diff --git a/dev/tasks/run-e2e b/dev/tasks/run-e2e index 2f8286b3fab..8c526afcbc3 100755 --- a/dev/tasks/run-e2e +++ b/dev/tasks/run-e2e @@ -26,7 +26,7 @@ if [[ -z "${KUBEBUILDER_ASSETS:-}" ]]; then fi if [[ -z "${KCC_USE_DIRECT_RECONCILERS:-}" ]]; then - KCC_USE_DIRECT_RECONCILERS=ComputeForwardingRule,GKEHubFeatureMembership,SecretManagerSecret,SecretManagerSecretVersion + KCC_USE_DIRECT_RECONCILERS=ComputeForwardingRule,GKEHubFeatureMembership fi echo "Using direct controllers: $KCC_USE_DIRECT_RECONCILERS" export KCC_USE_DIRECT_RECONCILERS diff --git a/mockgcp/mocksecretmanager/secrets.go b/mockgcp/mocksecretmanager/secrets.go index 273f865767e..5881ab2ede9 100644 --- a/mockgcp/mocksecretmanager/secrets.go +++ b/mockgcp/mocksecretmanager/secrets.go @@ -154,6 +154,10 @@ func (s *SecretsV1) UpdateSecret(ctx context.Context, req *pb.UpdateSecretReques updated.Expiration = &pb.Secret_ExpireTime{ ExpireTime: req.Secret.GetExpireTime(), } + case "ttl": + updated.Expiration = &pb.Secret_Ttl{ + Ttl: req.Secret.GetTtl(), + } case "expiration": updated.Expiration = req.Secret.GetExpiration() case "rotation.nextRotationTime": diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/basicsecretmanagersecret/_generated_object_basicsecretmanagersecret.golden.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/basicsecretmanagersecret/_generated_object_basicsecretmanagersecret.golden.yaml index 5c7711f63b4..3d459530e10 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/basicsecretmanagersecret/_generated_object_basicsecretmanagersecret.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/basicsecretmanagersecret/_generated_object_basicsecretmanagersecret.golden.yaml @@ -2,6 +2,7 @@ apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 kind: SecretManagerSecret metadata: annotations: + alpha.cnrm.cloud.google.com/reconciler: direct cnrm.cloud.google.com/management-conflict-prevention-policy: none cnrm.cloud.google.com/project-id: ${projectId} finalizers: diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_http.log index 0b2954bc15e..a1d0b8bdba8 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_http.log @@ -349,6 +349,7 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK +Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -362,7 +363,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_export_fullsecretmanagersecret-auto-legacy.golden b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_export_fullsecretmanagersecret-auto-legacy.golden new file mode 100644 index 00000000000..5568aa2b973 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_export_fullsecretmanagersecret-auto-legacy.golden @@ -0,0 +1,23 @@ +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/project-id: ${projectId} + labels: + cnrm-test: "true" + label-one: value-one + label-two: value-two + managed-by-cnrm: "true" + name: secretmanagersecret-${uniqueId} +spec: + annotations: + bar: secretmanagersecret-bar + foo: secretmanagersecret + expireTime: "2025-10-03T15:01:23Z" + resourceID: secretmanagersecret-${uniqueId} + rotation: + nextRotationTime: "2025-10-03T15:01:23Z" + rotationPeriod: 3600s + topics: + - topicRef: + external: projects/${projectId}/topics/topic-2-${uniqueId} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_object_fullsecretmanagersecret-auto-legacy.golden.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_object_fullsecretmanagersecret-auto-legacy.golden.yaml new file mode 100644 index 00000000000..79e787ac83d --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_object_fullsecretmanagersecret-auto-legacy.golden.yaml @@ -0,0 +1,40 @@ +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/management-conflict-prevention-policy: none + cnrm.cloud.google.com/project-id: ${projectId} + finalizers: + - cnrm.cloud.google.com/finalizer + - cnrm.cloud.google.com/deletion-defender + generation: 2 + labels: + cnrm-test: "true" + label-one: value-one + label-two: value-two + name: secretmanagersecret-${uniqueId} + namespace: ${uniqueId} +spec: + annotations: + bar: secretmanagersecret-bar + foo: secretmanagersecret + expireTime: "2025-10-03T15:01:23Z" + replication: + automatic: true + rotation: + nextRotationTime: "2025-10-03T15:01:23Z" + rotationPeriod: 3600s + topics: + - topicRef: + name: topic-2-${uniqueId} +status: + conditions: + - lastTransitionTime: "1970-01-01T00:00:00Z" + message: The resource is up to date + reason: UpToDate + status: "True" + type: Ready + externalRef: projects/${projectId}/secrets/secretmanagersecret-${uniqueId} + name: projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId} + observedGeneration: 2 + observedState: {} diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log index eb374fd98f1..473fe696823 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log @@ -167,6 +167,7 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK +Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -180,7 +181,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } @@ -380,9 +381,10 @@ X-Xss-Protection: 0 --- -GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint Content-Type: application/json -User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager +User-Agent: kcc/controller-manager +x-goog-request-params: name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} 404 Not Found Cache-Control: private @@ -405,9 +407,10 @@ X-Xss-Protection: 0 --- -POST https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets?alt=json&secretId=secretmanagersecret-${uniqueId} +POST https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets?%24alt=json%3Benum-encoding%3Dint&secretId=secretmanagersecret-${uniqueId} Content-Type: application/json -User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager +User-Agent: kcc/controller-manager +x-goog-request-params: parent=projects%2F${projectId} { "annotations": { @@ -473,9 +476,10 @@ X-Xss-Protection: 0 --- -GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint Content-Type: application/json -User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager +User-Agent: kcc/controller-manager +x-goog-request-params: name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} 200 OK Cache-Control: private @@ -517,15 +521,17 @@ X-Xss-Protection: 0 --- -PATCH https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json&updateMask=labels%2Cannotations%2Ctopics%2CexpireTime%2Crotation +PATCH https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint&updateMask=annotations%2CexpireTime%2Clabels%2Crotation.nextRotationTime%2Ctopics Content-Type: application/json -User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager +User-Agent: kcc/controller-manager +x-goog-request-params: secret.name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} { "annotations": { "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, + "etag": "abcdef0123A=", "expireTime": "2025-10-03T15:01:23Z", "labels": { "cnrm-test": "true", @@ -533,6 +539,7 @@ User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 t "label-two": "value-two", "managed-by-cnrm": "true" }, + "name": "projects/${projectId}/secrets/secretmanagersecret-${uniqueId}", "replication": { "automatic": {} }, @@ -635,9 +642,57 @@ X-Xss-Protection: 0 --- -DELETE https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint Content-Type: application/json -User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager +User-Agent: kcc/controller-manager +x-goog-request-params: name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "bar": "secretmanagersecret-bar", + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2025-10-03T15:01:23Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "label-two": "value-two", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "automatic": {} + }, + "rotation": { + "nextRotationTime": "2025-10-03T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" + } + ] +} + +--- + +DELETE https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint +Content-Type: application/json +User-Agent: kcc/controller-manager +x-goog-request-params: name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} 200 OK Cache-Control: private diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden index 9125a2c257a..e31ccbf64ce 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden @@ -13,7 +13,6 @@ spec: annotations: bar: secretmanagersecret-bar foo: secretmanagersecret - expireTime: "2024-12-12T05:00:40.845270931Z" replication: userManaged: replicas: diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log index 6b224e06db0..c7b7759bb4e 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log @@ -349,6 +349,7 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK +Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -362,7 +363,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } @@ -737,7 +738,6 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-12T05:00:28.938552436Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -764,7 +764,8 @@ X-Xss-Protection: 0 { "name": "projects/${projectId}/topics/topic-${uniqueId}" } - ] + ], + "ttl": "100s" } --- @@ -791,7 +792,6 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-12T05:00:28.938552436Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -818,12 +818,13 @@ X-Xss-Protection: 0 { "name": "projects/${projectId}/topics/topic-${uniqueId}" } - ] + ], + "ttl": "100s" } --- -PATCH https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint&updateMask=annotations%2CexpireTime%2Clabels%2Crotation.nextRotationTime%2Crotation.rotationPeriod%2Ctopics%2Cttl +PATCH https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint&updateMask=annotations%2Clabels%2Crotation.nextRotationTime%2Crotation.rotationPeriod%2Ctopics%2Cttl Content-Type: application/json User-Agent: kcc/controller-manager x-goog-request-params: secret.name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} @@ -883,7 +884,6 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-12T05:00:40.845270931Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -911,7 +911,8 @@ X-Xss-Protection: 0 { "name": "projects/${projectId}/topics/topic-2-${uniqueId}" } - ] + ], + "ttl": "110s" } --- @@ -938,7 +939,6 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-12T05:00:40.845270931Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -966,7 +966,8 @@ X-Xss-Protection: 0 { "name": "projects/${projectId}/topics/topic-2-${uniqueId}" } - ] + ], + "ttl": "110s" } --- @@ -994,7 +995,6 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-12T05:00:40.845270931Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -1022,7 +1022,8 @@ X-Xss-Protection: 0 { "name": "projects/${projectId}/topics/topic-2-${uniqueId}" } - ] + ], + "ttl": "110s" } --- diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden index 17ec875efea..fb86471fea3 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden @@ -13,7 +13,6 @@ spec: annotations: bar: secretmanagersecret-bar foo: secretmanagersecret - expireTime: "2024-12-12T04:55:16.450080998Z" replication: userManaged: replicas: diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_object_fullsecretmanagersecret-manual-legacy.golden.