From 94a7548cc73267a44b98449171e21bde858e9ab5 Mon Sep 17 00:00:00 2001 From: Yuwen Ma Date: Thu, 12 Dec 2024 04:14:39 +0000 Subject: [PATCH 1/7] feat: add SecretManager manual replication feature --- apis/secretmanager/v1beta1/secret_types.go | 3 +-- ...rsecrets.secretmanager.cnrm.cloud.google.com.yaml | 3 ++- .../direct/secretmanager/secret_controller.go | 12 ++++++++++++ .../direct/secretmanager/secret_mapping.go | 3 +++ .../secretmanager/secretmanagersecret.md | 2 +- 5 files changed, 19 insertions(+), 4 deletions(-) diff --git a/apis/secretmanager/v1beta1/secret_types.go b/apis/secretmanager/v1beta1/secret_types.go index 6c5cbd4362..9c9418ebff 100644 --- a/apis/secretmanager/v1beta1/secret_types.go +++ b/apis/secretmanager/v1beta1/secret_types.go @@ -48,8 +48,7 @@ type SecretManagerSecretSpec struct { // This is always provided on output, regardless of what was sent on input. ExpireTime *string `json:"expireTime,omitempty"` - // Input only. The TTL for the - // [Secret][google.cloud.secretmanager.v1.Secret]. + // Input only. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". TTL *string `json:"ttl,omitempty"` // Optional. Rotation policy attached to the diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_secretmanagersecrets.secretmanager.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_secretmanagersecrets.secretmanager.cnrm.cloud.google.com.yaml index e6d511c1b4..22597ec76f 100644 --- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_secretmanagersecrets.secretmanager.cnrm.cloud.google.com.yaml +++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_secretmanagersecrets.secretmanager.cnrm.cloud.google.com.yaml @@ -315,7 +315,8 @@ spec: type: object type: array ttl: - description: Input only. The TTL for the [Secret][google.cloud.secretmanager.v1.Secret]. + description: 'Input only. A duration in seconds with up to nine fractional + digits, ending with ''s''. Example: "3.5s".' type: string versionAliases: additionalProperties: diff --git a/pkg/controller/direct/secretmanager/secret_controller.go b/pkg/controller/direct/secretmanager/secret_controller.go index aecfc7731c..48638b9441 100644 --- a/pkg/controller/direct/secretmanager/secret_controller.go +++ b/pkg/controller/direct/secretmanager/secret_controller.go @@ -122,6 +122,18 @@ func normalizeExternal(ctx context.Context, reader client.Reader, src client.Obj secret.Spec.Replication.LegacyAutomatic.CustomerManagedEncryption.KmsKeyRef = kmsKeyRef } } + if secret.Spec.Replication.UserManaged != nil { + for _, r := range secret.Spec.Replication.UserManaged.Replicas { + if r.CustomerManagedEncryption != nil { + kmsKeyRef := r.CustomerManagedEncryption.KmsKeyRef + kmsKeyRef, err := refs.ResolveKMSCryptoKeyRef(ctx, reader, src, kmsKeyRef) + if err != nil { + return err + } + r.CustomerManagedEncryption.KmsKeyRef = kmsKeyRef + } + } + } } if len(secret.Spec.TopicRefs) != 0 { for _, topicRef := range secret.Spec.TopicRefs { diff --git a/pkg/controller/direct/secretmanager/secret_mapping.go b/pkg/controller/direct/secretmanager/secret_mapping.go index c96dd24cfa..fb6ada1af7 100644 --- a/pkg/controller/direct/secretmanager/secret_mapping.go +++ b/pkg/controller/direct/secretmanager/secret_mapping.go @@ -101,6 +101,9 @@ func SecretManagerSecretSpec_ToProto(mapCtx *direct.MapContext, in *krm.SecretMa if oneof := direct.StringTimestamp_ToProto(mapCtx, in.ExpireTime); oneof != nil { out.Expiration = &pb.Secret_ExpireTime{ExpireTime: oneof} } + if oneof := direct.Duration_ToProto(mapCtx, in.TTL); oneof != nil { + out.Expiration = &pb.Secret_Ttl{Ttl: oneof} + } // MISSING: Etag out.Rotation = Rotation_ToProto(mapCtx, in.Rotation) out.VersionAliases = MapStringString_ToMapStringInt64(mapCtx, in.VersionAliases) diff --git a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/secretmanager/secretmanagersecret.md b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/secretmanager/secretmanagersecret.md index 62543b7172..042d553949 100644 --- a/scripts/generate-google3-docs/resource-reference/generated/resource-docs/secretmanager/secretmanagersecret.md +++ b/scripts/generate-google3-docs/resource-reference/generated/resource-docs/secretmanager/secretmanagersecret.md @@ -513,7 +513,7 @@ versionAliases:

string

-

{% verbatim %}Input only. The TTL for the [Secret][google.cloud.secretmanager.v1.Secret].{% endverbatim %}

+

{% verbatim %}Input only. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".{% endverbatim %}

From afde6b9bb93cfca11390651a27ee91e6ee1d42ea Mon Sep 17 00:00:00 2001 From: Yuwen Ma Date: Thu, 12 Dec 2024 07:37:46 +0000 Subject: [PATCH 2/7] real gcp log --- dev/tasks/run-e2e | 2 +- .../basicsecretmanagersecret/create.yaml | 1 + ...ullsecretmanagersecret-auto-direct.golden} | 0 ...cretmanagersecret-auto-direct.golden.yaml} | 1 + .../_http.log | 17 +- .../create.yaml | 1 + .../dependencies.yaml | 0 .../update.yaml | 1 + ...fullsecretmanagersecret-auto-legacy.golden | 23 + ...ecretmanagersecret-auto-legacy.golden.yaml | 40 + .../_http.log | 903 ++++++++++ .../create.yaml | 44 + .../dependencies.yaml | 55 + .../update.yaml | 47 + ...llsecretmanagersecret-manual-direct.golden | 30 + ...retmanagersecret-manual-direct.golden.yaml | 46 + .../_http.log | 1496 +++++++++++++++++ .../create.yaml | 40 + .../dependencies.yaml | 86 + .../update.yaml | 43 + ...llsecretmanagersecret-manual-legacy.golden | 30 + ...retmanagersecret-manual-legacy.golden.yaml | 45 + .../_http.log | 1433 ++++++++++++++++ .../create.yaml | 39 + .../dependencies.yaml | 86 + .../update.yaml | 44 + tests/e2e/normalize.go | 3 + tests/e2e/unified_test.go | 1 + 28 files changed, 4547 insertions(+), 10 deletions(-) rename pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/{fullsecretmanagersecret/_generated_export_fullsecretmanagersecret.golden => fullsecretmanagersecret-auto-direct/_generated_export_fullsecretmanagersecret-auto-direct.golden} (100%) rename pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/{fullsecretmanagersecret/_generated_object_fullsecretmanagersecret.golden.yaml => fullsecretmanagersecret-auto-direct/_generated_object_fullsecretmanagersecret-auto-direct.golden.yaml} (96%) rename pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/{fullsecretmanagersecret => fullsecretmanagersecret-auto-direct}/_http.log (98%) rename pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/{fullsecretmanagersecret => fullsecretmanagersecret-auto-direct}/create.yaml (96%) rename pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/{fullsecretmanagersecret => fullsecretmanagersecret-auto-direct}/dependencies.yaml (100%) rename pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/{fullsecretmanagersecret => fullsecretmanagersecret-auto-direct}/update.yaml (96%) create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_export_fullsecretmanagersecret-auto-legacy.golden create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_object_fullsecretmanagersecret-auto-legacy.golden.yaml create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/create.yaml create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/dependencies.yaml create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/update.yaml create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_object_fullsecretmanagersecret-manual-direct.golden.yaml create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/create.yaml create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/dependencies.yaml create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/update.yaml create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_object_fullsecretmanagersecret-manual-legacy.golden.yaml create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/create.yaml create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/dependencies.yaml create mode 100644 pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/update.yaml diff --git a/dev/tasks/run-e2e b/dev/tasks/run-e2e index 2f8286b3fa..8c526afcbc 100755 --- a/dev/tasks/run-e2e +++ b/dev/tasks/run-e2e @@ -26,7 +26,7 @@ if [[ -z "${KUBEBUILDER_ASSETS:-}" ]]; then fi if [[ -z "${KCC_USE_DIRECT_RECONCILERS:-}" ]]; then - KCC_USE_DIRECT_RECONCILERS=ComputeForwardingRule,GKEHubFeatureMembership,SecretManagerSecret,SecretManagerSecretVersion + KCC_USE_DIRECT_RECONCILERS=ComputeForwardingRule,GKEHubFeatureMembership fi echo "Using direct controllers: $KCC_USE_DIRECT_RECONCILERS" export KCC_USE_DIRECT_RECONCILERS diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/basicsecretmanagersecret/create.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/basicsecretmanagersecret/create.yaml index 358eec3b8d..32f426aabc 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/basicsecretmanagersecret/create.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/basicsecretmanagersecret/create.yaml @@ -17,6 +17,7 @@ kind: SecretManagerSecret metadata: annotations: cnrm.cloud.google.com/project-id: ${projectId} + alpha.cnrm.cloud.google.com/reconciler: "direct" labels: label-one: value-one name: secretmanagersecret-${uniqueId} diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/_generated_export_fullsecretmanagersecret.golden b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_generated_export_fullsecretmanagersecret-auto-direct.golden similarity index 100% rename from pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/_generated_export_fullsecretmanagersecret.golden rename to pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_generated_export_fullsecretmanagersecret-auto-direct.golden diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/_generated_object_fullsecretmanagersecret.golden.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_generated_object_fullsecretmanagersecret-auto-direct.golden.yaml similarity index 96% rename from pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/_generated_object_fullsecretmanagersecret.golden.yaml rename to pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_generated_object_fullsecretmanagersecret-auto-direct.golden.yaml index 31fe656ded..f1cc00ab19 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/_generated_object_fullsecretmanagersecret.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_generated_object_fullsecretmanagersecret-auto-direct.golden.yaml @@ -2,6 +2,7 @@ apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 kind: SecretManagerSecret metadata: annotations: + alpha.cnrm.cloud.google.com/reconciler: direct cnrm.cloud.google.com/management-conflict-prevention-policy: none cnrm.cloud.google.com/project-id: ${projectId} finalizers: diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_http.log similarity index 98% rename from pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/_http.log rename to pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_http.log index a1d0b8bdba..0b37155c3b 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_http.log @@ -349,7 +349,6 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK -Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -363,7 +362,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } @@ -692,7 +691,7 @@ x-goog-request-params: parent=projects%2F${projectId} "annotations": { "foo": "secretmanagersecret" }, - "expireTime": "2025-10-02T15:01:23Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -733,7 +732,7 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2025-10-02T15:01:23Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -782,7 +781,7 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2025-10-02T15:01:23Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -820,7 +819,7 @@ x-goog-request-params: secret.name=projects%2F${projectId}%2Fsecrets%2Fsecretman "foo": "secretmanagersecret" }, "etag": "abcdef0123A=", - "expireTime": "2025-10-03T15:01:23Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -864,7 +863,7 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2025-10-03T15:01:23Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -914,7 +913,7 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2025-10-03T15:01:23Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -965,7 +964,7 @@ X-Xss-Protection: 0 }, "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2025-10-03T15:01:23Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/create.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/create.yaml similarity index 96% rename from pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/create.yaml rename to pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/create.yaml index 414a3e95ae..2ef5596e00 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/create.