_service_get_secret_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_GetSecret_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_get_secret_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.get_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "GetSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.GetSecretRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.Secret", + "shortName": "get_secret" + }, + "description": "Sample for GetSecret", + "file": "secretmanager_v1beta2_generated_secret_manager_service_get_secret_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_GetSecret_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_get_secret_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.list_secret_versions", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecretVersions", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "ListSecretVersions" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.ListSecretVersionsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.services.secret_manager_service.pagers.ListSecretVersionsAsyncPager", + "shortName": "list_secret_versions" + }, + "description": "Sample for ListSecretVersions", + "file": "secretmanager_v1beta2_generated_secret_manager_service_list_secret_versions_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_ListSecretVersions_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_list_secret_versions_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.list_secret_versions", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecretVersions", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "ListSecretVersions" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.ListSecretVersionsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.services.secret_manager_service.pagers.ListSecretVersionsPager", + "shortName": "list_secret_versions" + }, + "description": "Sample for ListSecretVersions", + "file": "secretmanager_v1beta2_generated_secret_manager_service_list_secret_versions_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_ListSecretVersions_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_list_secret_versions_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.list_secrets", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecrets", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "ListSecrets" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.ListSecretsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.services.secret_manager_service.pagers.ListSecretsAsyncPager", + "shortName": "list_secrets" + }, + "description": "Sample for ListSecrets", + "file": "secretmanager_v1beta2_generated_secret_manager_service_list_secrets_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_ListSecrets_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_list_secrets_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.list_secrets", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecrets", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "ListSecrets" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.ListSecretsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.services.secret_manager_service.pagers.ListSecretsPager", + "shortName": "list_secrets" + }, + "description": "Sample for ListSecrets", + "file": "secretmanager_v1beta2_generated_secret_manager_service_list_secrets_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_ListSecrets_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_list_secrets_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.set_iam_policy", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.SetIamPolicy", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "SetIamPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.SetIamPolicyRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.policy_pb2.Policy", + "shortName": "set_iam_policy" + }, + "description": "Sample for SetIamPolicy", + "file": "secretmanager_v1beta2_generated_secret_manager_service_set_iam_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_SetIamPolicy_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_set_iam_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.set_iam_policy", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.SetIamPolicy", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "SetIamPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.SetIamPolicyRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.policy_pb2.Policy", + "shortName": "set_iam_policy" + }, + "description": "Sample for SetIamPolicy", + "file": "secretmanager_v1beta2_generated_secret_manager_service_set_iam_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_SetIamPolicy_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 46, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 49, + "start": 47, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_set_iam_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.test_iam_permissions", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.TestIamPermissions", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "TestIamPermissions" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse", + "shortName": "test_iam_permissions" + }, + "description": "Sample for TestIamPermissions", + "file": "secretmanager_v1beta2_generated_secret_manager_service_test_iam_permissions_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_TestIamPermissions_async", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_test_iam_permissions_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.test_iam_permissions", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.TestIamPermissions", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "TestIamPermissions" + }, + "parameters": [ + { + "name": "request", + "type": "google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse", + "shortName": "test_iam_permissions" + }, + "description": "Sample for TestIamPermissions", + "file": "secretmanager_v1beta2_generated_secret_manager_service_test_iam_permissions_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_TestIamPermissions_sync", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 41, + "start": 39, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 42, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_test_iam_permissions_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient", + "shortName": "SecretManagerServiceAsyncClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceAsyncClient.update_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.UpdateSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "UpdateSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.UpdateSecretRequest" + }, + { + "name": "secret", + "type": "google.cloud.secretmanager_v1beta2.types.Secret" + }, + { + "name": "update_mask", + "type": "google.protobuf.field_mask_pb2.FieldMask" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.Secret", + "shortName": "update_secret" + }, + "description": "Sample for UpdateSecret", + "file": "secretmanager_v1beta2_generated_secret_manager_service_update_secret_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_UpdateSecret_async", + "segments": [ + { + "end": 50, + "start": 27, + "type": "FULL" + }, + { + "end": 50, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 44, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 47, + "start": 45, + "type": "REQUEST_EXECUTION" + }, + { + "end": 51, + "start": 48, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_update_secret_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient", + "shortName": "SecretManagerServiceClient" + }, + "fullName": "google.cloud.secretmanager_v1beta2.SecretManagerServiceClient.update_secret", + "method": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService.UpdateSecret", + "service": { + "fullName": "google.cloud.secretmanager.v1beta2.SecretManagerService", + "shortName": "SecretManagerService" + }, + "shortName": "UpdateSecret" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.secretmanager_v1beta2.types.UpdateSecretRequest" + }, + { + "name": "secret", + "type": "google.cloud.secretmanager_v1beta2.types.Secret" + }, + { + "name": "update_mask", + "type": "google.protobuf.field_mask_pb2.FieldMask" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.secretmanager_v1beta2.types.Secret", + "shortName": "update_secret" + }, + "description": "Sample for UpdateSecret", + "file": "secretmanager_v1beta2_generated_secret_manager_service_update_secret_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "secretmanager_v1beta2_generated_SecretManagerService_UpdateSecret_sync", + "segments": [ + { + "end": 50, + "start": 27, + "type": "FULL" + }, + { + "end": 50, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 44, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 47, + "start": 45, + "type": "REQUEST_EXECUTION" + }, + { + "end": 51, + "start": 48, + "type": "RESPONSE_HANDLING" + } + ], + "title": "secretmanager_v1beta2_generated_secret_manager_service_update_secret_sync.py" + } + ] +} diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/scripts/fixup_secretmanager_v1beta2_keywords.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/scripts/fixup_secretmanager_v1beta2_keywords.py new file mode 100644 index 000000000000..03d2112b5795 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/scripts/fixup_secretmanager_v1beta2_keywords.py @@ -0,0 +1,190 @@ +#! /usr/bin/env python3 +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import argparse +import os +import libcst as cst +import pathlib +import sys +from typing import (Any, Callable, Dict, List, Sequence, Tuple) + + +def partition( + predicate: Callable[[Any], bool], + iterator: Sequence[Any] +) -> Tuple[List[Any], List[Any]]: + """A stable, out-of-place partition.""" + results = ([], []) + + for i in iterator: + results[int(predicate(i))].append(i) + + # Returns trueList, falseList + return results[1], results[0] + + +class secretmanagerCallTransformer(cst.CSTTransformer): + CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') + METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { + 'access_secret_version': ('name', ), + 'add_secret_version': ('parent', 'payload', ), + 'create_secret': ('parent', 'secret_id', 'secret', ), + 'delete_secret': ('name', 'etag', ), + 'destroy_secret_version': ('name', 'etag', ), + 'disable_secret_version': ('name', 'etag', ), + 'enable_secret_version': ('name', 'etag', ), + 'get_iam_policy': ('resource', 'options', ), + 'get_secret': ('name', ), + 'get_secret_version': ('name', ), + 'list_secrets': ('parent', 'page_size', 'page_token', 'filter', ), + 'list_secret_versions': ('parent', 'page_size', 'page_token', 'filter', ), + 'set_iam_policy': ('resource', 'policy', 'update_mask', ), + 'test_iam_permissions': ('resource', 'permissions', ), + 'update_secret': ('secret', 'update_mask', ), + } + + def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: + try: + key = original.func.attr.value + kword_params = self.METHOD_TO_PARAMS[key] + except (AttributeError, KeyError): + # Either not a method from the API or too convoluted to be sure. + return updated + + # If the existing code is valid, keyword args come after positional args. + # Therefore, all positional args must map to the first parameters. + args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) + if any(k.keyword.value == "request" for k in kwargs): + # We've already fixed this file, don't fix it again. + return updated + + kwargs, ctrl_kwargs = partition( + lambda a: a.keyword.value not in self.CTRL_PARAMS, + kwargs + ) + + args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] + ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) + for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) + + request_arg = cst.Arg( + value=cst.Dict([ + cst.DictElement( + cst.SimpleString("'{}'".format(name)), +cst.Element(value=arg.value) + ) + # Note: the args + kwargs looks silly, but keep in mind that + # the control parameters had to be stripped out, and that + # those could have been passed positionally or by keyword. + for name, arg in zip(kword_params, args + kwargs)]), + keyword=cst.Name("request") + ) + + return updated.with_changes( + args=[request_arg] + ctrl_kwargs + ) + + +def fix_files( + in_dir: pathlib.Path, + out_dir: pathlib.Path, + *, + transformer=secretmanagerCallTransformer(), +): + """Duplicate the input dir to the output dir, fixing file method calls. + + Preconditions: + * in_dir is a real directory + * out_dir is a real, empty directory + """ + pyfile_gen = ( + pathlib.Path(os.path.join(root, f)) + for root, _, files in os.walk(in_dir) + for f in files if os.path.splitext(f)[1] == ".py" + ) + + for fpath in pyfile_gen: + with open(fpath, 'r') as f: + src = f.read() + + # Parse the code and insert method call fixes. + tree = cst.parse_module(src) + updated = tree.visit(transformer) + + # Create the path and directory structure for the new file. + updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) + updated_path.parent.mkdir(parents=True, exist_ok=True) + + # Generate the updated source file at the corresponding path. + with open(updated_path, 'w') as f: + f.write(updated.code) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description="""Fix up source that uses the secretmanager client library. + +The existing sources are NOT overwritten but are copied to output_dir with changes made. + +Note: This tool operates at a best-effort level at converting positional + parameters in client method calls to keyword based parameters. + Cases where it WILL FAIL include + A) * or ** expansion in a method call. + B) Calls via function or method alias (includes free function calls) + C) Indirect or dispatched calls (e.g. the method is looked up dynamically) + + These all constitute false negatives. The tool will also detect false + positives when an API method shares a name with another method. +""") + parser.add_argument( + '-d', + '--input-directory', + required=True, + dest='input_dir', + help='the input directory to walk for python files to fix up', + ) + parser.add_argument( + '-o', + '--output-directory', + required=True, + dest='output_dir', + help='the directory to output files fixed via un-flattening', + ) + args = parser.parse_args() + input_dir = pathlib.Path(args.input_dir) + output_dir = pathlib.Path(args.output_dir) + if not input_dir.is_dir(): + print( + f"input directory '{input_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if not output_dir.is_dir(): + print( + f"output directory '{output_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if os.listdir(output_dir): + print( + f"output directory '{output_dir}' is not empty", + file=sys.stderr, + ) + sys.exit(-1) + + fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/setup.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/setup.py new file mode 100644 index 000000000000..6f92e038d3dd --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/setup.py @@ -0,0 +1,94 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import io +import os +import re + +import setuptools # type: ignore + +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = 'google-cloud-secretmanager' + + +description = "Google Cloud Secretmanager API client library" + +version = None + +with open(os.path.join(package_root, 'google/cloud/secretmanager/gapic_version.py')) as fp: + version_candidates = re.findall(r"(?<=\")\d+.\d+.\d+(?=\")", fp.read()) + assert (len(version_candidates) == 1) + version = version_candidates[0] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.34.1, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*,!=2.8.*,!=2.9.*,!=2.10.*", + # Exclude incompatible versions of `google-auth` + # See https://github.com/googleapis/google-cloud-python/issues/12364 + "google-auth >= 2.14.1, <3.0.0dev,!=2.24.0,!=2.25.0", + "proto-plus >= 1.22.3, <2.0.0dev", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", + "grpc-google-iam-v1 >= 0.12.4, <1.0.0dev", +] +url = "https://github.com/googleapis/google-cloud-python/tree/main/packages/google-cloud-secretmanager" + +package_root = os.path.abspath(os.path.dirname(__file__)) + +readme_filename = os.path.join(package_root, "README.rst") +with io.open(readme_filename, encoding="utf-8") as readme_file: + readme = readme_file.read() + +packages = [ + package + for package in setuptools.find_namespace_packages() + if package.startswith("google") +] + +setuptools.setup( + name=name, + version=version, + description=description, + long_description=readme, + author="Google LLC", + author_email="googleapis-packages@google.com", + license="Apache 2.0", + url=url, + classifiers=[ + release_status, + "Intended Audience :: Developers", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Operating System :: OS Independent", + "Topic :: Internet", + ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + install_requires=dependencies, + include_package_data=True, + zip_safe=False, +) diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.10.txt b/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.10.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.10.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.11.txt b/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.11.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.11.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.12.txt b/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.12.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.12.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.7.txt b/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.7.txt new file mode 100644 index 000000000000..4cd2782277d4 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.7.txt @@ -0,0 +1,11 @@ +# This constraints file is used to check that lower bounds +# are correct in setup.py +# List all library dependencies and extras in this file. +# Pin the version to the lower bound. +# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", +# Then this file should have google-cloud-foo==1.14.0 +google-api-core==1.34.1 +google-auth==2.14.1 +proto-plus==1.22.3 +protobuf==3.19.5 +grpc-google-iam-v1==0.12.4 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.8.txt b/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.8.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.8.