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_object_fullsecretmanagersecret-manual-legacy.golden.yaml index 41ac82ab178..00250ece316 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_object_fullsecretmanagersecret-manual-legacy.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_object_fullsecretmanagersecret-manual-legacy.golden.yaml @@ -4,11 +4,10 @@ metadata: annotations: cnrm.cloud.google.com/management-conflict-prevention-policy: none cnrm.cloud.google.com/project-id: ${projectId} - cnrm.cloud.google.com/state-into-spec: absent finalizers: - cnrm.cloud.google.com/finalizer - cnrm.cloud.google.com/deletion-defender - generation: 3 + generation: 2 labels: cnrm-test: "true" label-one: value-one @@ -26,7 +25,6 @@ spec: kmsKeyRef: name: kmscryptokey-${uniqueId} location: us-central1 - resourceID: secretmanagersecret-${uniqueId} rotation: nextRotationTime: "2025-10-03T15:01:23Z" rotationPeriod: 3600s @@ -41,5 +39,7 @@ status: reason: UpToDate status: "True" type: Ready + externalRef: projects/${projectId}/secrets/secretmanagersecret-${uniqueId} name: projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId} - observedGeneration: 3 + observedGeneration: 2 + observedState: {} diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log index 03d9081d33f..1e278260ee0 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log @@ -349,6 +349,7 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK +Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -362,7 +363,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } @@ -656,9 +657,10 @@ X-Xss-Protection: 0 --- -GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint Content-Type: application/json -User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager +User-Agent: kcc/controller-manager +x-goog-request-params: name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} 404 Not Found Cache-Control: private @@ -681,9 +683,10 @@ X-Xss-Protection: 0 --- -POST https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets?alt=json&secretId=secretmanagersecret-${uniqueId} +POST https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets?%24alt=json%3Benum-encoding%3Dint&secretId=secretmanagersecret-${uniqueId} Content-Type: application/json -User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager +User-Agent: kcc/controller-manager +x-goog-request-params: parent=projects%2F${projectId} { "annotations": { @@ -735,7 +738,6 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-12T04:55:16.450080998Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -762,14 +764,16 @@ X-Xss-Protection: 0 { "name": "projects/${projectId}/topics/topic-${uniqueId}" } - ] + ], + "ttl": "100s" } --- -GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint Content-Type: application/json -User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager +User-Agent: kcc/controller-manager +x-goog-request-params: name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} 200 OK Cache-Control: private @@ -788,7 +792,6 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-12T04:55:16.450080998Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -815,27 +818,30 @@ X-Xss-Protection: 0 { "name": "projects/${projectId}/topics/topic-${uniqueId}" } - ] + ], + "ttl": "100s" } --- -PATCH https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json&updateMask=labels%2Cannotations%2Ctopics%2Crotation +PATCH https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint&updateMask=annotations%2Clabels%2Crotation.nextRotationTime%2Ctopics%2Cttl Content-Type: application/json -User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager +User-Agent: kcc/controller-manager +x-goog-request-params: secret.name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} { "annotations": { "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "expireTime": "2024-12-12T04:55:16.450080998Z", + "etag": "abcdef0123A=", "labels": { "cnrm-test": "true", "label-one": "value-one", "label-two": "value-two", "managed-by-cnrm": "true" }, + "name": "projects/${projectId}/secrets/secretmanagersecret-${uniqueId}", "replication": { "userManaged": { "replicas": [ @@ -856,7 +862,8 @@ User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 t { "name": "projects/${projectId}/topics/topic-2-${uniqueId}" } - ] + ], + "ttl": "110s" } 200 OK @@ -877,7 +884,6 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-12T04:55:16.450080998Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -905,7 +911,8 @@ X-Xss-Protection: 0 { "name": "projects/${projectId}/topics/topic-2-${uniqueId}" } - ] + ], + "ttl": "110s" } --- @@ -932,7 +939,6 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-12T04:55:16.450080998Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -960,14 +966,72 @@ X-Xss-Protection: 0 { "name": "projects/${projectId}/topics/topic-2-${uniqueId}" } - ] + ], + "ttl": "110s" } --- -DELETE https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint Content-Type: application/json -User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager +User-Agent: kcc/controller-manager +x-goog-request-params: name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "bar": "secretmanagersecret-bar", + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "label-two": "value-two", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-03T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" + } + ], + "ttl": "110s" +} + +--- + +DELETE https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint +Content-Type: application/json +User-Agent: kcc/controller-manager +x-goog-request-params: name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} 200 OK Cache-Control: private