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/create.yaml @@ -17,6 +17,7 @@ kind: SecretManagerSecret metadata: annotations: cnrm.cloud.google.com/project-id: ${projectId} + alpha.cnrm.cloud.google.com/reconciler: "direct" labels: label-one: value-one name: secretmanagersecret-${uniqueId} diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/dependencies.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/dependencies.yaml similarity index 100% rename from pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/dependencies.yaml rename to pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/dependencies.yaml diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/update.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/update.yaml similarity index 96% rename from pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/update.yaml rename to pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/update.yaml index 909a0bf488..9fe2bf7811 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret/update.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/update.yaml @@ -17,6 +17,7 @@ kind: SecretManagerSecret metadata: annotations: cnrm.cloud.google.com/project-id: ${projectId} + alpha.cnrm.cloud.google.com/reconciler: "direct" labels: label-one: value-one label-two: value-two diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_export_fullsecretmanagersecret-auto-legacy.golden b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_export_fullsecretmanagersecret-auto-legacy.golden new file mode 100644 index 0000000000..5568aa2b97 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_export_fullsecretmanagersecret-auto-legacy.golden @@ -0,0 +1,23 @@ +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/project-id: ${projectId} + labels: + cnrm-test: "true" + label-one: value-one + label-two: value-two + managed-by-cnrm: "true" + name: secretmanagersecret-${uniqueId} +spec: + annotations: + bar: secretmanagersecret-bar + foo: secretmanagersecret + expireTime: "2025-10-03T15:01:23Z" + resourceID: secretmanagersecret-${uniqueId} + rotation: + nextRotationTime: "2025-10-03T15:01:23Z" + rotationPeriod: 3600s + topics: + - topicRef: + external: projects/${projectId}/topics/topic-2-${uniqueId} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_object_fullsecretmanagersecret-auto-legacy.golden.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_object_fullsecretmanagersecret-auto-legacy.golden.yaml new file mode 100644 index 0000000000..4771fc4bbf --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_generated_object_fullsecretmanagersecret-auto-legacy.golden.yaml @@ -0,0 +1,40 @@ +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/management-conflict-prevention-policy: none + cnrm.cloud.google.com/project-id: ${projectId} + cnrm.cloud.google.com/state-into-spec: absent + finalizers: + - cnrm.cloud.google.com/finalizer + - cnrm.cloud.google.com/deletion-defender + generation: 3 + labels: + cnrm-test: "true" + label-one: value-one + label-two: value-two + name: secretmanagersecret-${uniqueId} + namespace: ${uniqueId} +spec: + annotations: + bar: secretmanagersecret-bar + foo: secretmanagersecret + expireTime: "2025-10-03T15:01:23Z" + replication: + automatic: true + resourceID: secretmanagersecret-${uniqueId} + rotation: + nextRotationTime: "2025-10-03T15:01:23Z" + rotationPeriod: 3600s + topics: + - topicRef: + name: topic-2-${uniqueId} +status: + conditions: + - lastTransitionTime: "1970-01-01T00:00:00Z" + message: The resource is up to date + reason: UpToDate + status: "True" + type: Ready + name: projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId} + observedGeneration: 3 diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log new file mode 100644 index 0000000000..98419c5fb1 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log @@ -0,0 +1,903 @@ +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "Resource not found (resource=topic-${uniqueId}).", + "status": "NOT_FOUND" + } +} + +--- + +PUT https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-${uniqueId}" +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-${uniqueId}" +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "Resource not found (resource=topic-2-${uniqueId}).", + "status": "NOT_FOUND" + } +} + +--- + +PUT https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" +} + +--- + +POST https://serviceusage.googleapis.com/v1beta1/projects/${projectId}/services/secretmanager.googleapis.com:generateServiceIdentity?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "done": true, + "name": "operations/${operationID}", + "response": { + "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", + "uniqueId": "12345678" + } +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=" +} + +--- + +POST https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:setIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 3 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=" +} + +--- + +POST https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:setIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 3 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "Secret [projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}] not found.", + "status": "NOT_FOUND" + } +} + +--- + +POST https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets?alt=json&secretId=secretmanagersecret-${uniqueId} +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "annotations": { + "foo": "secretmanagersecret" + }, + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "managed-by-cnrm": "true" + }, + "replication": { + "automatic": {} + }, + "rotation": { + "nextRotationTime": "2025-10-02T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-${uniqueId}" + } + ] +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "automatic": {} + }, + "rotation": { + "nextRotationTime": "2025-10-02T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-${uniqueId}" + } + ] +} + +--- + +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "automatic": {} + }, + "rotation": { + "nextRotationTime": "2025-10-02T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-${uniqueId}" + } + ] +} + +--- + +PATCH https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json&updateMask=labels%2Cannotations%2Ctopics%2CexpireTime%2Crotation +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "annotations": { + "bar": "secretmanagersecret-bar", + "foo": "secretmanagersecret" + }, + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "label-two": "value-two", + "managed-by-cnrm": "true" + }, + "replication": { + "automatic": {} + }, + "rotation": { + "nextRotationTime": "2025-10-03T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" + } + ] +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "bar": "secretmanagersecret-bar", + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "label-two": "value-two", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "automatic": {} + }, + "rotation": { + "nextRotationTime": "2025-10-03T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" + } + ] +} + +--- + +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "bar": "secretmanagersecret-bar", + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "label-two": "value-two", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "automatic": {} + }, + "rotation": { + "nextRotationTime": "2025-10-03T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" + } + ] +} + +--- + +DELETE https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +POST https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:setIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "etag": "abcdef0123A=", + "version": 1 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +POST https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:setIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "etag": "abcdef0123A=", + "version": 1 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" +} + +--- + +DELETE https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-${uniqueId}" +} + +--- + +DELETE https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/create.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/create.yaml new file mode 100644 index 0000000000..5e237749b5 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/create.yaml @@ -0,0 +1,44 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/project-id: ${projectId} + labels: + label-one: value-one + name: secretmanagersecret-${uniqueId} +spec: + replication: + automatic: true + # TF-based resource is broken, got the error even if not changing this field + # "cannot make changes to immutable field(s): [Field Name: replication.0.auto.#, Got: 1, Wanted: 0]" + # auto: + # customerManagedEncryption: + # kmsKeyRef: + # name: kmscryptokey-${uniqueId} + topics: + - topicRef: + name: topic-${uniqueId} + annotations: + "foo": secretmanagersecret + expireTime: "2025-10-02T15:01:23Z" + rotation: + nextRotationTime: "2025-10-02T15:01:23Z" + rotationPeriod: "3600s" + # FR to SecretManagerSecretVersion adding aliases. + # versionAliases: + # "foo": "111" + # "bar": "222" \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/dependencies.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/dependencies.yaml new file mode 100644 index 0000000000..a51742845a --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/dependencies.yaml @@ -0,0 +1,55 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: pubsub.cnrm.cloud.google.com/v1beta1 +kind: PubSubTopic +metadata: + name: topic-${uniqueId} +--- +apiVersion: pubsub.cnrm.cloud.google.com/v1beta1 +kind: PubSubTopic +metadata: + name: topic-2-${uniqueId} +--- +apiVersion: serviceusage.cnrm.cloud.google.com/v1beta1 +kind: ServiceIdentity +metadata: + name: serviceidentity-${uniqueId} +spec: + projectRef: + external: ${projectId} + resourceID: secretmanager.googleapis.com +--- +apiVersion: iam.cnrm.cloud.google.com/v1beta1 +kind: IAMPolicyMember +metadata: + name: iampolicymember-${uniqueId} +spec: + member: serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com + role: roles/pubsub.publisher + resourceRef: + apiVersion: pubsub.cnrm.cloud.google.com/v1beta1 + kind: PubSubTopic + name: topic-${uniqueId} +--- +apiVersion: iam.cnrm.cloud.google.com/v1beta1 +kind: IAMPolicyMember +metadata: + name: iampolicymember-2-${uniqueId} +spec: + member: serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com + role: roles/pubsub.publisher + resourceRef: + apiVersion: pubsub.cnrm.cloud.google.com/v1beta1 + kind: PubSubTopic + name: topic-2-${uniqueId} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/update.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/update.yaml new file mode 100644 index 0000000000..76a2d644f2 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/update.yaml @@ -0,0 +1,47 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/project-id: ${projectId} + labels: + label-one: value-one + label-two: value-two + name: secretmanagersecret-${uniqueId} +spec: + replication: + automatic: true + # TF-based resource is broken, got the error even if not changing this field + # "cannot make changes to immutable field(s): [Field Name: replication.0.auto.#, Got: 1, Wanted: 0]" + # auto: + # customerManagedEncryption: + # kmsKeyRef: + # name: kmscryptokey-${uniqueId} + topics: + - topicRef: + name: topic-2-${uniqueId} + annotations: + "foo": secretmanagersecret + "bar": secretmanagersecret-bar + expireTime: "2025-10-03T15:01:23Z" + rotation: + nextRotationTime: "2025-10-03T15:01:23Z" + # TF-based controller does not allow changing the rotation period. + # Though this is a mutable field. + rotationPeriod: "3600s" + # versionAliases: + # "foo": "111" + # "bar": "222" \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden new file mode 100644 index 0000000000..1f5aa44614 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden @@ -0,0 +1,30 @@ +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/project-id: ${projectId} + labels: + cnrm-test: "true" + label-one: value-one + label-two: value-two + managed-by-cnrm: "true" + name: secretmanagersecret-${uniqueId} +spec: + annotations: + bar: secretmanagersecret-bar + foo: secretmanagersecret + expireTime: "2024-12-12T06:58:02.096290745Z" + replication: + userManaged: + replicas: + - customerManagedEncryption: + kmsKeyRef: + external: projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId} + location: us-central1 + resourceID: secretmanagersecret-${uniqueId} + rotation: + nextRotationTime: "2025-10-03T15:01:23Z" + rotationPeriod: 7200s + topics: + - topicRef: + external: projects/${projectId}/topics/topic-2-${uniqueId} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_object_fullsecretmanagersecret-manual-direct.golden.