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.9.txt b/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.9.txt new file mode 100644 index 000000000000..ad3f0fa58e2d --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/testing/constraints-3.9.txt @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf +grpc-google-iam-v1 diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/__init__.py new file mode 100644 index 000000000000..7b3de3117f38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/unit/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/unit/__init__.py new file mode 100644 index 000000000000..7b3de3117f38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/unit/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/unit/gapic/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/unit/gapic/__init__.py new file mode 100644 index 000000000000..7b3de3117f38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/unit/gapic/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/unit/gapic/secretmanager_v1beta2/__init__.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/unit/gapic/secretmanager_v1beta2/__init__.py new file mode 100644 index 000000000000..7b3de3117f38 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/unit/gapic/secretmanager_v1beta2/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/unit/gapic/secretmanager_v1beta2/test_secret_manager_service.py b/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/unit/gapic/secretmanager_v1beta2/test_secret_manager_service.py new file mode 100644 index 000000000000..6074e2ec9fb1 --- /dev/null +++ b/owl-bot-staging/google-cloud-secret-manager/v1beta2/tests/unit/gapic/secretmanager_v1beta2/test_secret_manager_service.py @@ -0,0 +1,10145 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +from collections.abc import Iterable +from google.protobuf import json_format +import json +import math +import pytest +from google.api_core import api_core_version +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers +from requests import Response +from requests import Request, PreparedRequest +from requests.sessions import Session +from google.protobuf import json_format + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.location import locations_pb2 +from google.cloud.secretmanager_v1beta2.services.secret_manager_service import SecretManagerServiceAsyncClient +from google.cloud.secretmanager_v1beta2.services.secret_manager_service import SecretManagerServiceClient +from google.cloud.secretmanager_v1beta2.services.secret_manager_service import pagers +from google.cloud.secretmanager_v1beta2.services.secret_manager_service import transports +from google.cloud.secretmanager_v1beta2.types import resources +from google.cloud.secretmanager_v1beta2.types import service +from google.iam.v1 import iam_policy_pb2 # type: ignore +from google.iam.v1 import options_pb2 # type: ignore +from google.iam.v1 import policy_pb2 # type: ignore +from google.oauth2 import service_account +from google.protobuf import duration_pb2 # type: ignore +from google.protobuf import field_mask_pb2 # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore +from google.type import expr_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + +# If default endpoint template is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint template so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint_template(client): + return "test.{UNIVERSE_DOMAIN}" if ("localhost" in client._DEFAULT_ENDPOINT_TEMPLATE) else client._DEFAULT_ENDPOINT_TEMPLATE + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert SecretManagerServiceClient._get_default_mtls_endpoint(None) is None + assert SecretManagerServiceClient._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert SecretManagerServiceClient._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert SecretManagerServiceClient._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert SecretManagerServiceClient._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert SecretManagerServiceClient._get_default_mtls_endpoint(non_googleapi) == non_googleapi + +def test__read_environment_variables(): + assert SecretManagerServiceClient._read_environment_variables() == (False, "auto", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + assert SecretManagerServiceClient._read_environment_variables() == (True, "auto", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "auto", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError) as excinfo: + SecretManagerServiceClient._read_environment_variables() + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`" + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "never", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "always", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "auto", None) + + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError) as excinfo: + SecretManagerServiceClient._read_environment_variables() + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`" + + with mock.patch.dict(os.environ, {"GOOGLE_CLOUD_UNIVERSE_DOMAIN": "foo.com"}): + assert SecretManagerServiceClient._read_environment_variables() == (False, "auto", "foo.com") + +def test__get_client_cert_source(): + mock_provided_cert_source = mock.Mock() + mock_default_cert_source = mock.Mock() + + assert SecretManagerServiceClient._get_client_cert_source(None, False) is None + assert SecretManagerServiceClient._get_client_cert_source(mock_provided_cert_source, False) is None + assert SecretManagerServiceClient._get_client_cert_source(mock_provided_cert_source, True) == mock_provided_cert_source + + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_default_cert_source): + assert SecretManagerServiceClient._get_client_cert_source(None, True) is mock_default_cert_source + assert SecretManagerServiceClient._get_client_cert_source(mock_provided_cert_source, "true") is mock_provided_cert_source + +@mock.patch.object(SecretManagerServiceClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceAsyncClient)) +def test__get_api_endpoint(): + api_override = "foo.com" + mock_client_cert_source = mock.Mock() + default_universe = SecretManagerServiceClient._DEFAULT_UNIVERSE + default_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=default_universe) + mock_universe = "bar.com" + mock_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=mock_universe) + + assert SecretManagerServiceClient._get_api_endpoint(api_override, mock_client_cert_source, default_universe, "always") == api_override + assert SecretManagerServiceClient._get_api_endpoint(None, mock_client_cert_source, default_universe, "auto") == SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + assert SecretManagerServiceClient._get_api_endpoint(None, None, default_universe, "auto") == default_endpoint + assert SecretManagerServiceClient._get_api_endpoint(None, None, default_universe, "always") == SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + assert SecretManagerServiceClient._get_api_endpoint(None, mock_client_cert_source, default_universe, "always") == SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT + assert SecretManagerServiceClient._get_api_endpoint(None, None, mock_universe, "never") == mock_endpoint + assert SecretManagerServiceClient._get_api_endpoint(None, None, default_universe, "never") == default_endpoint + + with pytest.raises(MutualTLSChannelError) as excinfo: + SecretManagerServiceClient._get_api_endpoint(None, mock_client_cert_source, mock_universe, "auto") + assert str(excinfo.value) == "mTLS is not supported in any universe other than googleapis.com." + +def test__get_universe_domain(): + client_universe_domain = "foo.com" + universe_domain_env = "bar.com" + + assert SecretManagerServiceClient._get_universe_domain(client_universe_domain, universe_domain_env) == client_universe_domain + assert SecretManagerServiceClient._get_universe_domain(None, universe_domain_env) == universe_domain_env + assert SecretManagerServiceClient._get_universe_domain(None, None) == SecretManagerServiceClient._DEFAULT_UNIVERSE + + with pytest.raises(ValueError) as excinfo: + SecretManagerServiceClient._get_universe_domain("", None) + assert str(excinfo.value) == "Universe Domain cannot be an empty string." + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest"), +]) +def test__validate_universe_domain(client_class, transport_class, transport_name): + client = client_class( + transport=transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + ) + assert client._validate_universe_domain() == True + + # Test the case when universe is already validated. + assert client._validate_universe_domain() == True + + if transport_name == "grpc": + # Test the case where credentials are provided by the + # `local_channel_credentials`. The default universes in both match. + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + client = client_class(transport=transport_class(channel=channel)) + assert client._validate_universe_domain() == True + + # Test the case where credentials do not exist: e.g. a transport is provided + # with no credentials. Validation should still succeed because there is no + # mismatch with non-existent credentials. + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + transport=transport_class(channel=channel) + transport._credentials = None + client = client_class(transport=transport) + assert client._validate_universe_domain() == True + + # TODO: This is needed to cater for older versions of google-auth + # Make this test unconditional once the minimum supported version of + # google-auth becomes 2.23.0 or higher. + google_auth_major, google_auth_minor = [int(part) for part in google.auth.__version__.split(".")[0:2]] + if google_auth_major > 2 or (google_auth_major == 2 and google_auth_minor >= 23): + credentials = ga_credentials.AnonymousCredentials() + credentials._universe_domain = "foo.com" + # Test the case when there is a universe mismatch from the credentials. + client = client_class( + transport=transport_class(credentials=credentials) + ) + with pytest.raises(ValueError) as excinfo: + client._validate_universe_domain() + assert str(excinfo.value) == "The configured universe domain (googleapis.com) does not match the universe domain found in the credentials (foo.com). If you haven't configured the universe domain explicitly, `googleapis.com` is the default." + + # Test the case when there is a universe mismatch from the client. + # + # TODO: Make this test unconditional once the minimum supported version of + # google-api-core becomes 2.15.0 or higher. + api_core_major, api_core_minor = [int(part) for part in api_core_version.__version__.split(".")[0:2]] + if api_core_major > 2 or (api_core_major == 2 and api_core_minor >= 15): + client = client_class(client_options={"universe_domain": "bar.com"}, transport=transport_class(credentials=ga_credentials.AnonymousCredentials(),)) + with pytest.raises(ValueError) as excinfo: + client._validate_universe_domain() + assert str(excinfo.value) == "The configured universe domain (bar.com) does not match the universe domain found in the credentials (googleapis.com). If you haven't configured the universe domain explicitly, `googleapis.com` is the default." + + # Test that ValueError is raised if universe_domain is provided via client options and credentials is None + with pytest.raises(ValueError): + client._compare_universes("foo.bar", None) + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SecretManagerServiceClient, "grpc"), + (SecretManagerServiceAsyncClient, "grpc_asyncio"), + (SecretManagerServiceClient, "rest"), +]) +def test_secret_manager_service_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'secretmanager.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else + 'https://secretmanager.googleapis.com' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.SecretManagerServiceGrpcTransport, "grpc"), + (transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (transports.SecretManagerServiceRestTransport, "rest"), +]) +def test_secret_manager_service_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SecretManagerServiceClient, "grpc"), + (SecretManagerServiceAsyncClient, "grpc_asyncio"), + (SecretManagerServiceClient, "rest"), +]) +def test_secret_manager_service_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'secretmanager.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else + 'https://secretmanager.googleapis.com' + ) + + +def test_secret_manager_service_client_get_transport_class(): + transport = SecretManagerServiceClient.get_transport_class() + available_transports = [ + transports.SecretManagerServiceGrpcTransport, + transports.SecretManagerServiceRestTransport, + ] + assert transport in available_transports + + transport = SecretManagerServiceClient.get_transport_class("grpc") + assert transport == transports.SecretManagerServiceGrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc"), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest"), +]) +@mock.patch.object(SecretManagerServiceClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceAsyncClient)) +def test_secret_manager_service_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(SecretManagerServiceClient, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(SecretManagerServiceClient, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError) as excinfo: + client = client_class(transport=transport_name) + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`" + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError) as excinfo: + client = client_class(transport=transport_name) + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`" + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc", "true"), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio", "true"), + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc", "false"), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio", "false"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest", "true"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest", "false"), +]) +@mock.patch.object(SecretManagerServiceClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceAsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_secret_manager_service_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE) + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE) + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + SecretManagerServiceClient, SecretManagerServiceAsyncClient +]) +@mock.patch.object(SecretManagerServiceClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SecretManagerServiceAsyncClient)) +def test_secret_manager_service_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError) as excinfo: + client_class.get_mtls_endpoint_and_cert_source() + + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`" + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError) as excinfo: + client_class.get_mtls_endpoint_and_cert_source() + + assert str(excinfo.value) == "Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`" + +@pytest.mark.parametrize("client_class", [ + SecretManagerServiceClient, SecretManagerServiceAsyncClient +]) +@mock.patch.object(SecretManagerServiceClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceClient)) +@mock.patch.object(SecretManagerServiceAsyncClient, "_DEFAULT_ENDPOINT_TEMPLATE", modify_default_endpoint_template(SecretManagerServiceAsyncClient)) +def test_secret_manager_service_client_client_api_endpoint(client_class): + mock_client_cert_source = client_cert_source_callback + api_override = "foo.com" + default_universe = SecretManagerServiceClient._DEFAULT_UNIVERSE + default_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=default_universe) + mock_universe = "bar.com" + mock_endpoint = SecretManagerServiceClient._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=mock_universe) + + # If ClientOptions.api_endpoint is set and GOOGLE_API_USE_CLIENT_CERTIFICATE="true", + # use ClientOptions.api_endpoint as the api endpoint regardless. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch("google.auth.transport.requests.AuthorizedSession.configure_mtls_channel"): + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=api_override) + client = client_class(client_options=options, credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == api_override + + # If ClientOptions.api_endpoint is not set and GOOGLE_API_USE_MTLS_ENDPOINT="never", + # use the _DEFAULT_ENDPOINT_TEMPLATE populated with GDU as the api endpoint. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + client = client_class(credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == default_endpoint + + # If ClientOptions.api_endpoint is not set and GOOGLE_API_USE_MTLS_ENDPOINT="always", + # use the DEFAULT_MTLS_ENDPOINT as the api endpoint. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + client = client_class(credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + + # If ClientOptions.api_endpoint is not set, GOOGLE_API_USE_MTLS_ENDPOINT="auto" (default), + # GOOGLE_API_USE_CLIENT_CERTIFICATE="false" (default), default cert source doesn't exist, + # and ClientOptions.universe_domain="bar.com", + # use the _DEFAULT_ENDPOINT_TEMPLATE populated with universe domain as the api endpoint. + options = client_options.ClientOptions() + universe_exists = hasattr(options, "universe_domain") + if universe_exists: + options = client_options.ClientOptions(universe_domain=mock_universe) + client = client_class(client_options=options, credentials=ga_credentials.AnonymousCredentials()) + else: + client = client_class(client_options=options, credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == (mock_endpoint if universe_exists else default_endpoint) + assert client.universe_domain == (mock_universe if universe_exists else default_universe) + + # If ClientOptions does not have a universe domain attribute and GOOGLE_API_USE_MTLS_ENDPOINT="never", + # use the _DEFAULT_ENDPOINT_TEMPLATE populated with GDU as the api endpoint. + options = client_options.ClientOptions() + if hasattr(options, "universe_domain"): + delattr(options, "universe_domain") + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + client = client_class(client_options=options, credentials=ga_credentials.AnonymousCredentials()) + assert client.api_endpoint == default_endpoint + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc"), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio"), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest"), +]) +def test_secret_manager_service_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc", grpc_helpers), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), + (SecretManagerServiceClient, transports.SecretManagerServiceRestTransport, "rest", None), +]) +def test_secret_manager_service_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_secret_manager_service_client_client_options_from_dict(): + with mock.patch('google.cloud.secretmanager_v1beta2.services.secret_manager_service.transports.SecretManagerServiceGrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = SecretManagerServiceClient( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport, "grpc", grpc_helpers), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_secret_manager_service_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "secretmanager.