def _RunUpdate(self, original, args):
messages = secrets_api.GetMessages(
version=secrets_util.GetVersionFromReleasePath(self.ReleaseTrack()))
secret_ref = args.CONCEPTS.secret.Parse()
# Collect the list of update masks
update_mask = []
labels_diff = labels_util.Diff.FromUpdateArgs(args)
if labels_diff.MayHaveUpdates():
update_mask.append('labels')
# Validations
if not update_mask:
raise exceptions.InvalidArgumentException(
'labels', self.NO_CHANGES_MESSAGE.format(secret=secret_ref.Name()))
labels_update = labels_diff.Apply(messages.Secret.LabelsValue,
original.labels)
labels = original.labels
if labels_update.needs_update:
labels = labels_update.labels
secret = secrets_api.Secrets(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).Update(
secret_ref=secret_ref, labels=labels, update_mask=update_mask)
secrets_log.Secrets().Updated(secret_ref)
return secret
def Run(self, args):
messages = secrets_api.GetMessages(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack()))
secret_ref = args.CONCEPTS.secret.Parse()
# List all secret versions and parse their refs
versions = secrets_api.Versions(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).ListWithPager(secret_ref=secret_ref,
limit=9999)
active_version_count = 0
for version in versions:
if version.state != messages.SecretVersion.StateValueValuesEnum.DESTROYED:
active_version_count += 1
msg = self.CONFIRM_DELETE_MESSAGE.format(
secret=secret_ref.Name(), num_versions=active_version_count)
console_io.PromptContinue(msg,
throw_if_unattended=True,
cancel_on_no=True)
result = secrets_api.Secrets(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).Delete(secret_ref)
secrets_log.Secrets().Deleted(secret_ref)
return result
def Run(self, args):
version_ref = args.CONCEPTS.version.Parse()
result = secrets_api.Versions(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).Enable(version_ref)
secrets_log.Versions().Enabled(version_ref)
return result
def Run(self, args):
project_ref = args.CONCEPTS.project.Parse()
if not project_ref:
raise exceptions.RequiredArgumentException(
'project',
'Please set a project with "--project" flag or "gcloud config set project <project_id>".'
)
return secrets_api.Locations(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).ListWithPager(project_ref=project_ref,
limit=args.limit)
def Run(self, args):
version_ref = args.CONCEPTS.version.Parse()
# Destructive action, prompt to continue
console_io.PromptContinue(self.CONFIRM_DESTROY_MESSAGE.format(
version=version_ref.Name(), secret=version_ref.Parent().Name()),
throw_if_unattended=True,
cancel_on_no=True)
result = secrets_api.Versions(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).Destroy(version_ref)
secrets_log.Versions().Destroyed(version_ref)
return result
def Run(self, args):
secret_ref = args.CONCEPTS.secret.Parse()
# Attempt to get the secret
secret = secrets_api.Secrets(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).GetOrNone(secret_ref)
# Secret does not exist
if secret is None:
raise exceptions.InvalidArgumentException(
'secret',
self.SECRET_MISSING_MESSAGE.format(secret=secret_ref.Name()))
# The secret exists, update it
return self._RunUpdate(secret, args)
def Run(self, args):
secret_ref = args.CONCEPTS.secret.Parse()
data = secrets_util.ReadFileOrStdin(args.data_file)
# Differentiate between the flag being provided with an empty value and the
# flag being omitted. See b/138796299 for info.
if args.data_file == '': # pylint: disable=g-explicit-bool-comparison
raise exceptions.BadFileException(self.EMPTY_DATA_FILE_MESSAGE)
version = secrets_api.Secrets(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).AddVersion(secret_ref, data)
version_ref = secrets_args.ParseVersionRef(version.name)
secrets_log.Versions().Created(version_ref)
return version
def Run(self, args):
secret_ref = args.CONCEPTS.secret.Parse()
secret = secrets_api.Secrets(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).Get(secret_ref)
return secret
def Run(self, args):
location_ref = args.CONCEPTS.location.Parse()
return secrets_api.Locations(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).Get(location_ref)
def Run(self, args):
version_ref = args.CONCEPTS.version.Parse()
return secrets_api.Versions(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).Access(version_ref)
def Run(self, args):
secret_ref = args.CONCEPTS.secret.Parse()
return secrets_api.Versions(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).ListWithPager(secret_ref=secret_ref,
limit=args.limit)
def Run(self, args):
messages = secrets_api.GetMessages(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack()))
secret_ref = args.CONCEPTS.secret.Parse()
data = secrets_util.ReadFileOrStdin(args.data_file)
labels = labels_util.ParseCreateArgs(args, messages.Secret.LabelsValue)
replication_policy = args.replication_policy
if not replication_policy:
replication_policy = properties.VALUES.secrets.replication_policy.Get(
)
if not replication_policy:
raise exceptions.RequiredArgumentException(
'replication-policy', self.MISSING_POLICY_MESSAGE)
if replication_policy not in {'user-managed', 'automatic'}:
if args.replication_policy:
raise exceptions.InvalidArgumentException(
'replication-policy', self.INVALID_POLICY_MESSAGE)
raise exceptions.InvalidArgumentException(
'replication-policy', self.INVALID_POLICY_PROP_MESSAGE)
locations = args.locations
if not locations:
# if locations weren't given, try to get them from properties
locations = properties.VALUES.secrets.locations.Get()
if locations:
locations = locations.split(',')
if replication_policy == 'user-managed' and not locations:
raise exceptions.RequiredArgumentException(
'locations', self.MANAGED_BUT_NO_LOCATIONS_MESSAGE)
if replication_policy == 'automatic':
if args.locations:
# check args.locations separately from locations because we have
# different error messages depending on whether the user used the
# --locations flag or the secrets/locations property
if args.replication_policy:
raise exceptions.InvalidArgumentException(
'locations', self.AUTOMATIC_AND_LOCATIONS_MESSAGE)
raise exceptions.InvalidArgumentException(
'locations', self.AUTOMATIC_PROP_AND_LOCATIONS_MESSAGE)
if locations:
raise exceptions.InvalidArgumentException(
'replication-policy',
self.AUTOMATIC_AND_LOCATIONS_PROP_MESSAGE)
locations = []
# Differentiate between the flag being provided with an empty value and the
# flag being omitted. See b/138796299 for info.
if args.data_file == '': # pylint: disable=g-explicit-bool-comparison
raise exceptions.BadFileException(self.EMPTY_DATA_FILE_MESSAGE)
# Create the secret
response = secrets_api.Secrets(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).Create(secret_ref,
labels=labels,
locations=locations,
policy=replication_policy)
if data:
version = secrets_api.Secrets(
version=secrets_util.GetVersionFromReleasePath(
self.ReleaseTrack())).AddVersion(secret_ref, data)
version_ref = secrets_args.ParseVersionRef(version.name)
secrets_log.Versions().Created(version_ref)
else:
secrets_log.Secrets().Created(secret_ref)
return response