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_object_fullsecretmanagersecret-manual-direct.golden.yaml new file mode 100644 index 0000000000..79755444ea --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_object_fullsecretmanagersecret-manual-direct.golden.yaml @@ -0,0 +1,46 @@ +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + alpha.cnrm.cloud.google.com/reconciler: direct + cnrm.cloud.google.com/management-conflict-prevention-policy: none + cnrm.cloud.google.com/project-id: ${projectId} + finalizers: + - cnrm.cloud.google.com/finalizer + - cnrm.cloud.google.com/deletion-defender + generation: 2 + labels: + cnrm-test: "true" + label-one: value-one + label-two: value-two + name: secretmanagersecret-${uniqueId} + namespace: ${uniqueId} +spec: + annotations: + bar: secretmanagersecret-bar + foo: secretmanagersecret + replication: + userManaged: + replicas: + - customerManagedEncryption: + kmsKeyRef: + name: kmscryptokey-${uniqueId} + location: us-central1 + rotation: + nextRotationTime: "2025-10-03T15:01:23Z" + rotationPeriod: 7200s + topics: + - topicRef: + name: topic-2-${uniqueId} + ttl: 110s +status: + conditions: + - lastTransitionTime: "1970-01-01T00:00:00Z" + message: The resource is up to date + reason: UpToDate + status: "True" + type: Ready + externalRef: projects/${projectId}/secrets/secretmanagersecret-${uniqueId} + name: projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId} + observedGeneration: 2 + observedState: {} diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log new file mode 100644 index 0000000000..9282daf8e5 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log @@ -0,0 +1,1496 @@ +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "KeyRing projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId} not found.", + "status": "NOT_FOUND" + } +} + +--- + +POST https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings?alt=json&keyRingId=kmskeyring-${uniqueId} +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "CryptoKey projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId} not found.", + "status": "NOT_FOUND" + } +} + +--- + +POST https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys?alt=json&cryptoKeyId=kmscryptokey-${uniqueId}&skipInitialVersionCreation=false +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "purpose": "ENCRYPT_DECRYPT" +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "destroyScheduledDuration": "2592000s", + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}", + "primary": { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "createTime": "2024-04-01T12:34:56.123456Z", + "generateTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", + "protectionLevel": "SOFTWARE", + "state": "ENABLED" + }, + "purpose": "ENCRYPT_DECRYPT", + "versionTemplate": { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "protectionLevel": "SOFTWARE" + } +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "destroyScheduledDuration": "2592000s", + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}", + "primary": { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "createTime": "2024-04-01T12:34:56.123456Z", + "generateTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", + "protectionLevel": "SOFTWARE", + "state": "ENABLED" + }, + "purpose": "ENCRYPT_DECRYPT", + "versionTemplate": { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "protectionLevel": "SOFTWARE" + } +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "Resource not found (resource=topic-${uniqueId}).", + "status": "NOT_FOUND" + } +} + +--- + +PUT https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-${uniqueId}" +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-${uniqueId}" +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "Resource not found (resource=topic-2-${uniqueId}).", + "status": "NOT_FOUND" + } +} + +--- + +PUT https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" +} + +--- + +POST https://serviceusage.googleapis.com/v1beta1/projects/${projectId}/services/secretmanager.googleapis.com:generateServiceIdentity?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "done": true, + "name": "operations/${operationID}", + "response": { + "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", + "uniqueId": "12345678" + } +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=" +} + +--- + +POST https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:setIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 3 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=" +} + +--- + +POST https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:setIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 3 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}:getIamPolicy?alt=json&options.requestedPolicyVersion=3&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=" +} + +--- + +POST https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}:setIamPolicy?alt=json&prettyPrint=false +Content-Type: application/json +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/cloudkms.cryptoKeyEncrypterDecrypter" + } + ], + "etag": "abcdef0123A=", + "version": 3 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/cloudkms.cryptoKeyEncrypterDecrypter" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}:getIamPolicy?alt=json&options.requestedPolicyVersion=3&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/cloudkms.cryptoKeyEncrypterDecrypter" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint +Content-Type: application/json +User-Agent: kcc/controller-manager +x-goog-request-params: name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "Secret [projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}] not found.", + "status": "NOT_FOUND" + } +} + +--- + +POST https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets?%24alt=json%3Benum-encoding%3Dint&secretId=secretmanagersecret-${uniqueId} +Content-Type: application/json +User-Agent: kcc/controller-manager +x-goog-request-params: parent=projects%2F${projectId} + +{ + "annotations": { + "foo": "secretmanagersecret" + }, + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "managed-by-cnrm": "true" + }, + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-02T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-${uniqueId}" + } + ], + "ttl": "100s" +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-02T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-${uniqueId}" + } + ] +} + +--- + +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint +Content-Type: application/json +User-Agent: kcc/controller-manager +x-goog-request-params: name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-02T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-${uniqueId}" + } + ] +} + +--- + +PATCH https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint&updateMask=annotations%2CexpireTime%2Clabels%2Crotation.nextRotationTime%2Crotation.rotationPeriod%2Ctopics%2Cttl +Content-Type: application/json +User-Agent: kcc/controller-manager +x-goog-request-params: secret.name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} + +{ + "annotations": { + "bar": "secretmanagersecret-bar", + "foo": "secretmanagersecret" + }, + "etag": "abcdef0123A=", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "label-two": "value-two", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-03T15:01:23Z", + "rotationPeriod": "7200s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" + } + ], + "ttl": "110s" +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "bar": "secretmanagersecret-bar", + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "label-two": "value-two", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-03T15:01:23Z", + "rotationPeriod": "7200s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" + } + ] +} + +--- + +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "bar": "secretmanagersecret-bar", + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "label-two": "value-two", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-03T15:01:23Z", + "rotationPeriod": "7200s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" + } + ] +} + +--- + +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint +Content-Type: application/json +User-Agent: kcc/controller-manager +x-goog-request-params: name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "bar": "secretmanagersecret-bar", + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "label-two": "value-two", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-03T15:01:23Z", + "rotationPeriod": "7200s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" + } + ] +} + +--- + +DELETE https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint +Content-Type: application/json +User-Agent: kcc/controller-manager +x-goog-request-params: name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}:getIamPolicy?alt=json&options.requestedPolicyVersion=3&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/cloudkms.cryptoKeyEncrypterDecrypter" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +POST https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}:setIamPolicy?alt=json&prettyPrint=false +Content-Type: application/json +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "etag": "abcdef0123A=", + "version": 1 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}:getIamPolicy?alt=json&options.requestedPolicyVersion=3&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +POST https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:setIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "etag": "abcdef0123A=", + "version": 1 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +POST https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:setIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "etag": "abcdef0123A=", + "version": 1 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" +} + +--- + +DELETE https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-${uniqueId}" +} + +--- + +DELETE https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "destroyScheduledDuration": "2592000s", + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}", + "primary": { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "createTime": "2024-04-01T12:34:56.123456Z", + "generateTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", + "protectionLevel": "SOFTWARE", + "state": "ENABLED" + }, + "purpose": "ENCRYPT_DECRYPT", + "versionTemplate": { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "protectionLevel": "SOFTWARE" + } +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "cryptoKeyVersions": [ + { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "createTime": "2024-04-01T12:34:56.123456Z", + "generateTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", + "protectionLevel": "SOFTWARE", + "state": "ENABLED" + } + ], + "totalSize": 1 +} + +--- + +POST https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1:destroy?alt=json&prettyPrint=false +Content-Type: application/json +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "createTime": "2024-04-01T12:34:56.123456Z", + "destroyTime": "2024-04-01T12:34:56.123456Z", + "generateTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", + "protectionLevel": "SOFTWARE", + "state": "DESTROY_SCHEDULED" +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" +} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/create.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/create.yaml new file mode 100644 index 0000000000..5dfd268cbd --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/create.yaml @@ -0,0 +1,40 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/project-id: ${projectId} + alpha.cnrm.cloud.google.com/reconciler: "direct" + labels: + label-one: value-one + name: secretmanagersecret-${uniqueId} +spec: + replication: + userManaged: + replicas: + - customerManagedEncryption: + kmsKeyRef: + name: kmscryptokey-${uniqueId} + location: us-central1 + topics: + - topicRef: + name: topic-${uniqueId} + annotations: + "foo": secretmanagersecret + ttl: 100s + rotation: + nextRotationTime: "2025-10-02T15:01:23Z" + rotationPeriod: "3600s" \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/dependencies.