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="secretmanager.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListSecretsRequest, + dict, +]) +def test_list_secrets(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretsResponse( + next_page_token='next_page_token_value', + total_size=1086, + ) + response = client.list_secrets(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.ListSecretsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretsPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +def test_list_secrets_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + client.list_secrets() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretsRequest() + + +def test_list_secrets_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.ListSecretsRequest( + parent='parent_value', + page_token='page_token_value', + filter='filter_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + client.list_secrets(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretsRequest( + parent='parent_value', + page_token='page_token_value', + filter='filter_value', + ) + +@pytest.mark.asyncio +async def test_list_secrets_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretsResponse( + next_page_token='next_page_token_value', + total_size=1086, + )) + response = await client.list_secrets() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretsRequest() + +@pytest.mark.asyncio +async def test_list_secrets_async(transport: str = 'grpc_asyncio', request_type=service.ListSecretsRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretsResponse( + next_page_token='next_page_token_value', + total_size=1086, + )) + response = await client.list_secrets(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.ListSecretsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +@pytest.mark.asyncio +async def test_list_secrets_async_from_dict(): + await test_list_secrets_async(request_type=dict) + + +def test_list_secrets_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListSecretsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + call.return_value = service.ListSecretsResponse() + client.list_secrets(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_secrets_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListSecretsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretsResponse()) + await client.list_secrets(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_secrets_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_secrets( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_secrets_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_secrets( + service.ListSecretsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_secrets_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_secrets( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_secrets_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_secrets( + service.ListSecretsRequest(), + parent='parent_value', + ) + + +def test_list_secrets_pager(transport_name: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_secrets(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Secret) + for i in results) +def test_list_secrets_pages(transport_name: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + RuntimeError, + ) + pages = list(client.list_secrets(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_secrets_async_pager(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_secrets(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.Secret) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_secrets_async_pages(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secrets), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + RuntimeError, + ) + pages = [] + # Workaround issue in python 3.9 related to code coverage by adding `# pragma: no branch` + # See https://github.com/googleapis/gapic-generator-python/pull/1174#issuecomment-1025132372 + async for page_ in ( # pragma: no branch + await client.list_secrets(request={}) + ).pages: + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.CreateSecretRequest, + dict, +]) +def test_create_secret(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret( + name='name_value', + etag='etag_value', + ) + response = client.create_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.CreateSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +def test_create_secret_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + client.create_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateSecretRequest() + + +def test_create_secret_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.CreateSecretRequest( + parent='parent_value', + secret_id='secret_id_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + client.create_secret(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateSecretRequest( + parent='parent_value', + secret_id='secret_id_value', + ) + +@pytest.mark.asyncio +async def test_create_secret_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + etag='etag_value', + )) + response = await client.create_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateSecretRequest() + +@pytest.mark.asyncio +async def test_create_secret_async(transport: str = 'grpc_asyncio', request_type=service.CreateSecretRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + etag='etag_value', + )) + response = await client.create_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.CreateSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +@pytest.mark.asyncio +async def test_create_secret_async_from_dict(): + await test_create_secret_async(request_type=dict) + + +def test_create_secret_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateSecretRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + call.return_value = resources.Secret() + client.create_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_create_secret_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateSecretRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + await client.create_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_create_secret_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.create_secret( + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].secret_id + mock_val = 'secret_id_value' + assert arg == mock_val + arg = args[0].secret + mock_val = resources.Secret(name='name_value') + assert arg == mock_val + + +def test_create_secret_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_secret( + service.CreateSecretRequest(), + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_create_secret_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.create_secret( + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].secret_id + mock_val = 'secret_id_value' + assert arg == mock_val + arg = args[0].secret + mock_val = resources.Secret(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_create_secret_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.create_secret( + service.CreateSecretRequest(), + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.AddSecretVersionRequest, + dict, +]) +def test_add_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + response = client.add_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.AddSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_add_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + client.add_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AddSecretVersionRequest() + + +def test_add_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.AddSecretVersionRequest( + parent='parent_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + client.add_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AddSecretVersionRequest( + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_add_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.add_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AddSecretVersionRequest() + +@pytest.mark.asyncio +async def test_add_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.AddSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.add_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.AddSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +@pytest.mark.asyncio +async def test_add_secret_version_async_from_dict(): + await test_add_secret_version_async(request_type=dict) + + +def test_add_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.AddSecretVersionRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.add_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_add_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.AddSecretVersionRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.add_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_add_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.add_secret_version( + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].payload + mock_val = resources.SecretPayload(data=b'data_blob') + assert arg == mock_val + + +def test_add_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.add_secret_version( + service.AddSecretVersionRequest(), + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + +@pytest.mark.asyncio +async def test_add_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.add_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.add_secret_version( + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].payload + mock_val = resources.SecretPayload(data=b'data_blob') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_add_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.add_secret_version( + service.AddSecretVersionRequest(), + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSecretRequest, + dict, +]) +def test_get_secret(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret( + name='name_value', + etag='etag_value', + ) + response = client.get_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.GetSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +def test_get_secret_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + client.get_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretRequest() + + +def test_get_secret_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.GetSecretRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + client.get_secret(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_secret_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + etag='etag_value', + )) + response = await client.get_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretRequest() + +@pytest.mark.asyncio +async def test_get_secret_async(transport: str = 'grpc_asyncio', request_type=service.GetSecretRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + etag='etag_value', + )) + response = await client.get_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.GetSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +@pytest.mark.asyncio +async def test_get_secret_async_from_dict(): + await test_get_secret_async(request_type=dict) + + +def test_get_secret_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSecretRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + call.return_value = resources.Secret() + client.get_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_secret_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSecretRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + await client.get_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_secret_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_secret( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_secret_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_secret( + service.GetSecretRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_secret_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_secret( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_secret_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_secret( + service.GetSecretRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateSecretRequest, + dict, +]) +def test_update_secret(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret( + name='name_value', + etag='etag_value', + ) + response = client.update_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.UpdateSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +def test_update_secret_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + client.update_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateSecretRequest() + + +def test_update_secret_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.UpdateSecretRequest( + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + client.update_secret(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateSecretRequest( + ) + +@pytest.mark.asyncio +async def test_update_secret_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + etag='etag_value', + )) + response = await client.update_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateSecretRequest() + +@pytest.mark.asyncio +async def test_update_secret_async(transport: str = 'grpc_asyncio', request_type=service.UpdateSecretRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret( + name='name_value', + etag='etag_value', + )) + response = await client.update_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.UpdateSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +@pytest.mark.asyncio +async def test_update_secret_async_from_dict(): + await test_update_secret_async(request_type=dict) + + +def test_update_secret_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateSecretRequest() + + request.secret.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + call.return_value = resources.Secret() + client.update_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'secret.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_secret_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateSecretRequest() + + request.secret.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + await client.update_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'secret.name=name_value', + ) in kw['metadata'] + + +def test_update_secret_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_secret( + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].secret + mock_val = resources.Secret(name='name_value') + assert arg == mock_val + arg = args[0].update_mask + mock_val = field_mask_pb2.FieldMask(paths=['paths_value']) + assert arg == mock_val + + +def test_update_secret_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_secret( + service.UpdateSecretRequest(), + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + +@pytest.mark.asyncio +async def test_update_secret_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Secret() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Secret()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_secret( + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].secret + mock_val = resources.Secret(name='name_value') + assert arg == mock_val + arg = args[0].update_mask + mock_val = field_mask_pb2.FieldMask(paths=['paths_value']) + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_secret_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_secret( + service.UpdateSecretRequest(), + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + + +@pytest.mark.parametrize("request_type", [ + service.DeleteSecretRequest, + dict, +]) +def test_delete_secret(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + response = client.delete_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.DeleteSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_secret_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + client.delete_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteSecretRequest() + + +def test_delete_secret_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.DeleteSecretRequest( + name='name_value', + etag='etag_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + client.delete_secret(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteSecretRequest( + name='name_value', + etag='etag_value', + ) + +@pytest.mark.asyncio +async def test_delete_secret_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_secret() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteSecretRequest() + +@pytest.mark.asyncio +async def test_delete_secret_async(transport: str = 'grpc_asyncio', request_type=service.DeleteSecretRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.DeleteSecretRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert response is None + + +@pytest.mark.asyncio +async def test_delete_secret_async_from_dict(): + await test_delete_secret_async(request_type=dict) + + +def test_delete_secret_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteSecretRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + call.return_value = None + client.delete_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_delete_secret_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteSecretRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + await client.delete_secret(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_delete_secret_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.delete_secret( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_delete_secret_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_secret( + service.DeleteSecretRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_delete_secret_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_secret), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.delete_secret( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_delete_secret_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.delete_secret( + service.DeleteSecretRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListSecretVersionsRequest, + dict, +]) +def