From 251f78f779f74af5bad2cd7649243b30c962e119 Mon Sep 17 00:00:00 2001 From: Yash Saraf Date: Mon, 14 Apr 2025 10:57:37 +0000 Subject: [PATCH] chore(secretmanager): add global samples for delayed destroy --- .../createSecretWithDelayedDestroy.js | 54 ++++++++++++++++++ secret-manager/disableSecretDelayedDestroy.js | 48 ++++++++++++++++ secret-manager/test/secretmanager.test.js | 56 +++++++++++++++++++ .../updateSecretWithDelayedDestroy.js | 55 ++++++++++++++++++ 4 files changed, 213 insertions(+) create mode 100644 secret-manager/createSecretWithDelayedDestroy.js create mode 100644 secret-manager/disableSecretDelayedDestroy.js create mode 100644 secret-manager/updateSecretWithDelayedDestroy.js diff --git a/secret-manager/createSecretWithDelayedDestroy.js b/secret-manager/createSecretWithDelayedDestroy.js new file mode 100644 index 0000000000..a7fb38eb80 --- /dev/null +++ b/secret-manager/createSecretWithDelayedDestroy.js @@ -0,0 +1,54 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +async function main(parent, secretId, timeToLive) { + // [START secretmanager_create_secret_with_delayed_destroy] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const parent = 'projects/my-project'; + // const secretId = 'my-secret'; + // const timeToLive = 86400; + + // Imports the Secret Manager library + const {SecretManagerServiceClient} = require('@google-cloud/secret-manager'); + + // Instantiates a client + const client = new SecretManagerServiceClient(); + + async function createSecretWithDelayedDestroy() { + const [secret] = await client.createSecret({ + parent: parent, + secretId: secretId, + secret: { + replication: { + automatic: {}, + }, + version_destroy_ttl: { + seconds: timeToLive, + }, + }, + }); + + console.log(`Created secret ${secret.name}`); + } + + createSecretWithDelayedDestroy(); + // [END secretmanager_create_secret_with_delayed_destroy] +} + +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/secret-manager/disableSecretDelayedDestroy.js b/secret-manager/disableSecretDelayedDestroy.js new file mode 100644 index 0000000000..edac6d6f05 --- /dev/null +++ b/secret-manager/disableSecretDelayedDestroy.js @@ -0,0 +1,48 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +async function main(name = 'projects/my-project/secrets/my-secret') { + // [START secretmanager_disable_secret_delayed_destroy] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const name = 'projects/my-project/secrets/my-secret'; + + // Imports the Secret Manager library + const {SecretManagerServiceClient} = require('@google-cloud/secret-manager'); + + // Instantiates a client + const client = new SecretManagerServiceClient(); + + async function disableSecretDelayedDestroy() { + const [secret] = await client.updateSecret({ + secret: { + name: name, + }, + updateMask: { + paths: ['version_destroy_ttl'], + }, + }); + + console.info(`Disabled delayed destroy ${secret.name}`); + } + + disableSecretDelayedDestroy(); + // [END secretmanager_disable_secret_delayed_destroy] +} + +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/secret-manager/test/secretmanager.test.js b/secret-manager/test/secretmanager.test.js index 7813d5ec9c..fc13db8f8d 100644 --- a/secret-manager/test/secretmanager.test.js +++ b/secret-manager/test/secretmanager.test.js @@ -543,4 +543,60 @@ describe('Secret Manager samples', () => { ); assert.match(output, new RegExp(`Destroyed ${regionalVersion.name}`)); }); + + it('creates a secret with delayed destroy enabled', async () => { + const timeToLive = 24 * 60 * 60; + const output = execSync( + `node createSecretWithDelayedDestroy.js projects/${projectId} ${secretId}-2 ${timeToLive}` + ); + assert.match(output, new RegExp('Created secret')); + }); + + it('disables a secret delayed destroy', async () => { + await client.createSecret({ + parent: `projects/${projectId}`, + secretId: `${secretId}-delayedDestroy`, + secret: { + replication: { + automatic: {}, + }, + version_destroy_ttl: { + seconds: 24 * 60 * 60, + }, + }, + }); + + const output = execSync( + `node disableSecretDelayedDestroy.js ${secret.name}-delayedDestroy` + ); + assert.match(output, new RegExp('Disabled delayed destroy')); + + await client.deleteSecret({ + name: `${secret.name}-delayedDestroy`, + }); + }); + + it('updates a secret delayed destroy', async () => { + const updatedTimeToLive = 24 * 60 * 60 * 2; + await client.createSecret({ + parent: `projects/${projectId}`, + secretId: `${secretId}-delayedDestroy`, + secret: { + replication: { + automatic: {}, + }, + version_destroy_ttl: { + seconds: 24 * 60 * 60, + }, + }, + }); + + const output = execSync( + `node updateSecretWithDelayedDestroy.js ${secret.name}-delayedDestroy ${updatedTimeToLive}` + ); + assert.match(output, new RegExp('Updated secret')); + await client.deleteSecret({ + name: `${secret.name}-delayedDestroy`, + }); + }); }); diff --git a/secret-manager/updateSecretWithDelayedDestroy.js b/secret-manager/updateSecretWithDelayedDestroy.js new file mode 100644 index 0000000000..0c78fbfb06 --- /dev/null +++ b/secret-manager/updateSecretWithDelayedDestroy.js @@ -0,0 +1,55 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +async function main( + name = 'projects/my-project/secrets/my-secret', + updatedTimeToLive +) { + // [START secretmanager_update_secret_with_delayed_destroy] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const name = 'projects/my-project/secrets/my-secret'; + // const updatedTimeToLive = 86400; + + // Imports the Secret Manager library + const {SecretManagerServiceClient} = require('@google-cloud/secret-manager'); + + // Instantiates a client + const client = new SecretManagerServiceClient(); + + async function updateSecret() { + const [secret] = await client.updateSecret({ + secret: { + name: name, + version_destroy_ttl: { + seconds: updatedTimeToLive, + }, + }, + updateMask: { + paths: ['version_destroy_ttl'], + }, + }); + + console.info(`Updated secret ${secret.name}`); + } + + updateSecret(); + // [END secretmanager_update_secret_with_delayed_destroy] +} + +const args = process.argv.slice(2); +main(...args).catch(console.error);