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/dependencies.yaml new file mode 100644 index 0000000000..94eaedca01 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/dependencies.yaml @@ -0,0 +1,86 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: kms.cnrm.cloud.google.com/v1beta1 +kind: KMSKeyRing +metadata: + name: kmskeyring-${uniqueId} +spec: + location: us-central1 +--- +apiVersion: kms.cnrm.cloud.google.com/v1beta1 +kind: KMSCryptoKey +metadata: + name: kmscryptokey-${uniqueId} + annotations: + cnrm.cloud.google.com/project-id: ${projectId} +spec: + keyRingRef: + name: kmskeyring-${uniqueId} + purpose: ENCRYPT_DECRYPT + importOnly: false +--- +apiVersion: pubsub.cnrm.cloud.google.com/v1beta1 +kind: PubSubTopic +metadata: + name: topic-${uniqueId} +--- +apiVersion: pubsub.cnrm.cloud.google.com/v1beta1 +kind: PubSubTopic +metadata: + name: topic-2-${uniqueId} +--- +apiVersion: serviceusage.cnrm.cloud.google.com/v1beta1 +kind: ServiceIdentity +metadata: + name: serviceidentity-${uniqueId} +spec: + projectRef: + external: ${projectId} + resourceID: secretmanager.googleapis.com +--- +apiVersion: iam.cnrm.cloud.google.com/v1beta1 +kind: IAMPolicyMember +metadata: + name: iampolicymember-${uniqueId} +spec: + member: serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com + role: roles/pubsub.publisher + resourceRef: + apiVersion: pubsub.cnrm.cloud.google.com/v1beta1 + kind: PubSubTopic + name: topic-${uniqueId} +--- +apiVersion: iam.cnrm.cloud.google.com/v1beta1 +kind: IAMPolicyMember +metadata: + name: iampolicymember-2-${uniqueId} +spec: + member: serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com + role: roles/pubsub.publisher + resourceRef: + apiVersion: pubsub.cnrm.cloud.google.com/v1beta1 + kind: PubSubTopic + name: topic-2-${uniqueId} +--- +apiVersion: iam.cnrm.cloud.google.com/v1beta1 +kind: IAMPolicyMember +metadata: + name: iampolicymember-kms-${uniqueId} +spec: + member: serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com + role: roles/cloudkms.cryptoKeyEncrypterDecrypter + resourceRef: + apiVersion: kms.cnrm.cloud.google.com/v1beta1 + kind: KMSCryptoKey + name: kmscryptokey-${uniqueId} diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/update.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/update.yaml new file mode 100644 index 0000000000..abc33360f5 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/update.yaml @@ -0,0 +1,43 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/project-id: ${projectId} + alpha.cnrm.cloud.google.com/reconciler: "direct" + labels: + label-one: value-one + label-two: value-two + name: secretmanagersecret-${uniqueId} +spec: + replication: + userManaged: + replicas: + - customerManagedEncryption: + kmsKeyRef: + name: kmscryptokey-${uniqueId} + location: us-central1 + topics: + - topicRef: + name: topic-2-${uniqueId} + annotations: + "foo": secretmanagersecret + "bar": secretmanagersecret-bar + # ttl and expireTime are OneOf. expireTime is tested in the *-full-auto test suite. + ttl: 110s + rotation: + nextRotationTime: "2025-10-03T15:01:23Z" + rotationPeriod: "7200s" \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden new file mode 100644 index 0000000000..297e753013 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden @@ -0,0 +1,30 @@ +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/project-id: ${projectId} + labels: + cnrm-test: "true" + label-one: value-one + label-two: value-two + managed-by-cnrm: "true" + name: secretmanagersecret-${uniqueId} +spec: + annotations: + bar: secretmanagersecret-bar + foo: secretmanagersecret + expireTime: "2024-12-12T06:55:04.583510160Z" + replication: + userManaged: + replicas: + - customerManagedEncryption: + kmsKeyRef: + external: projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId} + location: us-central1 + resourceID: secretmanagersecret-${uniqueId} + rotation: + nextRotationTime: "2025-10-03T15:01:23Z" + rotationPeriod: 3600s + topics: + - topicRef: + external: projects/${projectId}/topics/topic-2-${uniqueId} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_object_fullsecretmanagersecret-manual-legacy.golden.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_object_fullsecretmanagersecret-manual-legacy.golden.yaml new file mode 100644 index 0000000000..41ac82ab17 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_object_fullsecretmanagersecret-manual-legacy.golden.yaml @@ -0,0 +1,45 @@ +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/management-conflict-prevention-policy: none + cnrm.cloud.google.com/project-id: ${projectId} + cnrm.cloud.google.com/state-into-spec: absent + finalizers: + - cnrm.cloud.google.com/finalizer + - cnrm.cloud.google.com/deletion-defender + generation: 3 + labels: + cnrm-test: "true" + label-one: value-one + label-two: value-two + name: secretmanagersecret-${uniqueId} + namespace: ${uniqueId} +spec: + annotations: + bar: secretmanagersecret-bar + foo: secretmanagersecret + replication: + userManaged: + replicas: + - customerManagedEncryption: + kmsKeyRef: + name: kmscryptokey-${uniqueId} + location: us-central1 + resourceID: secretmanagersecret-${uniqueId} + rotation: + nextRotationTime: "2025-10-03T15:01:23Z" + rotationPeriod: 3600s + topics: + - topicRef: + name: topic-2-${uniqueId} + ttl: 110s +status: + conditions: + - lastTransitionTime: "1970-01-01T00:00:00Z" + message: The resource is up to date + reason: UpToDate + status: "True" + type: Ready + name: projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId} + observedGeneration: 3 diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log new file mode 100644 index 0000000000..02868f13b4 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log @@ -0,0 +1,1433 @@ +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "KeyRing projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId} not found.", + "status": "NOT_FOUND" + } +} + +--- + +POST https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings?alt=json&keyRingId=kmskeyring-${uniqueId} +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "CryptoKey projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId} not found.", + "status": "NOT_FOUND" + } +} + +--- + +POST https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys?alt=json&cryptoKeyId=kmscryptokey-${uniqueId}&skipInitialVersionCreation=false +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "purpose": "ENCRYPT_DECRYPT" +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "destroyScheduledDuration": "2592000s", + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}", + "primary": { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "createTime": "2024-04-01T12:34:56.123456Z", + "generateTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", + "protectionLevel": "SOFTWARE", + "state": "ENABLED" + }, + "purpose": "ENCRYPT_DECRYPT", + "versionTemplate": { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "protectionLevel": "SOFTWARE" + } +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "destroyScheduledDuration": "2592000s", + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}", + "primary": { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "createTime": "2024-04-01T12:34:56.123456Z", + "generateTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", + "protectionLevel": "SOFTWARE", + "state": "ENABLED" + }, + "purpose": "ENCRYPT_DECRYPT", + "versionTemplate": { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "protectionLevel": "SOFTWARE" + } +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "Resource not found (resource=topic-${uniqueId}).", + "status": "NOT_FOUND" + } +} + +--- + +PUT https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-${uniqueId}" +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-${uniqueId}" +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "Resource not found (resource=topic-2-${uniqueId}).", + "status": "NOT_FOUND" + } +} + +--- + +PUT https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" +} + +--- + +POST https://serviceusage.googleapis.com/v1beta1/projects/${projectId}/services/secretmanager.googleapis.com:generateServiceIdentity?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "done": true, + "name": "operations/${operationID}", + "response": { + "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", + "uniqueId": "12345678" + } +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=" +} + +--- + +POST https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:setIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 3 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=" +} + +--- + +POST https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:setIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 3 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}:getIamPolicy?alt=json&options.requestedPolicyVersion=3&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=" +} + +--- + +POST https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}:setIamPolicy?alt=json&prettyPrint=false +Content-Type: application/json +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/cloudkms.cryptoKeyEncrypterDecrypter" + } + ], + "etag": "abcdef0123A=", + "version": 3 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/cloudkms.cryptoKeyEncrypterDecrypter" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}:getIamPolicy?alt=json&options.requestedPolicyVersion=3&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/cloudkms.cryptoKeyEncrypterDecrypter" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +404 Not Found +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "error": { + "code": 404, + "message": "Secret [projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}] not found.", + "status": "NOT_FOUND" + } +} + +--- + +POST https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets?alt=json&secretId=secretmanagersecret-${uniqueId} +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "annotations": { + "foo": "secretmanagersecret" + }, + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "managed-by-cnrm": "true" + }, + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-02T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-${uniqueId}" + } + ], + "ttl": "100s" +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-02T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-${uniqueId}" + } + ] +} + +--- + +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-02T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-${uniqueId}" + } + ] +} + +--- + +PATCH https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json&updateMask=labels%2Cannotations%2Ctopics%2Crotation +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "annotations": { + "bar": "secretmanagersecret-bar", + "foo": "secretmanagersecret" + }, + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "label-two": "value-two", + "managed-by-cnrm": "true" + }, + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-03T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" + } + ] +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "bar": "secretmanagersecret-bar", + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "label-two": "value-two", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-03T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" + } + ] +} + +--- + +GET https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "annotations": { + "bar": "secretmanagersecret-bar", + "foo": "secretmanagersecret" + }, + "createTime": "2024-04-01T12:34:56.123456Z", + "etag": "abcdef0123A=", + "expireTime": "2024-04-01T12:34:56.123456Z", + "labels": { + "cnrm-test": "true", + "label-one": "value-one", + "label-two": "value-two", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}", + "replication": { + "userManaged": { + "replicas": [ + { + "customerManagedEncryption": { + "kmsKeyName": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}" + }, + "location": "us-central1" + } + ] + } + }, + "rotation": { + "nextRotationTime": "2025-10-03T15:01:23Z", + "rotationPeriod": "3600s" + }, + "topics": [ + { + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" + } + ] +} + +--- + +DELETE https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}:getIamPolicy?alt=json&options.requestedPolicyVersion=3&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/cloudkms.cryptoKeyEncrypterDecrypter" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +POST https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}:setIamPolicy?alt=json&prettyPrint=false +Content-Type: application/json +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "etag": "abcdef0123A=", + "version": 1 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}:getIamPolicy?alt=json&options.requestedPolicyVersion=3&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +POST https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:setIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "etag": "abcdef0123A=", + "version": 1 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "bindings": [ + { + "members": [ + "serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com" + ], + "role": "roles/pubsub.publisher" + } + ], + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +POST https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:setIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{ + "policy": { + "etag": "abcdef0123A=", + "version": 1 + } +} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}:getIamPolicy?