test_list_secret_versions(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretVersionsResponse( + next_page_token='next_page_token_value', + total_size=1086, + ) + response = client.list_secret_versions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.ListSecretVersionsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretVersionsPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +def test_list_secret_versions_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + client.list_secret_versions() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretVersionsRequest() + + +def test_list_secret_versions_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.ListSecretVersionsRequest( + parent='parent_value', + page_token='page_token_value', + filter='filter_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + client.list_secret_versions(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretVersionsRequest( + parent='parent_value', + page_token='page_token_value', + filter='filter_value', + ) + +@pytest.mark.asyncio +async def test_list_secret_versions_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretVersionsResponse( + next_page_token='next_page_token_value', + total_size=1086, + )) + response = await client.list_secret_versions() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListSecretVersionsRequest() + +@pytest.mark.asyncio +async def test_list_secret_versions_async(transport: str = 'grpc_asyncio', request_type=service.ListSecretVersionsRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretVersionsResponse( + next_page_token='next_page_token_value', + total_size=1086, + )) + response = await client.list_secret_versions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.ListSecretVersionsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretVersionsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +@pytest.mark.asyncio +async def test_list_secret_versions_async_from_dict(): + await test_list_secret_versions_async(request_type=dict) + + +def test_list_secret_versions_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListSecretVersionsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + call.return_value = service.ListSecretVersionsResponse() + client.list_secret_versions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_secret_versions_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListSecretVersionsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretVersionsResponse()) + await client.list_secret_versions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_secret_versions_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretVersionsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_secret_versions( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_secret_versions_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_secret_versions( + service.ListSecretVersionsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_secret_versions_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListSecretVersionsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListSecretVersionsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_secret_versions( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_secret_versions_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_secret_versions( + service.ListSecretVersionsRequest(), + parent='parent_value', + ) + + +def test_list_secret_versions_pager(transport_name: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_secret_versions(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.SecretVersion) + for i in results) +def test_list_secret_versions_pages(transport_name: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + RuntimeError, + ) + pages = list(client.list_secret_versions(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_secret_versions_async_pager(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_secret_versions(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.SecretVersion) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_secret_versions_async_pages(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_secret_versions), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + RuntimeError, + ) + pages = [] + # Workaround issue in python 3.9 related to code coverage by adding `# pragma: no branch` + # See https://github.com/googleapis/gapic-generator-python/pull/1174#issuecomment-1025132372 + async for page_ in ( # pragma: no branch + await client.list_secret_versions(request={}) + ).pages: + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.GetSecretVersionRequest, + dict, +]) +def test_get_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + response = client.get_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.GetSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_get_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + client.get_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretVersionRequest() + + +def test_get_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.GetSecretVersionRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + client.get_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretVersionRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.get_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSecretVersionRequest() + +@pytest.mark.asyncio +async def test_get_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.GetSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.get_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.GetSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +@pytest.mark.asyncio +async def test_get_secret_version_async_from_dict(): + await test_get_secret_version_async(request_type=dict) + + +def test_get_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.get_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.get_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_secret_version( + service.GetSecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_secret_version( + service.GetSecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.AccessSecretVersionRequest, + dict, +]) +def test_access_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.AccessSecretVersionResponse( + name='name_value', + ) + response = client.access_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.AccessSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, service.AccessSecretVersionResponse) + assert response.name == 'name_value' + + +def test_access_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + client.access_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AccessSecretVersionRequest() + + +def test_access_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.AccessSecretVersionRequest( + name='name_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + client.access_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AccessSecretVersionRequest( + name='name_value', + ) + +@pytest.mark.asyncio +async def test_access_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.AccessSecretVersionResponse( + name='name_value', + )) + response = await client.access_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.AccessSecretVersionRequest() + +@pytest.mark.asyncio +async def test_access_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.AccessSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.AccessSecretVersionResponse( + name='name_value', + )) + response = await client.access_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.AccessSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, service.AccessSecretVersionResponse) + assert response.name == 'name_value' + + +@pytest.mark.asyncio +async def test_access_secret_version_async_from_dict(): + await test_access_secret_version_async(request_type=dict) + + +def test_access_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.AccessSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + call.return_value = service.AccessSecretVersionResponse() + client.access_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_access_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.AccessSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.AccessSecretVersionResponse()) + await client.access_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_access_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.AccessSecretVersionResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.access_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_access_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.access_secret_version( + service.AccessSecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_access_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.access_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.AccessSecretVersionResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.AccessSecretVersionResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.access_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_access_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.access_secret_version( + service.AccessSecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.DisableSecretVersionRequest, + dict, +]) +def test_disable_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + response = client.disable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.DisableSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_disable_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + client.disable_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DisableSecretVersionRequest() + + +def test_disable_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.DisableSecretVersionRequest( + name='name_value', + etag='etag_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + client.disable_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DisableSecretVersionRequest( + name='name_value', + etag='etag_value', + ) + +@pytest.mark.asyncio +async def test_disable_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.disable_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DisableSecretVersionRequest() + +@pytest.mark.asyncio +async def test_disable_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.DisableSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.disable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.DisableSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +@pytest.mark.asyncio +async def test_disable_secret_version_async_from_dict(): + await test_disable_secret_version_async(request_type=dict) + + +def test_disable_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DisableSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.disable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_disable_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DisableSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.disable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_disable_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.disable_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_disable_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.disable_secret_version( + service.DisableSecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_disable_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.disable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.disable_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_disable_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.disable_secret_version( + service.DisableSecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.EnableSecretVersionRequest, + dict, +]) +def test_enable_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + response = client.enable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.EnableSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_enable_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + client.enable_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.EnableSecretVersionRequest() + + +def test_enable_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.EnableSecretVersionRequest( + name='name_value', + etag='etag_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + client.enable_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.EnableSecretVersionRequest( + name='name_value', + etag='etag_value', + ) + +@pytest.mark.asyncio +async def test_enable_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.enable_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.EnableSecretVersionRequest() + +@pytest.mark.asyncio +async def test_enable_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.EnableSecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.enable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.EnableSecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +@pytest.mark.asyncio +async def test_enable_secret_version_async_from_dict(): + await test_enable_secret_version_async(request_type=dict) + + +def test_enable_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.EnableSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.enable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_enable_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.EnableSecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.enable_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_enable_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.enable_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_enable_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.enable_secret_version( + service.EnableSecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_enable_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.enable_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.enable_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_enable_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.enable_secret_version( + service.EnableSecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.DestroySecretVersionRequest, + dict, +]) +def test_destroy_secret_version(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + response = client.destroy_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = service.DestroySecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_destroy_secret_version_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + client.destroy_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DestroySecretVersionRequest() + + +def test_destroy_secret_version_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = service.DestroySecretVersionRequest( + name='name_value', + etag='etag_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + client.destroy_secret_version(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DestroySecretVersionRequest( + name='name_value', + etag='etag_value', + ) + +@pytest.mark.asyncio +async def test_destroy_secret_version_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.destroy_secret_version() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DestroySecretVersionRequest() + +@pytest.mark.asyncio +async def test_destroy_secret_version_async(transport: str = 'grpc_asyncio', request_type=service.DestroySecretVersionRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + )) + response = await client.destroy_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = service.DestroySecretVersionRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +@pytest.mark.asyncio +async def test_destroy_secret_version_async_from_dict(): + await test_destroy_secret_version_async(request_type=dict) + + +def test_destroy_secret_version_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DestroySecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + call.return_value = resources.SecretVersion() + client.destroy_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_destroy_secret_version_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DestroySecretVersionRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + await client.destroy_secret_version(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_destroy_secret_version_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.destroy_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_destroy_secret_version_flattened_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.destroy_secret_version( + service.DestroySecretVersionRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_destroy_secret_version_flattened_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.destroy_secret_version), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.SecretVersion() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.SecretVersion()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.destroy_secret_version( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_destroy_secret_version_flattened_error_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.destroy_secret_version( + service.DestroySecretVersionRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.SetIamPolicyRequest, + dict, +]) +def test_set_iam_policy(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = policy_pb2.Policy( + version=774, + etag=b'etag_blob', + ) + response = client.set_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.SetIamPolicyRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +def test_set_iam_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + client.set_iam_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.SetIamPolicyRequest() + + +def test_set_iam_policy_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = iam_policy_pb2.SetIamPolicyRequest( + resource='resource_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + client.set_iam_policy(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.SetIamPolicyRequest( + resource='resource_value', + ) + +@pytest.mark.asyncio +async def test_set_iam_policy_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy( + version=774, + etag=b'etag_blob', + )) + response = await client.set_iam_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.SetIamPolicyRequest() + +@pytest.mark.asyncio +async def test_set_iam_policy_async(transport: str = 'grpc_asyncio', request_type=iam_policy_pb2.SetIamPolicyRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy( + version=774, + etag=b'etag_blob', + )) + response = await client.set_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.SetIamPolicyRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +@pytest.mark.asyncio +async def test_set_iam_policy_async_from_dict(): + await test_set_iam_policy_async(request_type=dict) + + +def test_set_iam_policy_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.SetIamPolicyRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + call.return_value = policy_pb2.Policy() + client.set_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_set_iam_policy_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.SetIamPolicyRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy()) + await client.set_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + +def test_set_iam_policy_from_dict_foreign(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.set_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = policy_pb2.Policy() + response = client.set_iam_policy(request={ + 'resource': 'resource_value', + 'policy': policy_pb2.Policy(version=774), + 'update_mask': field_mask_pb2.FieldMask(paths=['paths_value']), + } + ) + call.assert_called() + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.GetIamPolicyRequest, + dict, +]) +def test_get_iam_policy(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = policy_pb2.Policy( + version=774, + etag=b'etag_blob', + ) + response = client.get_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.GetIamPolicyRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +def test_get_iam_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + client.get_iam_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.GetIamPolicyRequest() + + +def test_get_iam_policy_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = iam_policy_pb2.GetIamPolicyRequest( + resource='resource_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + client.get_iam_policy(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.GetIamPolicyRequest( + resource='resource_value', + ) + +@pytest.mark.asyncio +async def test_get_iam_policy_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy( + version=774, + etag=b'etag_blob', + )) + response = await client.get_iam_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.GetIamPolicyRequest() + +@pytest.mark.asyncio +async def test_get_iam_policy_async(transport: str = 'grpc_asyncio', request_type=iam_policy_pb2.GetIamPolicyRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy( + version=774, + etag=b'etag_blob', + )) + response = await client.get_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.GetIamPolicyRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +@pytest.mark.asyncio +async def test_get_iam_policy_async_from_dict(): + await test_get_iam_policy_async(request_type=dict) + + +def test_get_iam_policy_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.GetIamPolicyRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + call.return_value = policy_pb2.Policy() + client.get_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_iam_policy_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.GetIamPolicyRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(policy_pb2.Policy()) + await client.get_iam_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + +def test_get_iam_policy_from_dict_foreign(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_iam_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = policy_pb2.Policy() + response = client.get_iam_policy(request={ + 'resource': 'resource_value', + 'options': options_pb2.GetPolicyOptions(requested_policy_version=2598), + } + ) + call.assert_called() + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.TestIamPermissionsRequest, + dict, +]) +def test_test_iam_permissions(request_type, transport: str = 'grpc'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = iam_policy_pb2.TestIamPermissionsResponse( + permissions=['permissions_value'], + ) + response = client.test_iam_permissions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.TestIamPermissionsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, iam_policy_pb2.TestIamPermissionsResponse) + assert response.permissions == ['permissions_value'] + + +def test_test_iam_permissions_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + client.test_iam_permissions() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.TestIamPermissionsRequest() + + +def test_test_iam_permissions_non_empty_request_with_auto_populated_field(): + # This test is a coverage failsafe to make sure that UUID4 fields are + # automatically populated, according to AIP-4235, with non-empty requests. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Populate all string fields in the request which are not UUID4 + # since we want to check that UUID4 are populated automatically + # if they meet the requirements of AIP 4235. + request = iam_policy_pb2.TestIamPermissionsRequest( + resource='resource_value', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + client.test_iam_permissions(request=request) + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.TestIamPermissionsRequest( + resource='resource_value', + ) + +@pytest.mark.asyncio +async def test_test_iam_permissions_empty_call_async(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc_asyncio', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(iam_policy_pb2.TestIamPermissionsResponse( + permissions=['permissions_value'], + )) + response = await client.test_iam_permissions() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == iam_policy_pb2.TestIamPermissionsRequest() + +@pytest.mark.asyncio +async def test_test_iam_permissions_async(transport: str = 'grpc_asyncio', request_type=iam_policy_pb2.TestIamPermissionsRequest): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(iam_policy_pb2.TestIamPermissionsResponse( + permissions=['permissions_value'], + )) + response = await client.test_iam_permissions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + request = iam_policy_pb2.TestIamPermissionsRequest() + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, iam_policy_pb2.TestIamPermissionsResponse) + assert response.permissions == ['permissions_value'] + + +@pytest.mark.asyncio +async def test_test_iam_permissions_async_from_dict(): + await test_test_iam_permissions_async(request_type=dict) + + +def test_test_iam_permissions_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.TestIamPermissionsRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + call.return_value = iam_policy_pb2.TestIamPermissionsResponse() + client.test_iam_permissions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_test_iam_permissions_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = iam_policy_pb2.TestIamPermissionsRequest() + + request.resource = 'resource_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(iam_policy_pb2.TestIamPermissionsResponse()) + await client.test_iam_permissions(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'resource=resource_value', + ) in kw['metadata'] + +def test_test_iam_permissions_from_dict_foreign(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.test_iam_permissions), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = iam_policy_pb2.TestIamPermissionsResponse() + response = client.test_iam_permissions(request={ + 'resource': 'resource_value', + 'permissions': ['permissions_value'], + } + ) + call.assert_called() + + +@pytest.mark.parametrize("request_type", [ + service.ListSecretsRequest, + dict, +]) +def test_list_secrets_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.ListSecretsResponse( + next_page_token='next_page_token_value', + total_size=1086, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.ListSecretsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.list_secrets(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretsPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +def test_list_secrets_rest_required_fields(request_type=service.ListSecretsRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_secrets._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["parent"] = 'parent_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_secrets._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("filter", "page_size", "page_token", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = service.ListSecretsResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = service.ListSecretsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.list_secrets(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_list_secrets_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.list_secrets._get_unset_required_fields({}) + assert set(unset_fields) == (set(("filter", "pageSize", "pageToken", )) & set(("parent", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_list_secrets_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_list_secrets") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_list_secrets") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.ListSecretsRequest.pb(service.ListSecretsRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = service.ListSecretsResponse.to_json(service.ListSecretsResponse()) + + request = service.ListSecretsRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = service.ListSecretsResponse() + + client.list_secrets(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_list_secrets_rest_bad_request(transport: str = 'rest', request_type=service.ListSecretsRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.list_secrets(request) + + +def test_list_secrets_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.ListSecretsResponse() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.ListSecretsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.list_secrets(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta2/{parent=projects/*}/secrets" % client.transport._host, args[1]) + + +def test_list_secrets_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_secrets( + service.ListSecretsRequest(), + parent='parent_value', + ) + + +def test_list_secrets_rest_pager(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # TODO(kbandes): remove this mock unless there's a good reason for it. + #with mock.patch.object(path_template, 'transcode') as transcode: + # Set the response as a series of pages + response = ( + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + resources.Secret(), + ], + next_page_token='abc', + ), + service.ListSecretsResponse( + secrets=[], + next_page_token='def', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + ], + next_page_token='ghi', + ), + service.ListSecretsResponse( + secrets=[ + resources.Secret(), + resources.Secret(), + ], + ), + ) + # Two responses for two calls + response = response + response + + # Wrap the values into proper Response objs + response = tuple(service.ListSecretsResponse.to_json(x) for x in response) + return_values = tuple(Response() for i in response) + for return_val, response_val in zip(return_values, response): + return_val._content = response_val.encode('UTF-8') + return_val.status_code = 200 + req.side_effect = return_values + + sample_request = {'parent': 'projects/sample1'} + + pager = client.list_secrets(request=sample_request) + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Secret) + for i in results) + + pages = list(client.list_secrets(request=sample_request).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + + +@pytest.mark.parametrize("request_type", [ + service.CreateSecretRequest, + dict, +]) +def test_create_secret_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request_init["secret"] = {'name': 'name_value', 'replication': {'automatic': {'customer_managed_encryption': {'kms_key_name': 'kms_key_name_value'}}, 'user_managed': {'replicas': [{'location': 'location_value', 'customer_managed_encryption': {}}]}}, 'create_time': {'seconds': 751, 'nanos': 543}, 'labels': {}, 'topics': [{'name': 'name_value'}], 'expire_time': {}, 'ttl': {'seconds': 751, 'nanos': 543}, 'etag': 'etag_value', 'rotation': {'next_rotation_time': {}, 'rotation_period': {}}, 'version_aliases': {}, 'annotations': {}, 'version_destroy_ttl': {}, 'customer_managed_encryption': {}} + # The version of a generated dependency at test runtime may differ from the version used during generation. + # Delete any fields which are not present in the current runtime dependency + # See https://github.com/googleapis/gapic-generator-python/issues/1748 + + # Determine if the message type is proto-plus or protobuf + test_field = service.CreateSecretRequest.meta.fields["secret"] + + def get_message_fields(field): + # Given a field which is a message (composite type), return a list with + # all the fields of the message. + # If the field is not a composite type, return an empty list. + message_fields = [] + + if hasattr(field, "message") and field.message: + is_field_type_proto_plus_type = not hasattr(field.message, "DESCRIPTOR") + + if is_field_type_proto_plus_type: + message_fields = field.message.meta.fields.values() + # Add `# pragma: NO COVER` because there may not be any `*_pb2` field types + else: # pragma: NO COVER + message_fields = field.message.DESCRIPTOR.fields + return message_fields + + runtime_nested_fields = [ + (field.name, nested_field.name) + for field in get_message_fields(test_field) + for nested_field in get_message_fields(field) + ] + + subfields_not_in_runtime = [] + + # For each item in the sample request, create a list of sub fields which are not present at runtime + # Add `# pragma: NO COVER` because this test code will not run if all subfields are present at runtime + for field, value in request_init["secret"].items(): # pragma: NO COVER + result = None + is_repeated = False + # For repeated fields + if isinstance(value, list) and len(value): + is_repeated = True + result = value[0] + # For fields where the type is another message + if isinstance(value, dict): + result = value + + if result and hasattr(result, "keys"): + for subfield in result.keys(): + if (field, subfield) not in runtime_nested_fields: + subfields_not_in_runtime.append( + {"field": field, "subfield": subfield, "is_repeated": is_repeated} + ) + + # Remove fields from the sample request which are not present in the runtime version of the dependency + # Add `# pragma: NO COVER` because this test code will not run if all subfields are present at runtime + for subfield_to_delete in subfields_not_in_runtime: # pragma: NO COVER + field = subfield_to_delete.get("field") + field_repeated = subfield_to_delete.get("is_repeated") + subfield = subfield_to_delete.get("subfield") + if subfield: + if field_repeated: + for i in range(0, len(request_init["secret"][field])): + del request_init["secret"][field][i][subfield] + else: + del request_init["secret"][field][subfield] + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret( + name='name_value', + etag='etag_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.create_secret(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +def test_create_secret_rest_required_fields(request_type=service.CreateSecretRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request_init["secret_id"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + assert "secretId" not in jsonified_request + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).create_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + assert "secretId" in jsonified_request + assert jsonified_request["secretId"] == request_init["secret_id"] + + jsonified_request["parent"] = 'parent_value' + jsonified_request["secretId"] = 'secret_id_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).create_secret._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("secret_id", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + assert "secretId" in jsonified_request + assert jsonified_request["secretId"] == 'secret_id_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.create_secret(request) + + expected_params = [ + ( + "secretId", + "", + ), + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_create_secret_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.create_secret._get_unset_required_fields({}) + assert set(unset_fields) == (set(("secretId", )) & set(("parent", "secretId", "secret", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_create_secret_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_create_secret") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_create_secret") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.CreateSecretRequest.pb(service.CreateSecretRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.Secret.to_json(resources.Secret()) + + request = service.CreateSecretRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.Secret() + + client.create_secret(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_create_secret_rest_bad_request(transport: str = 'rest', request_type=service.CreateSecretRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.create_secret(request) + + +def test_create_secret_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.create_secret(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta2/{parent=projects/*}/secrets" % client.transport._host, args[1]) + + +def test_create_secret_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_secret( + service.CreateSecretRequest(), + parent='parent_value', + secret_id='secret_id_value', + secret=resources.Secret(name='name_value'), + ) + + +def test_create_secret_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.AddSecretVersionRequest, + dict, +]) +def test_add_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.add_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_add_secret_version_rest_required_fields(request_type=service.AddSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).add_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["parent"] = 'parent_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).add_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.add_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_add_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.add_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("parent", "payload", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_add_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_add_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_add_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.AddSecretVersionRequest.pb(service.AddSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.AddSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.add_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_add_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.AddSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.add_secret_version(request) + + +def