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "etag": "abcdef0123A=", + "version": 1 +} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-2-${uniqueId}" +} + +--- + +DELETE https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-2-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{} + +--- + +GET https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/topics/topic-${uniqueId}" +} + +--- + +DELETE https://pubsub.googleapis.com/v1/projects/${projectId}/topics/topic-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "destroyScheduledDuration": "2592000s", + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}", + "primary": { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "createTime": "2024-04-01T12:34:56.123456Z", + "generateTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", + "protectionLevel": "SOFTWARE", + "state": "ENABLED" + }, + "purpose": "ENCRYPT_DECRYPT", + "versionTemplate": { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "protectionLevel": "SOFTWARE" + } +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions?alt=json&prettyPrint=false +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "cryptoKeyVersions": [ + { + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "createTime": "2024-04-01T12:34:56.123456Z", + "generateTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", + "protectionLevel": "SOFTWARE", + "state": "ENABLED" + } + ], + "totalSize": 1 +} + +--- + +POST https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1:destroy?alt=json&prettyPrint=false +Content-Type: application/json +User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +{} + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", + "createTime": "2024-04-01T12:34:56.123456Z", + "destroyTime": "2024-04-01T12:34:56.123456Z", + "generateTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", + "protectionLevel": "SOFTWARE", + "state": "DESTROY_SCHEDULED" +} + +--- + +GET https://cloudkms.googleapis.com/v1/projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}?alt=json +Content-Type: application/json +User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager + +200 OK +Cache-Control: private +Content-Type: application/json; charset=UTF-8 +Server: ESF +Vary: Origin +Vary: X-Origin +Vary: Referer +X-Content-Type-Options: nosniff +X-Frame-Options: SAMEORIGIN +X-Xss-Protection: 0 + +{ + "createTime": "2024-04-01T12:34:56.123456Z", + "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" +} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/create.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/create.yaml new file mode 100644 index 0000000000..34fa073b6f --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/create.yaml @@ -0,0 +1,39 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/project-id: ${projectId} + labels: + label-one: value-one + name: secretmanagersecret-${uniqueId} +spec: + replication: + userManaged: + replicas: + - customerManagedEncryption: + kmsKeyRef: + name: kmscryptokey-${uniqueId} + location: us-central1 + topics: + - topicRef: + name: topic-${uniqueId} + annotations: + "foo": secretmanagersecret + ttl: 100s + rotation: + nextRotationTime: "2025-10-02T15:01:23Z" + rotationPeriod: "3600s" \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/dependencies.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/dependencies.yaml new file mode 100644 index 0000000000..94eaedca01 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/dependencies.yaml @@ -0,0 +1,86 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: kms.cnrm.cloud.google.com/v1beta1 +kind: KMSKeyRing +metadata: + name: kmskeyring-${uniqueId} +spec: + location: us-central1 +--- +apiVersion: kms.cnrm.cloud.google.com/v1beta1 +kind: KMSCryptoKey +metadata: + name: kmscryptokey-${uniqueId} + annotations: + cnrm.cloud.google.com/project-id: ${projectId} +spec: + keyRingRef: + name: kmskeyring-${uniqueId} + purpose: ENCRYPT_DECRYPT + importOnly: false +--- +apiVersion: pubsub.cnrm.cloud.google.com/v1beta1 +kind: PubSubTopic +metadata: + name: topic-${uniqueId} +--- +apiVersion: pubsub.cnrm.cloud.google.com/v1beta1 +kind: PubSubTopic +metadata: + name: topic-2-${uniqueId} +--- +apiVersion: serviceusage.cnrm.cloud.google.com/v1beta1 +kind: ServiceIdentity +metadata: + name: serviceidentity-${uniqueId} +spec: + projectRef: + external: ${projectId} + resourceID: secretmanager.googleapis.com +--- +apiVersion: iam.cnrm.cloud.google.com/v1beta1 +kind: IAMPolicyMember +metadata: + name: iampolicymember-${uniqueId} +spec: + member: serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com + role: roles/pubsub.publisher + resourceRef: + apiVersion: pubsub.cnrm.cloud.google.com/v1beta1 + kind: PubSubTopic + name: topic-${uniqueId} +--- +apiVersion: iam.cnrm.cloud.google.com/v1beta1 +kind: IAMPolicyMember +metadata: + name: iampolicymember-2-${uniqueId} +spec: + member: serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com + role: roles/pubsub.publisher + resourceRef: + apiVersion: pubsub.cnrm.cloud.google.com/v1beta1 + kind: PubSubTopic + name: topic-2-${uniqueId} +--- +apiVersion: iam.cnrm.cloud.google.com/v1beta1 +kind: IAMPolicyMember +metadata: + name: iampolicymember-kms-${uniqueId} +spec: + member: serviceAccount:service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com + role: roles/cloudkms.cryptoKeyEncrypterDecrypter + resourceRef: + apiVersion: kms.cnrm.cloud.google.com/v1beta1 + kind: KMSCryptoKey + name: kmscryptokey-${uniqueId} diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/update.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/update.yaml new file mode 100644 index 0000000000..78720417f6 --- /dev/null +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/update.yaml @@ -0,0 +1,44 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 +kind: SecretManagerSecret +metadata: + annotations: + cnrm.cloud.google.com/project-id: ${projectId} + labels: + label-one: value-one + label-two: value-two + name: secretmanagersecret-${uniqueId} +spec: + replication: + userManaged: + replicas: + - customerManagedEncryption: + kmsKeyRef: + name: kmscryptokey-${uniqueId} + location: us-central1 + topics: + - topicRef: + name: topic-2-${uniqueId} + annotations: + "foo": secretmanagersecret + "bar": secretmanagersecret-bar + # ttl and expireTime are OneOf. expireTime is tested in the *-full-auto test suite. + ttl: 110s + rotation: + nextRotationTime: "2025-10-03T15:01:23Z" + # TF-based controller does not allow changing the rotation period. + # Though this is a mutable field. + rotationPeriod: "3600s" \ No newline at end of file diff --git a/tests/e2e/normalize.go b/tests/e2e/normalize.go index 5596caa923..f75845e1e7 100644 --- a/tests/e2e/normalize.go +++ b/tests/e2e/normalize.go @@ -175,6 +175,9 @@ func normalizeKRMObject(t *testing.T, u *unstructured.Unstructured, project test // Specific to DataFlow visitor.replacePaths[".status.jobId"] = "${jobID}" + // Specific to SecretManager + visitor.replacePaths[".expireTime"] = "2024-04-01T12:34:56.123456Z" + // Specific to BigQueryConnectionConnection. visitor.replacePaths[".status.observedState.aws.accessRole.identity"] = "048077221682493034546" visitor.replacePaths[".status.observedState.azure.identity"] = "117243083562690747295" diff --git a/tests/e2e/unified_test.go b/tests/e2e/unified_test.go index 1048429f11..d17230d7d3 100644 --- a/tests/e2e/unified_test.go +++ b/tests/e2e/unified_test.go @@ -524,6 +524,7 @@ func runScenario(ctx context.Context, t *testing.T, testPause bool, fixture reso addReplacement("oauth2ClientId", "888888888888888888888") addReplacement("createTime", "2024-04-01T12:34:56.123456Z") + addReplacement("expireTime", "2024-04-01T12:34:56.123456Z") addReplacement("response.createTime", "2024-04-01T12:34:56.123456Z") addReplacement("response.deleteTime", "2024-04-01T12:34:56.123456Z") addReplacement("creationTimestamp", "2024-04-01T12:34:56.123456Z") From 32a002c13f79df718b45189d725a5f4f9cea0a53 Mon Sep 17 00:00:00 2001 From: Yuwen Ma Date: Thu, 12 Dec 2024 07:39:05 +0000 Subject: [PATCH 3/7] mock gcp log --- mockgcp/mocksecretmanager/secrets.go | 11 +++++++++++ ...erated_object_basicsecretmanagersecret.golden.yaml | 1 + .../fullsecretmanagersecret-auto-direct/_http.log | 3 ++- .../fullsecretmanagersecret-auto-legacy/_http.log | 3 ++- ...xport_fullsecretmanagersecret-manual-direct.golden | 2 +- .../fullsecretmanagersecret-manual-direct/_http.log | 5 +++-- ...xport_fullsecretmanagersecret-manual-legacy.golden | 2 +- .../fullsecretmanagersecret-manual-legacy/_http.log | 5 +++-- tests/e2e/normalize.go | 3 +++ 9 files changed, 27 insertions(+), 8 deletions(-) diff --git a/mockgcp/mocksecretmanager/secrets.go b/mockgcp/mocksecretmanager/secrets.go index 273f865767..a07eba664e 100644 --- a/mockgcp/mocksecretmanager/secrets.go +++ b/mockgcp/mocksecretmanager/secrets.go @@ -84,6 +84,13 @@ func (s *SecretsV1) populateDefaultsForSecret(ctx context.Context, obj *pb.Secre return fmt.Errorf("Aliases cannot be assigned to versions that don't exist") } } + // TTL and ExpireTime are OneOf, but the GCP service always converts TTL to expireTime before storing the object. + if obj.GetTtl() != nil { + expirateTime := timestamppb.Now().AsTime().Add(obj.GetTtl().AsDuration()) + obj.Expiration = &pb.Secret_ExpireTime{ + ExpireTime: timestamppb.New(expirateTime), + } + } return nil } @@ -154,6 +161,10 @@ func (s *SecretsV1) UpdateSecret(ctx context.Context, req *pb.UpdateSecretReques updated.Expiration = &pb.Secret_ExpireTime{ ExpireTime: req.Secret.GetExpireTime(), } + case "ttl": + updated.Expiration = &pb.Secret_Ttl{ + Ttl: req.Secret.GetTtl(), + } case "expiration": updated.Expiration = req.Secret.GetExpiration() case "rotation.nextRotationTime": diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/basicsecretmanagersecret/_generated_object_basicsecretmanagersecret.golden.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/basicsecretmanagersecret/_generated_object_basicsecretmanagersecret.golden.yaml index 5c7711f63b..3d459530e1 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/basicsecretmanagersecret/_generated_object_basicsecretmanagersecret.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/basicsecretmanagersecret/_generated_object_basicsecretmanagersecret.golden.yaml @@ -2,6 +2,7 @@ apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 kind: SecretManagerSecret metadata: annotations: + alpha.cnrm.cloud.google.com/reconciler: direct cnrm.cloud.google.com/management-conflict-prevention-policy: none cnrm.cloud.google.com/project-id: ${projectId} finalizers: diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_http.log index 0b37155c3b..ec323d9e3c 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-direct/_http.log @@ -349,6 +349,7 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK +Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -362,7 +363,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log index 98419c5fb1..e09af241e3 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log @@ -167,6 +167,7 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK +Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -180,7 +181,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden index 1f5aa44614..2454135626 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden @@ -13,7 +13,7 @@ spec: annotations: bar: secretmanagersecret-bar foo: secretmanagersecret - expireTime: "2024-12-12T06:58:02.096290745Z" + expireTime: "2025-10-03T15:01:23Z" replication: userManaged: replicas: diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log index 9282daf8e5..10819a9ad1 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log @@ -349,6 +349,7 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK +Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -362,7 +363,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } @@ -1493,4 +1494,4 @@ X-Xss-Protection: 0 { "createTime": "2024-04-01T12:34:56.123456Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" -} \ No newline at end of file +} diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden index 297e753013..212c28e4fd 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden @@ -13,7 +13,7 @@ spec: annotations: bar: secretmanagersecret-bar foo: secretmanagersecret - expireTime: "2024-12-12T06:55:04.583510160Z" + expireTime: "2025-10-03T15:01:23Z" replication: userManaged: replicas: diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log index 02868f13b4..f223a1486d 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log @@ -349,6 +349,7 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK +Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -362,7 +363,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } @@ -1430,4 +1431,4 @@ X-Xss-Protection: 0 { "createTime": "2024-04-01T12:34:56.123456Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" -} \ No newline at end of file +} diff --git a/tests/e2e/normalize.go b/tests/e2e/normalize.go index f75845e1e7..83f5320e76 100644 --- a/tests/e2e/normalize.go +++ b/tests/e2e/normalize.go @@ -146,6 +146,9 @@ func normalizeKRMObject(t *testing.T, u *unstructured.Unstructured, project test // Specific to Certificate Manager visitor.replacePaths[".status.dnsResourceRecord[].data"] = "${uniqueId}" + // Specific to Secret Manager + visitor.replacePaths[".spec.expireTime"] = "2025-10-03T15:01:23Z" + // Specific to MonitoringDashboard visitor.stringTransforms = append(visitor.stringTransforms, func(path string, s string) string { if strings.HasSuffix(path, ".alertChart.alertPolicyRef.external") { From f2edfe4f8394761b11b27004b22c529c9ba9cc7b Mon Sep 17 00:00:00 2001 From: Yuwen Ma Date: Thu, 12 Dec 2024 18:59:17 +0000 Subject: [PATCH 4/7] add alpha-direct annotation to secretversion test suite --- .../_generated_object_secretmanagersecretversion.golden.yaml | 1 + .../secretmanager/v1beta1/secretmanagersecretversion/create.yaml | 1 + .../v1beta1/secretmanagersecretversion/dependencies.yaml | 1 + .../secretmanager/v1beta1/secretmanagersecretversion/update.yaml | 1 + 4 files changed, 4 insertions(+) diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/_generated_object_secretmanagersecretversion.golden.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/_generated_object_secretmanagersecretversion.golden.yaml index a81d2628ae..f267b11147 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/_generated_object_secretmanagersecretversion.golden.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/_generated_object_secretmanagersecretversion.golden.yaml @@ -2,6 +2,7 @@ apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1 kind: SecretManagerSecretVersion metadata: annotations: + alpha.cnrm.cloud.google.com/reconciler: direct cnrm.cloud.google.com/management-conflict-prevention-policy: none cnrm.cloud.google.com/project-id: ${projectId} finalizers: diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/create.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/create.yaml index bf0f71a768..c446fda18b 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/create.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/create.yaml @@ -17,6 +17,7 @@ kind: SecretManagerSecretVersion metadata: annotations: cnrm.cloud.google.com/project-id: ${projectId} + alpha.cnrm.cloud.google.com/reconciler: direct name: secretmanagersecretversion-${uniqueId} spec: enabled: true diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/dependencies.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/dependencies.yaml index cd38f6a998..8cab8c1e2a 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/dependencies.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/dependencies.yaml @@ -18,6 +18,7 @@ metadata: name: secretmanagersecretversion-dep-${uniqueId} annotations: cnrm.cloud.google.com/project-id: ${projectId} + alpha.cnrm.cloud.google.com/reconciler: direct spec: replication: automatic: true diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/update.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/update.yaml index 8d3e0a3bef..2eb6c39445 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/update.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/update.yaml @@ -17,6 +17,7 @@ kind: SecretManagerSecretVersion metadata: annotations: cnrm.cloud.google.com/project-id: ${projectId} + alpha.cnrm.cloud.google.com/reconciler: direct name: secretmanagersecretversion-${uniqueId} spec: enabled: false From 52f0b956bcfc25a9284f26aa78c3e82f36cc8a2a Mon Sep 17 00:00:00 2001 From: Yuwen Ma Date: Fri, 13 Dec 2024 19:50:17 +0000 Subject: [PATCH 5/7] record vcr --- .../_vcr_cassettes/nontf.yaml | 491 +++++++++++- .../_vcr_cassettes/tf.yaml | 740 +----------------- 2 files changed, 491 insertions(+), 740 deletions(-) diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/_vcr_cassettes/nontf.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/_vcr_cassettes/nontf.yaml index da46f9fa04..90b30092b4 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/_vcr_cassettes/nontf.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/_vcr_cassettes/nontf.yaml @@ -14,4 +14,493 @@ --- version: 2 -interactions: [] +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: secretmanager.googleapis.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + x-goog-api-client: + - gl-go/1.23.0-20240626-RC01 gapic/1.14.1 gax/2.13.0 rest/UNKNOWN + x-goog-request-params: + - name=projects%2Fyuwenma-gke-playground%2Fsecrets%2Fsecretmanagersecretversion-dep-2v5hqlif3igof + url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof?%24alt=json%3Benum-encoding%3Dint + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: true + body: fake error message + headers: + Content-Type: + - application/json; charset=UTF-8 + status: 404 Not Found + code: 404 + duration: 172.958531ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 87 + transfer_encoding: [] + trailer: {} + host: secretmanager.googleapis.com + remote_addr: "" + request_uri: "" + body: '{"replication":{"automatic":{}},"labels":{"cnrm-test":"true","managed-by-cnrm":"true"}}' + form: {} + headers: + Content-Type: + - application/json + x-goog-api-client: + - gl-go/1.23.0-20240626-RC01 gapic/1.14.1 gax/2.13.0 rest/UNKNOWN + x-goog-request-params: + - parent=projects%2Fyuwenma-gke-playground + url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets?%24alt=json%3Benum-encoding%3Dint&secretId=secretmanagersecretversion-dep-2v5hqlif3igof + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: | + { + "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof", + "replication": { + "automatic": {} + }, + "createTime": "2024-12-13T19:47:50.457085Z", + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "etag": "\"16292c1b1d1efd\"" + } + headers: + Content-Type: + - application/json; charset=UTF-8 + status: 200 OK + code: 200 + duration: 428.144379ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 259 + transfer_encoding: [] + trailer: {} + host: secretmanager.googleapis.com + remote_addr: "" + request_uri: "" + body: '{"parent":"projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof","payload":{"data":"SSBhbHdheXMgbG92ZWQgc3BhcnJpbmcgd2l0aCBnaWFudCBjYW5keSBzd29yZHMsIGJ1dCBJIGhhZCBubyBpZGVhIHRoYXQgd2FzIG15IHN1cGVyIHNlY3JldCBpbmZvcm1hdGlvbiE="}}' + form: {} + headers: + Content-Type: + - application/json + x-goog-api-client: + - gl-go/1.23.0-20240626-RC01 gapic/1.14.1 gax/2.13.0 rest/UNKNOWN + x-goog-request-params: + - parent=projects%2Fyuwenma-gke-playground%2Fsecrets%2Fsecretmanagersecretversion-dep-2v5hqlif3igof + url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof:addVersion?%24alt=json%3Benum-encoding%3Dint + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: | + { + "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", + "createTime": "2024-12-13T19:47:51.498398Z", + "state": 1, + "replicationStatus": { + "automatic": {} + }, + "etag": "\"16292c1b2d029e\"" + } + headers: + Content-Type: + - application/json; charset=UTF-8 + status: 200 OK + code: 200 + duration: 582.015488ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: secretmanager.googleapis.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + x-goog-api-client: + - gl-go/1.23.0-20240626-RC01 gapic/1.14.1 gax/2.13.0 rest/UNKNOWN + x-goog-request-params: + - name=projects%2Fyuwenma-gke-playground%2Fsecrets%2Fsecretmanagersecretversion-dep-2v5hqlif3igof%2Fversions%2F1 + url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1?%24alt=json%3Benum-encoding%3Dint + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: | + { + "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", + "createTime": "2024-12-13T19:47:51.498398Z", + "state": 1, + "replicationStatus": { + "automatic": {} + }, + "etag": "\"16292c1b2d029e\"" + } + headers: + Content-Type: + - application/json; charset=UTF-8 + status: 200 OK + code: 200 + duration: 108.788897ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 134 + transfer_encoding: [] + trailer: {} + host: secretmanager.googleapis.com + remote_addr: "" + request_uri: "" + body: '{"name":"projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1","etag":"\"16292c1b2d029e\""}' + form: {} + headers: + Content-Type: + - application/json + x-goog-api-client: + - gl-go/1.23.0-20240626-RC01 gapic/1.14.1 gax/2.13.0 rest/UNKNOWN + x-goog-request-params: + - name=projects%2Fyuwenma-gke-playground%2Fsecrets%2Fsecretmanagersecretversion-dep-2v5hqlif3igof%2Fversions%2F1 + url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1:disable?%24alt=json%3Benum-encoding%3Dint + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: | + { + "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", + "createTime": "2024-12-13T19:47:51.498398Z", + "state": 2, + "replicationStatus": { + "automatic": {} + }, + "etag": "\"16292c1b46d396\"" + } + headers: + Content-Type: + - application/json; charset=UTF-8 + status: 200 OK + code: 200 + duration: 409.925416ms + - id: 5 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: secretmanager.googleapis.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + x-goog-api-client: + - gl-go/1.23.0-20240626-RC01 gapic/1.14.1 gax/2.13.0 rest/UNKNOWN + x-goog-request-params: + - name=projects%2Fyuwenma-gke-playground%2Fsecrets%2Fsecretmanagersecretversion-dep-2v5hqlif3igof%2Fversions%2F1 + url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1?%24alt=json%3Benum-encoding%3Dint + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: | + { + "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", + "createTime": "2024-12-13T19:47:51.498398Z", + "state": 2, + "replicationStatus": { + "automatic": {} + }, + "etag": "\"16292c1b46d396\"" + } + headers: + Content-Type: + - application/json; charset=UTF-8 + status: 200 OK + code: 200 + duration: 97.933191ms + - id: 6 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: secretmanager.googleapis.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + x-goog-api-client: + - gl-go/1.23.0-20240626-RC01 gapic/1.14.1 gax/2.13.0 rest/UNKNOWN + x-goog-request-params: + - name=projects%2Fyuwenma-gke-playground%2Fsecrets%2Fsecretmanagersecretversion-dep-2v5hqlif3igof + url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof?%24alt=json%3Benum-encoding%3Dint + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: | + { + "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof", + "replication": { + "automatic": {} + }, + "createTime": "2024-12-13T19:47:50.457085Z", + "labels": { + "cnrm-test": "true", + "managed-by-cnrm": "true" + }, + "etag": "\"16292c1b1d1efd\"" + } + headers: + Content-Type: + - application/json; charset=UTF-8 + status: 200 OK + code: 200 + duration: 94.801262ms + - id: 7 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: secretmanager.googleapis.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + x-goog-api-client: + - gl-go/1.23.0-20240626-RC01 gapic/1.14.1 gax/2.13.0 rest/UNKNOWN + x-goog-request-params: + - name=projects%2Fyuwenma-gke-playground%2Fsecrets%2Fsecretmanagersecretversion-dep-2v5hqlif3igof + url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof?%24alt=json%3Benum-encoding%3Dint + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: | + { + "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof", + "replication": { + "automatic": {} + }, + "createTime": "2024-12-13T19:47:50.457085Z", + "labels": { + "managed-by-cnrm": "true", + "cnrm-test": "true" + }, + "etag": "\"16292c1b1d1efd\"" + } + headers: + Content-Type: + - application/json; charset=UTF-8 + status: 200 OK + code: 200 + duration: 98.199741ms + - id: 8 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: secretmanager.googleapis.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + x-goog-api-client: + - gl-go/1.23.0-20240626-RC01 gapic/1.14.1 gax/2.13.0 rest/UNKNOWN + x-goog-request-params: + - name=projects%2Fyuwenma-gke-playground%2Fsecrets%2Fsecretmanagersecretversion-dep-2v5hqlif3igof%2Fversions%2F1 + url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1?