test_add_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1/secrets/sample2'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.add_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta2/{parent=projects/*/secrets/*}:addVersion" % client.transport._host, args[1]) + + +def test_add_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.add_secret_version( + service.AddSecretVersionRequest(), + parent='parent_value', + payload=resources.SecretPayload(data=b'data_blob'), + ) + + +def test_add_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSecretRequest, + dict, +]) +def test_get_secret_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret( + name='name_value', + etag='etag_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.get_secret(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +def test_get_secret_rest_required_fields(request_type=service.GetSecretRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.get_secret(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_get_secret_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.get_secret._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_get_secret_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_get_secret") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_get_secret") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.GetSecretRequest.pb(service.GetSecretRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.Secret.to_json(resources.Secret()) + + request = service.GetSecretRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.Secret() + + client.get_secret(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_get_secret_rest_bad_request(transport: str = 'rest', request_type=service.GetSecretRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.get_secret(request) + + +def test_get_secret_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.get_secret(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta2/{name=projects/*/secrets/*}" % client.transport._host, args[1]) + + +def test_get_secret_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_secret( + service.GetSecretRequest(), + name='name_value', + ) + + +def test_get_secret_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateSecretRequest, + dict, +]) +def test_update_secret_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'secret': {'name': 'projects/sample1/secrets/sample2'}} + request_init["secret"] = {'name': 'projects/sample1/secrets/sample2', 'replication': {'automatic': {'customer_managed_encryption': {'kms_key_name': 'kms_key_name_value'}}, 'user_managed': {'replicas': [{'location': 'location_value', 'customer_managed_encryption': {}}]}}, 'create_time': {'seconds': 751, 'nanos': 543}, 'labels': {}, 'topics': [{'name': 'name_value'}], 'expire_time': {}, 'ttl': {'seconds': 751, 'nanos': 543}, 'etag': 'etag_value', 'rotation': {'next_rotation_time': {}, 'rotation_period': {}}, 'version_aliases': {}, 'annotations': {}, 'version_destroy_ttl': {}, 'customer_managed_encryption': {}} + # The version of a generated dependency at test runtime may differ from the version used during generation. + # Delete any fields which are not present in the current runtime dependency + # See https://github.com/googleapis/gapic-generator-python/issues/1748 + + # Determine if the message type is proto-plus or protobuf + test_field = service.UpdateSecretRequest.meta.fields["secret"] + + def get_message_fields(field): + # Given a field which is a message (composite type), return a list with + # all the fields of the message. + # If the field is not a composite type, return an empty list. + message_fields = [] + + if hasattr(field, "message") and field.message: + is_field_type_proto_plus_type = not hasattr(field.message, "DESCRIPTOR") + + if is_field_type_proto_plus_type: + message_fields = field.message.meta.fields.values() + # Add `# pragma: NO COVER` because there may not be any `*_pb2` field types + else: # pragma: NO COVER + message_fields = field.message.DESCRIPTOR.fields + return message_fields + + runtime_nested_fields = [ + (field.name, nested_field.name) + for field in get_message_fields(test_field) + for nested_field in get_message_fields(field) + ] + + subfields_not_in_runtime = [] + + # For each item in the sample request, create a list of sub fields which are not present at runtime + # Add `# pragma: NO COVER` because this test code will not run if all subfields are present at runtime + for field, value in request_init["secret"].items(): # pragma: NO COVER + result = None + is_repeated = False + # For repeated fields + if isinstance(value, list) and len(value): + is_repeated = True + result = value[0] + # For fields where the type is another message + if isinstance(value, dict): + result = value + + if result and hasattr(result, "keys"): + for subfield in result.keys(): + if (field, subfield) not in runtime_nested_fields: + subfields_not_in_runtime.append( + {"field": field, "subfield": subfield, "is_repeated": is_repeated} + ) + + # Remove fields from the sample request which are not present in the runtime version of the dependency + # Add `# pragma: NO COVER` because this test code will not run if all subfields are present at runtime + for subfield_to_delete in subfields_not_in_runtime: # pragma: NO COVER + field = subfield_to_delete.get("field") + field_repeated = subfield_to_delete.get("is_repeated") + subfield = subfield_to_delete.get("subfield") + if subfield: + if field_repeated: + for i in range(0, len(request_init["secret"][field])): + del request_init["secret"][field][i][subfield] + else: + del request_init["secret"][field][subfield] + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret( + name='name_value', + etag='etag_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.update_secret(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Secret) + assert response.name == 'name_value' + assert response.etag == 'etag_value' + + +def test_update_secret_rest_required_fields(request_type=service.UpdateSecretRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).update_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).update_secret._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("update_mask", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "patch", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.update_secret(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_update_secret_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.update_secret._get_unset_required_fields({}) + assert set(unset_fields) == (set(("updateMask", )) & set(("secret", "updateMask", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_update_secret_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_update_secret") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_update_secret") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.UpdateSecretRequest.pb(service.UpdateSecretRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.Secret.to_json(resources.Secret()) + + request = service.UpdateSecretRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.Secret() + + client.update_secret(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_update_secret_rest_bad_request(transport: str = 'rest', request_type=service.UpdateSecretRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'secret': {'name': 'projects/sample1/secrets/sample2'}} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.update_secret(request) + + +def test_update_secret_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.Secret() + + # get arguments that satisfy an http rule for this method + sample_request = {'secret': {'name': 'projects/sample1/secrets/sample2'}} + + # get truthy value for each flattened field + mock_args = dict( + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.Secret.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.update_secret(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta2/{secret.name=projects/*/secrets/*}" % client.transport._host, args[1]) + + +def test_update_secret_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_secret( + service.UpdateSecretRequest(), + secret=resources.Secret(name='name_value'), + update_mask=field_mask_pb2.FieldMask(paths=['paths_value']), + ) + + +def test_update_secret_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.DeleteSecretRequest, + dict, +]) +def test_delete_secret_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = None + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = '' + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.delete_secret(request) + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_secret_rest_required_fields(request_type=service.DeleteSecretRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).delete_secret._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).delete_secret._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("etag", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = None + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "delete", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + json_return_value = '' + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.delete_secret(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_delete_secret_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.delete_secret._get_unset_required_fields({}) + assert set(unset_fields) == (set(("etag", )) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_delete_secret_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_delete_secret") as pre: + pre.assert_not_called() + pb_message = service.DeleteSecretRequest.pb(service.DeleteSecretRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + + request = service.DeleteSecretRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + + client.delete_secret(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + + +def test_delete_secret_rest_bad_request(transport: str = 'rest', request_type=service.DeleteSecretRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.delete_secret(request) + + +def test_delete_secret_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = None + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = '' + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.delete_secret(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta2/{name=projects/*/secrets/*}" % client.transport._host, args[1]) + + +def test_delete_secret_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_secret( + service.DeleteSecretRequest(), + name='name_value', + ) + + +def test_delete_secret_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListSecretVersionsRequest, + dict, +]) +def test_list_secret_versions_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.ListSecretVersionsResponse( + next_page_token='next_page_token_value', + total_size=1086, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.ListSecretVersionsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.list_secret_versions(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListSecretVersionsPager) + assert response.next_page_token == 'next_page_token_value' + assert response.total_size == 1086 + + +def test_list_secret_versions_rest_required_fields(request_type=service.ListSecretVersionsRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["parent"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_secret_versions._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["parent"] = 'parent_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).list_secret_versions._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("filter", "page_size", "page_token", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "parent" in jsonified_request + assert jsonified_request["parent"] == 'parent_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = service.ListSecretVersionsResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = service.ListSecretVersionsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.list_secret_versions(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_list_secret_versions_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.list_secret_versions._get_unset_required_fields({}) + assert set(unset_fields) == (set(("filter", "pageSize", "pageToken", )) & set(("parent", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_list_secret_versions_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_list_secret_versions") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_list_secret_versions") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.ListSecretVersionsRequest.pb(service.ListSecretVersionsRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = service.ListSecretVersionsResponse.to_json(service.ListSecretVersionsResponse()) + + request = service.ListSecretVersionsRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = service.ListSecretVersionsResponse() + + client.list_secret_versions(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_list_secret_versions_rest_bad_request(transport: str = 'rest', request_type=service.ListSecretVersionsRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'parent': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.list_secret_versions(request) + + +def test_list_secret_versions_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.ListSecretVersionsResponse() + + # get arguments that satisfy an http rule for this method + sample_request = {'parent': 'projects/sample1/secrets/sample2'} + + # get truthy value for each flattened field + mock_args = dict( + parent='parent_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.ListSecretVersionsResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.list_secret_versions(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta2/{parent=projects/*/secrets/*}/versions" % client.transport._host, args[1]) + + +def test_list_secret_versions_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_secret_versions( + service.ListSecretVersionsRequest(), + parent='parent_value', + ) + + +def test_list_secret_versions_rest_pager(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # TODO(kbandes): remove this mock unless there's a good reason for it. + #with mock.patch.object(path_template, 'transcode') as transcode: + # Set the response as a series of pages + response = ( + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + resources.SecretVersion(), + ], + next_page_token='abc', + ), + service.ListSecretVersionsResponse( + versions=[], + next_page_token='def', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + ], + next_page_token='ghi', + ), + service.ListSecretVersionsResponse( + versions=[ + resources.SecretVersion(), + resources.SecretVersion(), + ], + ), + ) + # Two responses for two calls + response = response + response + + # Wrap the values into proper Response objs + response = tuple(service.ListSecretVersionsResponse.to_json(x) for x in response) + return_values = tuple(Response() for i in response) + for return_val, response_val in zip(return_values, response): + return_val._content = response_val.encode('UTF-8') + return_val.status_code = 200 + req.side_effect = return_values + + sample_request = {'parent': 'projects/sample1/secrets/sample2'} + + pager = client.list_secret_versions(request=sample_request) + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.SecretVersion) + for i in results) + + pages = list(client.list_secret_versions(request=sample_request).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + + +@pytest.mark.parametrize("request_type", [ + service.GetSecretVersionRequest, + dict, +]) +def test_get_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.get_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_get_secret_version_rest_required_fields(request_type=service.GetSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.get_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_get_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.get_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_get_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_get_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_get_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.GetSecretVersionRequest.pb(service.GetSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.GetSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.get_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_get_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.GetSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.get_secret_version(request) + + +def test_get_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.get_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta2/{name=projects/*/secrets/*/versions/*}" % client.transport._host, args[1]) + + +def test_get_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_secret_version( + service.GetSecretVersionRequest(), + name='name_value', + ) + + +def test_get_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.AccessSecretVersionRequest, + dict, +]) +def test_access_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.AccessSecretVersionResponse( + name='name_value', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.AccessSecretVersionResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.access_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, service.AccessSecretVersionResponse) + assert response.name == 'name_value' + + +def test_access_secret_version_rest_required_fields(request_type=service.AccessSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).access_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).access_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = service.AccessSecretVersionResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = service.AccessSecretVersionResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.access_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_access_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.access_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_access_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_access_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_access_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.AccessSecretVersionRequest.pb(service.AccessSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = service.AccessSecretVersionResponse.to_json(service.AccessSecretVersionResponse()) + + request = service.AccessSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = service.AccessSecretVersionResponse() + + client.access_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_access_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.AccessSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.access_secret_version(request) + + +def test_access_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = service.AccessSecretVersionResponse() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = service.AccessSecretVersionResponse.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.access_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta2/{name=projects/*/secrets/*/versions/*}:access" % client.transport._host, args[1]) + + +def test_access_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.access_secret_version( + service.AccessSecretVersionRequest(), + name='name_value', + ) + + +def test_access_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.DisableSecretVersionRequest, + dict, +]) +def test_disable_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.disable_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_disable_secret_version_rest_required_fields(request_type=service.DisableSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).disable_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).disable_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.disable_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_disable_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.disable_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_disable_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_disable_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_disable_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.DisableSecretVersionRequest.pb(service.DisableSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.DisableSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.disable_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_disable_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.DisableSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.disable_secret_version(request) + + +def test_disable_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.disable_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta2/{name=projects/*/secrets/*/versions/*}:disable" % client.transport._host, args[1]) + + +def test_disable_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.disable_secret_version( + service.DisableSecretVersionRequest(), + name='name_value', + ) + + +def test_disable_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.EnableSecretVersionRequest, + dict, +]) +def test_enable_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.enable_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_enable_secret_version_rest_required_fields(request_type=service.EnableSecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).enable_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).enable_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.enable_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_enable_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.enable_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_enable_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_enable_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_enable_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.EnableSecretVersionRequest.pb(service.EnableSecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.EnableSecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.enable_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_enable_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.EnableSecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.enable_secret_version(request) + + +def test_enable_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.enable_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta2/{name=projects/*/secrets/*/versions/*}:enable" % client.transport._host, args[1]) + + +def test_enable_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.enable_secret_version( + service.EnableSecretVersionRequest(), + name='name_value', + ) + + +def test_enable_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + service.DestroySecretVersionRequest, + dict, +]) +def test_destroy_secret_version_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion( + name='name_value', + state=resources.SecretVersion.State.ENABLED, + etag='etag_value', + client_specified_payload_checksum=True, + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.destroy_secret_version(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.SecretVersion) + assert response.name == 'name_value' + assert response.state == resources.SecretVersion.State.ENABLED + assert response.etag == 'etag_value' + assert response.client_specified_payload_checksum is True + + +def test_destroy_secret_version_rest_required_fields(request_type=service.DestroySecretVersionRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["name"] = "" + request = request_type(**request_init) + pb_request = request_type.pb(request) + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).destroy_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["name"] = 'name_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).destroy_secret_version._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "name" in jsonified_request + assert jsonified_request["name"] == 'name_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request_type.pb(request) + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.destroy_secret_version(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_destroy_secret_version_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.destroy_secret_version._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("name", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_destroy_secret_version_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_destroy_secret_version") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_destroy_secret_version") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = service.DestroySecretVersionRequest.pb(service.DestroySecretVersionRequest()) + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = resources.SecretVersion.to_json(resources.SecretVersion()) + + request = service.DestroySecretVersionRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = resources.SecretVersion() + + client.destroy_secret_version(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_destroy_secret_version_rest_bad_request(transport: str = 'rest', request_type=service.DestroySecretVersionRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.destroy_secret_version(request) + + +def test_destroy_secret_version_rest_flattened(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = resources.SecretVersion() + + # get arguments that satisfy an http rule for this method + sample_request = {'name': 'projects/sample1/secrets/sample2/versions/sample3'} + + # get truthy value for each flattened field + mock_args = dict( + name='name_value', + ) + mock_args.update(sample_request) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + # Convert return value to protobuf type + return_value = resources.SecretVersion.pb(return_value) + json_return_value = json_format.MessageToJson(return_value) + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + client.destroy_secret_version(**mock_args) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(req.mock_calls) == 1 + _, args, _ = req.mock_calls[0] + assert path_template.validate("%s/v1beta2/{name=projects/*/secrets/*/versions/*}:destroy" % client.transport._host, args[1]) + + +def test_destroy_secret_version_rest_flattened_error(transport: str = 'rest'): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.destroy_secret_version( + service.DestroySecretVersionRequest(), + name='name_value', + ) + + +def test_destroy_secret_version_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.SetIamPolicyRequest, + dict, +]) +def test_set_iam_policy_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = policy_pb2.Policy( + version=774, + etag=b'etag_blob', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.set_iam_policy(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +def test_set_iam_policy_rest_required_fields(request_type=iam_policy_pb2.SetIamPolicyRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["resource"] = "" + request = request_type(**request_init) + pb_request = request + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).set_iam_policy._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["resource"] = 'resource_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).set_iam_policy._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "resource" in jsonified_request + assert jsonified_request["resource"] == 'resource_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = policy_pb2.Policy() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.set_iam_policy(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_set_iam_policy_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.set_iam_policy._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("resource", "policy", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_set_iam_policy_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_set_iam_policy") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_set_iam_policy") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = iam_policy_pb2.SetIamPolicyRequest() + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = json_format.MessageToJson(policy_pb2.Policy()) + + request = iam_policy_pb2.SetIamPolicyRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = policy_pb2.Policy() + + client.set_iam_policy(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_set_iam_policy_rest_bad_request(transport: str = 'rest', request_type=iam_policy_pb2.SetIamPolicyRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.set_iam_policy(request) + + +def test_set_iam_policy_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.GetIamPolicyRequest, + dict, +]) +def test_get_iam_policy_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = policy_pb2.Policy( + version=774, + etag=b'etag_blob', + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.get_iam_policy(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, policy_pb2.Policy) + assert response.version == 774 + assert response.etag == b'etag_blob' + + +def test_get_iam_policy_rest_required_fields(request_type=iam_policy_pb2.GetIamPolicyRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["resource"] = "" + request = request_type(**request_init) + pb_request = request + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_iam_policy._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["resource"] = 'resource_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).get_iam_policy._get_unset_required_fields(jsonified_request) + # Check that path parameters and body parameters are not mixing in. + assert not set(unset_fields) - set(("options", )) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "resource" in jsonified_request + assert jsonified_request["resource"] == 'resource_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = policy_pb2.Policy() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "get", + 'query_params': pb_request, + } + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.get_iam_policy(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_get_iam_policy_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.get_iam_policy._get_unset_required_fields({}) + assert set(unset_fields) == (set(("options", )) & set(("resource", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_get_iam_policy_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_get_iam_policy") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_get_iam_policy") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = iam_policy_pb2.GetIamPolicyRequest() + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = json_format.MessageToJson(policy_pb2.Policy()) + + request = iam_policy_pb2.GetIamPolicyRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = policy_pb2.Policy() + + client.get_iam_policy(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_get_iam_policy_rest_bad_request(transport: str = 'rest', request_type=iam_policy_pb2.GetIamPolicyRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.get_iam_policy(request) + + +def test_get_iam_policy_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +@pytest.mark.parametrize("request_type", [ + iam_policy_pb2.TestIamPermissionsRequest, + dict, +]) +def test_test_iam_permissions_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = iam_policy_pb2.TestIamPermissionsResponse( + permissions=['permissions_value'], + ) + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + response = client.test_iam_permissions(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, iam_policy_pb2.TestIamPermissionsResponse) + assert response.permissions == ['permissions_value'] + + +def test_test_iam_permissions_rest_required_fields(request_type=iam_policy_pb2.TestIamPermissionsRequest): + transport_class = transports.SecretManagerServiceRestTransport + + request_init = {} + request_init["resource"] = "" + request_init["permissions"] = "" + request = request_type(**request_init) + pb_request = request + jsonified_request = json.loads(json_format.MessageToJson( + pb_request, + use_integers_for_enums=False + )) + + # verify fields with default values are dropped + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).test_iam_permissions._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with default values are now present + + jsonified_request["resource"] = 'resource_value' + jsonified_request["permissions"] = 'permissions_value' + + unset_fields = transport_class(credentials=ga_credentials.AnonymousCredentials()).test_iam_permissions._get_unset_required_fields(jsonified_request) + jsonified_request.update(unset_fields) + + # verify required fields with non-default values are left alone + assert "resource" in jsonified_request + assert jsonified_request["resource"] == 'resource_value' + assert "permissions" in jsonified_request + assert jsonified_request["permissions"] == 'permissions_value' + + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest', + ) + request = request_type(**request_init) + + # Designate an appropriate value for the returned response. + return_value = iam_policy_pb2.TestIamPermissionsResponse() + # Mock the http request call within the method and fake a response. + with mock.patch.object(Session, 'request') as req: + # We need to mock transcode() because providing default values + # for required fields will fail the real version if the http_options + # expect actual values for those fields. + with mock.patch.object(path_template, 'transcode') as transcode: + # A uri without fields and an empty body will force all the + # request fields to show up in the query_params. + pb_request = request + transcode_result = { + 'uri': 'v1/sample_method', + 'method': "post", + 'query_params': pb_request, + } + transcode_result['body'] = pb_request + transcode.return_value = transcode_result + + response_value = Response() + response_value.status_code = 200 + + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.test_iam_permissions(request) + + expected_params = [ + ('$alt', 'json;enum-encoding=int') + ] + actual_params = req.call_args.kwargs['params'] + assert expected_params == actual_params + + +def test_test_iam_permissions_rest_unset_required_fields(): + transport = transports.SecretManagerServiceRestTransport(credentials=ga_credentials.AnonymousCredentials) + + unset_fields = transport.test_iam_permissions._get_unset_required_fields({}) + assert set(unset_fields) == (set(()) & set(("resource", "permissions", ))) + + +@pytest.mark.parametrize("null_interceptor", [True, False]) +def test_test_iam_permissions_rest_interceptors(null_interceptor): + transport = transports.SecretManagerServiceRestTransport( + credentials=ga_credentials.AnonymousCredentials(), + interceptor=None if null_interceptor else transports.SecretManagerServiceRestInterceptor(), + ) + client = SecretManagerServiceClient(transport=transport) + with mock.patch.object(type(client.transport._session), "request") as req, \ + mock.patch.object(path_template, "transcode") as transcode, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "post_test_iam_permissions") as post, \ + mock.patch.object(transports.SecretManagerServiceRestInterceptor, "pre_test_iam_permissions") as pre: + pre.assert_not_called() + post.assert_not_called() + pb_message = iam_policy_pb2.TestIamPermissionsRequest() + transcode.return_value = { + "method": "post", + "uri": "my_uri", + "body": pb_message, + "query_params": pb_message, + } + + req.return_value = Response() + req.return_value.status_code = 200 + req.return_value.request = PreparedRequest() + req.return_value._content = json_format.MessageToJson(iam_policy_pb2.TestIamPermissionsResponse()) + + request = iam_policy_pb2.TestIamPermissionsRequest() + metadata =[ + ("key", "val"), + ("cephalopod", "squid"), + ] + pre.return_value = request, metadata + post.return_value = iam_policy_pb2.TestIamPermissionsResponse() + + client.test_iam_permissions(request, metadata=[("key", "val"), ("cephalopod", "squid"),]) + + pre.assert_called_once() + post.assert_called_once() + + +def test_test_iam_permissions_rest_bad_request(transport: str = 'rest', request_type=iam_policy_pb2.TestIamPermissionsRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # send a request that will satisfy transcoding + request_init = {'resource': 'projects/sample1/secrets/sample2'} + request = request_type(**request_init) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.test_iam_permissions(request) + + +def test_test_iam_permissions_rest_error(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport='rest' + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SecretManagerServiceClient( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = SecretManagerServiceClient(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.SecretManagerServiceGrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.SecretManagerServiceGrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.SecretManagerServiceGrpcTransport, + transports.SecretManagerServiceGrpcAsyncIOTransport, + transports.SecretManagerServiceRestTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "rest", +]) +def test_transport_kind(transport_name): + transport = SecretManagerServiceClient.