%24alt=json%3Benum-encoding%3Dint + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: | + { + "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", + "createTime": "2024-12-13T19:47:51.498398Z", + "state": 2, + "replicationStatus": { + "automatic": {} + }, + "etag": "\"16292c1b46d396\"" + } + headers: + Content-Type: + - application/json; charset=UTF-8 + status: 200 OK + code: 200 + duration: 93.754503ms + - id: 9 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 134 + transfer_encoding: [] + trailer: {} + host: secretmanager.googleapis.com + remote_addr: "" + request_uri: "" + body: '{"name":"projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1","etag":"\"16292c1b46d396\""}' + form: {} + headers: + Content-Type: + - application/json + x-goog-api-client: + - gl-go/1.23.0-20240626-RC01 gapic/1.14.1 gax/2.13.0 rest/UNKNOWN + x-goog-request-params: + - name=projects%2Fyuwenma-gke-playground%2Fsecrets%2Fsecretmanagersecretversion-dep-2v5hqlif3igof%2Fversions%2F1 + url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1:destroy?%24alt=json%3Benum-encoding%3Dint + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: true + body: fake error message + headers: + Content-Type: + - application/json; charset=UTF-8 + status: 404 Not Found + code: 404 + duration: 232.507687ms + - id: 10 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: secretmanager.googleapis.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + x-goog-api-client: + - gl-go/1.23.0-20240626-RC01 gapic/1.14.1 gax/2.13.0 rest/UNKNOWN + x-goog-request-params: + - name=projects%2Fyuwenma-gke-playground%2Fsecrets%2Fsecretmanagersecretversion-dep-2v5hqlif3igof + url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof?%24alt=json%3Benum-encoding%3Dint + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: | + {} + headers: + Content-Type: + - application/json; charset=UTF-8 + status: 200 OK + code: 200 + duration: 788.151076ms diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/_vcr_cassettes/tf.yaml b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/_vcr_cassettes/tf.yaml index 447f46c242..da46f9fa04 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/_vcr_cassettes/tf.yaml +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/_vcr_cassettes/tf.yaml @@ -14,742 +14,4 @@ --- version: 2 -interactions: - - id: 0 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof?alt=json - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: 0 - uncompressed: true - body: fake error message - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 404 Not Found - code: 404 - duration: 120.869549ms - - id: 1 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 88 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: | - {"labels":{"cnrm-test":"true","managed-by-cnrm":"true"},"replication":{"automatic":{}}} - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets?alt=json&secretId=secretmanagersecretversion-dep-2v5hqlif3igof - method: POST - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof", - "replication": { - "automatic": {} - }, - "createTime": "2024-04-25T01:59:38.634648Z", - "labels": { - "cnrm-test": "true", - "managed-by-cnrm": "true" - }, - "etag": "\"1616e223c28598\"" - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 368.523692ms - - id: 2 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof?alt=json - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof", - "replication": { - "automatic": {} - }, - "createTime": "2024-04-25T01:59:38.634648Z", - "labels": { - "cnrm-test": "true", - "managed-by-cnrm": "true" - }, - "etag": "\"1616e223c28598\"" - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 74.054405ms - - id: 3 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof?alt=json - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof", - "replication": { - "automatic": {} - }, - "createTime": "2024-04-25T01:59:38.634648Z", - "labels": { - "cnrm-test": "true", - "managed-by-cnrm": "true" - }, - "etag": "\"1616e223c28598\"" - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 71.816303ms - - id: 4 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 164 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: | - {"payload":{"data":"SSBhbHdheXMgbG92ZWQgc3BhcnJpbmcgd2l0aCBnaWFudCBjYW5keSBzd29yZHMsIGJ1dCBJIGhhZCBubyBpZGVhIHRoYXQgd2FzIG15IHN1cGVyIHNlY3JldCBpbmZvcm1hdGlvbiE="}} - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof:addVersion?alt=json - method: POST - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", - "createTime": "2024-04-25T01:59:39.859891Z", - "state": "ENABLED", - "replicationStatus": { - "automatic": {} - }, - "etag": "\"1616e223d537b3\"" - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 664.53576ms - - id: 5 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1:enable?alt=json - method: POST - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", - "createTime": "2024-04-25T01:59:39.859891Z", - "state": "ENABLED", - "replicationStatus": { - "automatic": {} - }, - "etag": "\"1616e223e4a7b5\"" - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 346.318149ms - - id: 6 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1?alt=json - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", - "createTime": "2024-04-25T01:59:39.859891Z", - "state": "ENABLED", - "replicationStatus": { - "automatic": {} - }, - "etag": "\"1616e223e4a7b5\"" - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 69.951918ms - - id: 7 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1:access?alt=json - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", - "payload": { - "data": "SSBhbHdheXMgbG92ZWQgc3BhcnJpbmcgd2l0aCBnaWFudCBjYW5keSBzd29yZHMsIGJ1dCBJIGhhZCBubyBpZGVhIHRoYXQgd2FzIG15IHN1cGVyIHNlY3JldCBpbmZvcm1hdGlvbiE=", - "dataCrc32c": "98593831" - } - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 39.761651ms - - id: 8 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1?alt=json - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", - "createTime": "2024-04-25T01:59:39.859891Z", - "state": "ENABLED", - "replicationStatus": { - "automatic": {} - }, - "etag": "\"1616e223e4a7b5\"" - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 73.388283ms - - id: 9 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1:access?alt=json - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", - "payload": { - "data": "SSBhbHdheXMgbG92ZWQgc3BhcnJpbmcgd2l0aCBnaWFudCBjYW5keSBzd29yZHMsIGJ1dCBJIGhhZCBubyBpZGVhIHRoYXQgd2FzIG15IHN1cGVyIHNlY3JldCBpbmZvcm1hdGlvbiE=", - "dataCrc32c": "98593831" - } - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 46.170918ms - - id: 10 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1?alt=json - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", - "createTime": "2024-04-25T01:59:39.859891Z", - "state": "ENABLED", - "replicationStatus": { - "automatic": {} - }, - "etag": "\"1616e223e4a7b5\"" - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 70.630936ms - - id: 11 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1:access?alt=json - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", - "payload": { - "data": "SSBhbHdheXMgbG92ZWQgc3BhcnJpbmcgd2l0aCBnaWFudCBjYW5keSBzd29yZHMsIGJ1dCBJIGhhZCBubyBpZGVhIHRoYXQgd2FzIG15IHN1cGVyIHNlY3JldCBpbmZvcm1hdGlvbiE=", - "dataCrc32c": "98593831" - } - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 52.156888ms - - id: 12 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1:disable?alt=json - method: POST - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", - "createTime": "2024-04-25T01:59:39.859891Z", - "state": "DISABLED", - "replicationStatus": { - "automatic": {} - }, - "etag": "\"1616e223fca8b6\"" - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 220.356705ms - - id: 13 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1?alt=json - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", - "createTime": "2024-04-25T01:59:39.859891Z", - "state": "DISABLED", - "replicationStatus": { - "automatic": {} - }, - "etag": "\"1616e223fca8b6\"" - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 66.323185ms - - id: 14 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1?alt=json - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1", - "createTime": "2024-04-25T01:59:39.859891Z", - "state": "DISABLED", - "replicationStatus": { - "automatic": {} - }, - "etag": "\"1616e223fca8b6\"" - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 61.436591ms - - id: 15 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof?alt=json - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - { - "name": "projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof", - "replication": { - "automatic": {} - }, - "createTime": "2024-04-25T01:59:38.634648Z", - "labels": { - "managed-by-cnrm": "true", - "cnrm-test": "true" - }, - "etag": "\"1616e223c28598\"" - } - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 67.762405ms - - id: 16 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/123456789/secrets/secretmanagersecretversion-dep-2v5hqlif3igof/versions/1:destroy?alt=json - method: POST - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: 0 - uncompressed: true - body: fake error message - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 404 Not Found - code: 404 - duration: 246.595663ms - - id: 17 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: secretmanager.googleapis.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - url: https://secretmanager.googleapis.com/v1/projects/example-project/secrets/secretmanagersecretversion-dep-2v5hqlif3igof?alt=json - method: DELETE - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: | - {} - headers: - Content-Type: - - application/json; charset=UTF-8 - status: 200 OK - code: 200 - duration: 600.164914ms \ No newline at end of file +interactions: [] From 88253821f668dd4616e734c747172a2ee6af9f74 Mon Sep 17 00:00:00 2001 From: Yuwen Ma Date: Mon, 16 Dec 2024 17:50:35 +0000 Subject: [PATCH 6/7] option 1 with real GCP --- .../direct/secretmanager/secret_controller.go | 5 ++- .../_http.log | 45 +++++++++---------- .../_http.log | 37 ++++++++------- 3 files changed, 44 insertions(+), 43 deletions(-) diff --git a/pkg/controller/direct/secretmanager/secret_controller.go b/pkg/controller/direct/secretmanager/secret_controller.go index 48638b9441..740be17b0b 100644 --- a/pkg/controller/direct/secretmanager/secret_controller.go +++ b/pkg/controller/direct/secretmanager/secret_controller.go @@ -258,7 +258,10 @@ func (a *Adapter) Update(ctx context.Context, op *directbase.UpdateOperation) er if err != nil { return err } - + if paths.Has("ttl") { + paths = paths.Delete("ttl") + resource.Expiration = a.actual.Expiration + } if len(paths) == 0 { log.V(2).Info("no field needs update", "name", a.id) return nil diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log index 10819a9ad1..d0ba6232f5 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log @@ -39,7 +39,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:46:15.964697052Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" } @@ -61,7 +61,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:46:15.964697052Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" } @@ -116,7 +116,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:46:16.636854246Z", "destroyScheduledDuration": "2592000s", "labels": { "cnrm-test": "true", @@ -156,7 +156,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:46:16.636854246Z", "destroyScheduledDuration": "2592000s", "labels": { "cnrm-test": "true", @@ -349,7 +349,6 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK -Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -363,7 +362,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } @@ -736,9 +735,9 @@ X-Xss-Protection: 0 "annotations": { "foo": "secretmanagersecret" }, - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:46:42.588737Z", "etag": "abcdef0123A=", - "expireTime": "2024-04-01T12:34:56.123456Z", + "expireTime": "2024-12-16T17:48:21.686076167Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -790,9 +789,9 @@ X-Xss-Protection: 0 "annotations": { "foo": "secretmanagersecret" }, - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:46:42.588737Z", "etag": "abcdef0123A=", - "expireTime": "2024-04-01T12:34:56.123456Z", + "expireTime": "2024-12-16T17:48:21.686076167Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -824,7 +823,7 @@ X-Xss-Protection: 0 --- -PATCH https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint&updateMask=annotations%2CexpireTime%2Clabels%2Crotation.nextRotationTime%2Crotation.rotationPeriod%2Ctopics%2Cttl +PATCH https://secretmanager.googleapis.com/v1/projects/${projectId}/secrets/secretmanagersecret-${uniqueId}?%24alt=json%3Benum-encoding%3Dint&updateMask=annotations%2CexpireTime%2Clabels%2Crotation.nextRotationTime%2Crotation.rotationPeriod%2Ctopics Content-Type: application/json User-Agent: kcc/controller-manager x-goog-request-params: secret.name=projects%2F${projectId}%2Fsecrets%2Fsecretmanagersecret-${uniqueId} @@ -835,6 +834,7 @@ x-goog-request-params: secret.name=projects%2F${projectId}%2Fsecrets%2Fsecretman "foo": "secretmanagersecret" }, "etag": "abcdef0123A=", + "expireTime": "2024-12-16T17:48:21.686076167Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -862,8 +862,7 @@ x-goog-request-params: secret.name=projects%2F${projectId}%2Fsecrets%2Fsecretman { "name": "projects/${projectId}/topics/topic-2-${uniqueId}" } - ], - "ttl": "110s" + ] } 200 OK @@ -882,9 +881,9 @@ X-Xss-Protection: 0 "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:46:42.588737Z", "etag": "abcdef0123A=", - "expireTime": "2024-04-01T12:34:56.123456Z", + "expireTime": "2024-12-16T17:48:21.686076167Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -937,9 +936,9 @@ X-Xss-Protection: 0 "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:46:42.588737Z", "etag": "abcdef0123A=", - "expireTime": "2024-04-01T12:34:56.123456Z", + "expireTime": "2024-12-16T17:48:21.686076167Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -993,9 +992,9 @@ X-Xss-Protection: 0 "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:46:42.588737Z", "etag": "abcdef0123A=", - "expireTime": "2024-04-01T12:34:56.123456Z", + "expireTime": "2024-12-16T17:48:21.686076167Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -1393,7 +1392,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:46:16.636854246Z", "destroyScheduledDuration": "2592000s", "labels": { "cnrm-test": "true", @@ -1466,7 +1465,7 @@ X-Xss-Protection: 0 { "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:46:16.636854246Z", "destroyTime": "2024-04-01T12:34:56.123456Z", "generateTime": "2024-04-01T12:34:56.123456Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", @@ -1492,6 +1491,6 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:46:15.964697052Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" -} +} \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log index f223a1486d..7059828ff1 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log @@ -39,7 +39,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:39:42.164075240Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" } @@ -61,7 +61,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:39:42.164075240Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" } @@ -116,7 +116,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:39:42.801224464Z", "destroyScheduledDuration": "2592000s", "labels": { "cnrm-test": "true", @@ -156,7 +156,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:39:42.801224464Z", "destroyScheduledDuration": "2592000s", "labels": { "cnrm-test": "true", @@ -349,7 +349,6 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK -Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -363,7 +362,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } @@ -734,9 +733,9 @@ X-Xss-Protection: 0 "annotations": { "foo": "secretmanagersecret" }, - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:40:10.834791Z", "etag": "abcdef0123A=", - "expireTime": "2024-04-01T12:34:56.123456Z", + "expireTime": "2024-12-16T17:41:49.804979787Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -787,9 +786,9 @@ X-Xss-Protection: 0 "annotations": { "foo": "secretmanagersecret" }, - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:40:10.834791Z", "etag": "abcdef0123A=", - "expireTime": "2024-04-01T12:34:56.123456Z", + "expireTime": "2024-12-16T17:41:49.804979787Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -830,7 +829,7 @@ User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 t "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "expireTime": "2024-04-01T12:34:56.123456Z", + "expireTime": "2024-12-16T17:41:49.804979787Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -876,9 +875,9 @@ X-Xss-Protection: 0 "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:40:10.834791Z", "etag": "abcdef0123A=", - "expireTime": "2024-04-01T12:34:56.123456Z", + "expireTime": "2024-12-16T17:41:49.804979787Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -931,9 +930,9 @@ X-Xss-Protection: 0 "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:40:10.834791Z", "etag": "abcdef0123A=", - "expireTime": "2024-04-01T12:34:56.123456Z", + "expireTime": "2024-12-16T17:41:49.804979787Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -1330,7 +1329,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:39:42.801224464Z", "destroyScheduledDuration": "2592000s", "labels": { "cnrm-test": "true", @@ -1403,7 +1402,7 @@ X-Xss-Protection: 0 { "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:39:42.801224464Z", "destroyTime": "2024-04-01T12:34:56.123456Z", "generateTime": "2024-04-01T12:34:56.123456Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", @@ -1429,6 +1428,6 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-04-01T12:34:56.123456Z", + "createTime": "2024-12-16T17:39:42.164075240Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" -} +} \ No newline at end of file From 792894de94bae4d665b603806443c01750c3342b Mon Sep 17 00:00:00 2001 From: Yuwen Ma Date: Mon, 16 Dec 2024 17:56:09 +0000 Subject: [PATCH 7/7] mock gcp --- .../_http.log | 39 ++++++++++--------- .../_http.log | 35 +++++++++-------- 2 files changed, 38 insertions(+), 36 deletions(-) diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log index d0ba6232f5..631215cc22 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log @@ -39,7 +39,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-12-16T17:46:15.964697052Z", + "createTime": "2024-04-01T12:34:56.123456Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" } @@ -61,7 +61,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-12-16T17:46:15.964697052Z", + "createTime": "2024-04-01T12:34:56.123456Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" } @@ -116,7 +116,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-12-16T17:46:16.636854246Z", + "createTime": "2024-04-01T12:34:56.123456Z", "destroyScheduledDuration": "2592000s", "labels": { "cnrm-test": "true", @@ -156,7 +156,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-12-16T17:46:16.636854246Z", + "createTime": "2024-04-01T12:34:56.123456Z", "destroyScheduledDuration": "2592000s", "labels": { "cnrm-test": "true", @@ -349,6 +349,7 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK +Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -362,7 +363,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } @@ -735,9 +736,9 @@ X-Xss-Protection: 0 "annotations": { "foo": "secretmanagersecret" }, - "createTime": "2024-12-16T17:46:42.588737Z", + "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-16T17:48:21.686076167Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -789,9 +790,9 @@ X-Xss-Protection: 0 "annotations": { "foo": "secretmanagersecret" }, - "createTime": "2024-12-16T17:46:42.588737Z", + "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-16T17:48:21.686076167Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -834,7 +835,7 @@ x-goog-request-params: secret.name=projects%2F${projectId}%2Fsecrets%2Fsecretman "foo": "secretmanagersecret" }, "etag": "abcdef0123A=", - "expireTime": "2024-12-16T17:48:21.686076167Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -881,9 +882,9 @@ X-Xss-Protection: 0 "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "createTime": "2024-12-16T17:46:42.588737Z", + "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-16T17:48:21.686076167Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -936,9 +937,9 @@ X-Xss-Protection: 0 "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "createTime": "2024-12-16T17:46:42.588737Z", + "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-16T17:48:21.686076167Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -992,9 +993,9 @@ X-Xss-Protection: 0 "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "createTime": "2024-12-16T17:46:42.588737Z", + "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-16T17:48:21.686076167Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -1392,7 +1393,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-12-16T17:46:16.636854246Z", + "createTime": "2024-04-01T12:34:56.123456Z", "destroyScheduledDuration": "2592000s", "labels": { "cnrm-test": "true", @@ -1465,7 +1466,7 @@ X-Xss-Protection: 0 { "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", - "createTime": "2024-12-16T17:46:16.636854246Z", + "createTime": "2024-04-01T12:34:56.123456Z", "destroyTime": "2024-04-01T12:34:56.123456Z", "generateTime": "2024-04-01T12:34:56.123456Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", @@ -1491,6 +1492,6 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-12-16T17:46:15.964697052Z", + "createTime": "2024-04-01T12:34:56.123456Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" } \ No newline at end of file diff --git a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log index 7059828ff1..7339769203 100644 --- a/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log +++ b/pkg/test/resourcefixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log @@ -39,7 +39,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-12-16T17:39:42.164075240Z", + "createTime": "2024-04-01T12:34:56.123456Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" } @@ -61,7 +61,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-12-16T17:39:42.164075240Z", + "createTime": "2024-04-01T12:34:56.123456Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" } @@ -116,7 +116,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-12-16T17:39:42.801224464Z", + "createTime": "2024-04-01T12:34:56.123456Z", "destroyScheduledDuration": "2592000s", "labels": { "cnrm-test": "true", @@ -156,7 +156,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-12-16T17:39:42.801224464Z", + "createTime": "2024-04-01T12:34:56.123456Z", "destroyScheduledDuration": "2592000s", "labels": { "cnrm-test": "true", @@ -349,6 +349,7 @@ Content-Type: application/json User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager 200 OK +Cache-Control: private Content-Type: application/json; charset=UTF-8 Server: ESF Vary: Origin @@ -362,7 +363,7 @@ X-Xss-Protection: 0 "done": true, "name": "operations/${operationID}", "response": { - "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity", + "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity", "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com", "uniqueId": "12345678" } @@ -733,9 +734,9 @@ X-Xss-Protection: 0 "annotations": { "foo": "secretmanagersecret" }, - "createTime": "2024-12-16T17:40:10.834791Z", + "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-16T17:41:49.804979787Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -786,9 +787,9 @@ X-Xss-Protection: 0 "annotations": { "foo": "secretmanagersecret" }, - "createTime": "2024-12-16T17:40:10.834791Z", + "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-16T17:41:49.804979787Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -829,7 +830,7 @@ User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 t "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "expireTime": "2024-12-16T17:41:49.804979787Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -875,9 +876,9 @@ X-Xss-Protection: 0 "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "createTime": "2024-12-16T17:40:10.834791Z", + "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-16T17:41:49.804979787Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -930,9 +931,9 @@ X-Xss-Protection: 0 "bar": "secretmanagersecret-bar", "foo": "secretmanagersecret" }, - "createTime": "2024-12-16T17:40:10.834791Z", + "createTime": "2024-04-01T12:34:56.123456Z", "etag": "abcdef0123A=", - "expireTime": "2024-12-16T17:41:49.804979787Z", + "expireTime": "2024-04-01T12:34:56.123456Z", "labels": { "cnrm-test": "true", "label-one": "value-one", @@ -1329,7 +1330,7 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-12-16T17:39:42.801224464Z", + "createTime": "2024-04-01T12:34:56.123456Z", "destroyScheduledDuration": "2592000s", "labels": { "cnrm-test": "true", @@ -1402,7 +1403,7 @@ X-Xss-Protection: 0 { "algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION", - "createTime": "2024-12-16T17:39:42.801224464Z", + "createTime": "2024-04-01T12:34:56.123456Z", "destroyTime": "2024-04-01T12:34:56.123456Z", "generateTime": "2024-04-01T12:34:56.123456Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}/cryptoKeyVersions/1", @@ -1428,6 +1429,6 @@ X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 { - "createTime": "2024-12-16T17:39:42.164075240Z", + "createTime": "2024-04-01T12:34:56.123456Z", "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}" } \ No newline at end of file