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.SecretManagerServiceGrpcTransport, + ) + +def test_secret_manager_service_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.SecretManagerServiceTransport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_secret_manager_service_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.secretmanager_v1beta2.services.secret_manager_service.transports.SecretManagerServiceTransport.__init__') as Transport: + Transport.return_value = None + transport = transports.SecretManagerServiceTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'list_secrets', + 'create_secret', + 'add_secret_version', + 'get_secret', + 'update_secret', + 'delete_secret', + 'list_secret_versions', + 'get_secret_version', + 'access_secret_version', + 'disable_secret_version', + 'enable_secret_version', + 'destroy_secret_version', + 'set_iam_policy', + 'get_iam_policy', + 'test_iam_permissions', + 'get_location', + 'list_locations', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_secret_manager_service_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.secretmanager_v1beta2.services.secret_manager_service.transports.SecretManagerServiceTransport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SecretManagerServiceTransport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_secret_manager_service_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.secretmanager_v1beta2.services.secret_manager_service.transports.SecretManagerServiceTransport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SecretManagerServiceTransport() + adc.assert_called_once() + + +def test_secret_manager_service_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + SecretManagerServiceClient() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SecretManagerServiceGrpcTransport, + transports.SecretManagerServiceGrpcAsyncIOTransport, + ], +) +def test_secret_manager_service_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SecretManagerServiceGrpcTransport, + transports.SecretManagerServiceGrpcAsyncIOTransport, + transports.SecretManagerServiceRestTransport, + ], +) +def test_secret_manager_service_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.SecretManagerServiceGrpcTransport, grpc_helpers), + (transports.SecretManagerServiceGrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_secret_manager_service_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "secretmanager.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="secretmanager.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.SecretManagerServiceGrpcTransport, transports.SecretManagerServiceGrpcAsyncIOTransport]) +def test_secret_manager_service_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + +def test_secret_manager_service_http_transport_client_cert_source_for_mtls(): + cred = ga_credentials.AnonymousCredentials() + with mock.patch("google.auth.transport.requests.AuthorizedSession.configure_mtls_channel") as mock_configure_mtls_channel: + transports.SecretManagerServiceRestTransport ( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + mock_configure_mtls_channel.assert_called_once_with(client_cert_source_callback) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", + "rest", +]) +def test_secret_manager_service_host_no_port(transport_name): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='secretmanager.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'secretmanager.googleapis.com:443' + if transport_name in ['grpc', 'grpc_asyncio'] + else 'https://secretmanager.googleapis.com' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", + "rest", +]) +def test_secret_manager_service_host_with_port(transport_name): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='secretmanager.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'secretmanager.googleapis.com:8000' + if transport_name in ['grpc', 'grpc_asyncio'] + else 'https://secretmanager.googleapis.com:8000' + ) + +@pytest.mark.parametrize("transport_name", [ + "rest", +]) +def test_secret_manager_service_client_transport_session_collision(transport_name): + creds1 = ga_credentials.AnonymousCredentials() + creds2 = ga_credentials.AnonymousCredentials() + client1 = SecretManagerServiceClient( + credentials=creds1, + transport=transport_name, + ) + client2 = SecretManagerServiceClient( + credentials=creds2, + transport=transport_name, + ) + session1 = client1.transport.list_secrets._session + session2 = client2.transport.list_secrets._session + assert session1 != session2 + session1 = client1.transport.create_secret._session + session2 = client2.transport.create_secret._session + assert session1 != session2 + session1 = client1.transport.add_secret_version._session + session2 = client2.transport.add_secret_version._session + assert session1 != session2 + session1 = client1.transport.get_secret._session + session2 = client2.transport.get_secret._session + assert session1 != session2 + session1 = client1.transport.update_secret._session + session2 = client2.transport.update_secret._session + assert session1 != session2 + session1 = client1.transport.delete_secret._session + session2 = client2.transport.delete_secret._session + assert session1 != session2 + session1 = client1.transport.list_secret_versions._session + session2 = client2.transport.list_secret_versions._session + assert session1 != session2 + session1 = client1.transport.get_secret_version._session + session2 = client2.transport.get_secret_version._session + assert session1 != session2 + session1 = client1.transport.access_secret_version._session + session2 = client2.transport.access_secret_version._session + assert session1 != session2 + session1 = client1.transport.disable_secret_version._session + session2 = client2.transport.disable_secret_version._session + assert session1 != session2 + session1 = client1.transport.enable_secret_version._session + session2 = client2.transport.enable_secret_version._session + assert session1 != session2 + session1 = client1.transport.destroy_secret_version._session + session2 = client2.transport.destroy_secret_version._session + assert session1 != session2 + session1 = client1.transport.set_iam_policy._session + session2 = client2.transport.set_iam_policy._session + assert session1 != session2 + session1 = client1.transport.get_iam_policy._session + session2 = client2.transport.get_iam_policy._session + assert session1 != session2 + session1 = client1.transport.test_iam_permissions._session + session2 = client2.transport.test_iam_permissions._session + assert session1 != session2 +def test_secret_manager_service_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SecretManagerServiceGrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_secret_manager_service_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SecretManagerServiceGrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SecretManagerServiceGrpcTransport, transports.SecretManagerServiceGrpcAsyncIOTransport]) +def test_secret_manager_service_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SecretManagerServiceGrpcTransport, transports.SecretManagerServiceGrpcAsyncIOTransport]) +def test_secret_manager_service_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_secret_path(): + project = "squid" + secret = "clam" + expected = "projects/{project}/secrets/{secret}".format(project=project, secret=secret, ) + actual = SecretManagerServiceClient.secret_path(project, secret) + assert expected == actual + + +def test_parse_secret_path(): + expected = { + "project": "whelk", + "secret": "octopus", + } + path = SecretManagerServiceClient.secret_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_secret_path(path) + assert expected == actual + +def test_secret_version_path(): + project = "oyster" + secret = "nudibranch" + secret_version = "cuttlefish" + expected = "projects/{project}/secrets/{secret}/versions/{secret_version}".format(project=project, secret=secret, secret_version=secret_version, ) + actual = SecretManagerServiceClient.secret_version_path(project, secret, secret_version) + assert expected == actual + + +def test_parse_secret_version_path(): + expected = { + "project": "mussel", + "secret": "winkle", + "secret_version": "nautilus", + } + path = SecretManagerServiceClient.secret_version_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_secret_version_path(path) + assert expected == actual + +def test_topic_path(): + project = "scallop" + topic = "abalone" + expected = "projects/{project}/topics/{topic}".format(project=project, topic=topic, ) + actual = SecretManagerServiceClient.topic_path(project, topic) + assert expected == actual + + +def test_parse_topic_path(): + expected = { + "project": "squid", + "topic": "clam", + } + path = SecretManagerServiceClient.topic_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_topic_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "whelk" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = SecretManagerServiceClient.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "octopus", + } + path = SecretManagerServiceClient.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "oyster" + expected = "folders/{folder}".format(folder=folder, ) + actual = SecretManagerServiceClient.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nudibranch", + } + path = SecretManagerServiceClient.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "cuttlefish" + expected = "organizations/{organization}".format(organization=organization, ) + actual = SecretManagerServiceClient.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "mussel", + } + path = SecretManagerServiceClient.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "winkle" + expected = "projects/{project}".format(project=project, ) + actual = SecretManagerServiceClient.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "nautilus", + } + path = SecretManagerServiceClient.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "scallop" + location = "abalone" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = SecretManagerServiceClient.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "squid", + "location": "clam", + } + path = SecretManagerServiceClient.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = SecretManagerServiceClient.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.SecretManagerServiceTransport, '_prep_wrapped_messages') as prep: + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.SecretManagerServiceTransport, '_prep_wrapped_messages') as prep: + transport_class = SecretManagerServiceClient.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_get_location_rest_bad_request(transport: str = 'rest', request_type=locations_pb2.GetLocationRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + request = request_type() + request = json_format.ParseDict({'name': 'projects/sample1/locations/sample2'}, request) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.get_location(request) + +@pytest.mark.parametrize("request_type", [ + locations_pb2.GetLocationRequest, + dict, +]) +def test_get_location_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + request_init = {'name': 'projects/sample1/locations/sample2'} + request = request_type(**request_init) + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = locations_pb2.Location() + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.get_location(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, locations_pb2.Location) + +def test_list_locations_rest_bad_request(transport: str = 'rest', request_type=locations_pb2.ListLocationsRequest): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + request = request_type() + request = json_format.ParseDict({'name': 'projects/sample1'}, request) + + # Mock the http request call within the method and fake a BadRequest error. + with mock.patch.object(Session, 'request') as req, pytest.raises(core_exceptions.BadRequest): + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 400 + response_value.request = Request() + req.return_value = response_value + client.list_locations(request) + +@pytest.mark.parametrize("request_type", [ + locations_pb2.ListLocationsRequest, + dict, +]) +def test_list_locations_rest(request_type): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="rest", + ) + request_init = {'name': 'projects/sample1'} + request = request_type(**request_init) + # Mock the http request call within the method and fake a response. + with mock.patch.object(type(client.transport._session), 'request') as req: + # Designate an appropriate value for the returned response. + return_value = locations_pb2.ListLocationsResponse() + + # Wrap the value into a proper Response obj + response_value = Response() + response_value.status_code = 200 + json_return_value = json_format.MessageToJson(return_value) + + response_value._content = json_return_value.encode('UTF-8') + req.return_value = response_value + + response = client.list_locations(request) + + # Establish that the response is the type that we expect. + assert isinstance(response, locations_pb2.ListLocationsResponse) + + +def test_list_locations(transport: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = locations_pb2.ListLocationsRequest() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = locations_pb2.ListLocationsResponse() + response = client.list_locations(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, locations_pb2.ListLocationsResponse) +@pytest.mark.asyncio +async def test_list_locations_async(transport: str = "grpc_asyncio"): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = locations_pb2.ListLocationsRequest() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( + locations_pb2.ListLocationsResponse() + ) + response = await client.list_locations(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, locations_pb2.ListLocationsResponse) + +def test_list_locations_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = locations_pb2.ListLocationsRequest() + request.name = "locations" + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + call.return_value = locations_pb2.ListLocationsResponse() + + client.list_locations(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ("x-goog-request-params", "name=locations",) in kw["metadata"] +@pytest.mark.asyncio +async def test_list_locations_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = locations_pb2.ListLocationsRequest() + request.name = "locations" + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( + locations_pb2.ListLocationsResponse() + ) + await client.list_locations(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ("x-goog-request-params", "name=locations",) in kw["metadata"] + +def test_list_locations_from_dict(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = locations_pb2.ListLocationsResponse() + + response = client.list_locations( + request={ + "name": "locations", + } + ) + call.assert_called() +@pytest.mark.asyncio +async def test_list_locations_from_dict_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( + locations_pb2.ListLocationsResponse() + ) + response = await client.list_locations( + request={ + "name": "locations", + } + ) + call.assert_called() + + +def test_get_location(transport: str = "grpc"): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = locations_pb2.GetLocationRequest() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.get_location), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = locations_pb2.Location() + response = client.get_location(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, locations_pb2.Location) +@pytest.mark.asyncio +async def test_get_location_async(transport: str = "grpc_asyncio"): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = locations_pb2.GetLocationRequest() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.get_location), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( + locations_pb2.Location() + ) + response = await client.get_location(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the response is the type that we expect. + assert isinstance(response, locations_pb2.Location) + +def test_get_location_field_headers(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials()) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = locations_pb2.GetLocationRequest() + request.name = "locations/abc" + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.get_location), "__call__") as call: + call.return_value = locations_pb2.Location() + + client.get_location(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ("x-goog-request-params", "name=locations/abc",) in kw["metadata"] +@pytest.mark.asyncio +async def test_get_location_field_headers_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials() + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = locations_pb2.GetLocationRequest() + request.name = "locations/abc" + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.get_location), "__call__") as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( + locations_pb2.Location() + ) + await client.get_location(request) + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ("x-goog-request-params", "name=locations/abc",) in kw["metadata"] + +def test_get_location_from_dict(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = locations_pb2.Location() + + response = client.get_location( + request={ + "name": "locations/abc", + } + ) + call.assert_called() +@pytest.mark.asyncio +async def test_get_location_from_dict_async(): + client = SecretManagerServiceAsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object(type(client.transport.list_locations), "__call__") as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( + locations_pb2.Location() + ) + response = await client.get_location( + request={ + "name": "locations", + } + ) + call.assert_called() + + +def test_transport_close(): + transports = { + "rest": "_session", + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'rest', + 'grpc', + ] + for transport in transports: + client = SecretManagerServiceClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (SecretManagerServiceClient, transports.SecretManagerServiceGrpcTransport), + (SecretManagerServiceAsyncClient, transports.SecretManagerServiceGrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client._DEFAULT_ENDPOINT_TEMPLATE.format(UNIVERSE_DOMAIN=client._DEFAULT_UNIVERSE), + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + )