def _RunUpdate(self, original, args): messages = secrets_api.GetMessages() secret_ref = args.CONCEPTS.secret.Parse() # Collect the list of update masks update_mask = [] labels_diff = labels_util.Diff.FromUpdateArgs(args) if labels_diff.MayHaveUpdates(): update_mask.append('labels') # Validations if not update_mask: raise exceptions.InvalidArgumentException( 'labels', self.NO_CHANGES_MESSAGE.format(secret=secret_ref.Name())) labels_update = labels_diff.Apply(messages.Secret.LabelsValue, original.labels) labels = original.labels if labels_update.needs_update: labels = labels_update.labels secret = secrets_api.Secrets().Update(secret_ref=secret_ref, labels=labels, update_mask=update_mask) secrets_log.Secrets().Updated(secret_ref) return secret
def Run(self, args): messages = secrets_api.GetMessages() secret_ref = args.CONCEPTS.secret.Parse() # List all secret versions and parse their refs versions = secrets_api.Versions().ListWithPager(secret_ref=secret_ref, limit=9999) version_refs = [] for version in versions: if version.state != messages.SecretVersion.StateValueValuesEnum.DESTROYED: version_ref = secrets_args.ParseVersionRef(version.name) version_refs.append(version_ref) msg = self.CONFIRM_DELETE_MESSAGE.format( secret=secret_ref.Name(), num_versions=len(version_refs)) console_io.PromptContinue(msg, throw_if_unattended=True, cancel_on_no=True) for version_ref in version_refs: secrets_api.Versions().Destroy(version_ref) secrets_log.Versions().Destroyed(version_ref) result = secrets_api.Secrets().Delete(secret_ref) secrets_log.Secrets().Deleted(secret_ref) return result
def Run(self, args): messages = secrets_api.GetMessages( version=secrets_util.GetVersionFromReleasePath( self.ReleaseTrack())) secret_ref = args.CONCEPTS.secret.Parse() # List all secret versions and parse their refs versions = secrets_api.Versions( version=secrets_util.GetVersionFromReleasePath( self.ReleaseTrack())).ListWithPager(secret_ref=secret_ref, limit=9999) active_version_count = 0 for version in versions: if version.state != messages.SecretVersion.StateValueValuesEnum.DESTROYED: active_version_count += 1 msg = self.CONFIRM_DELETE_MESSAGE.format( secret=secret_ref.Name(), num_versions=active_version_count) console_io.PromptContinue(msg, throw_if_unattended=True, cancel_on_no=True) result = secrets_api.Secrets( version=secrets_util.GetVersionFromReleasePath( self.ReleaseTrack())).Delete(secret_ref) secrets_log.Secrets().Deleted(secret_ref) return result
def Run(self, args): messages = secrets_api.GetMessages() secret_ref = args.CONCEPTS.secret.Parse() data = secrets_util.ReadFileOrStdin(args.data_file) labels = labels_util.ParseCreateArgs(args, messages.Secret.LabelsValue) # Create the secret response = secrets_api.Secrets().Create( secret_ref, labels=labels, locations=args.locations) # Create the version if data was given if data: version = secrets_api.Secrets().SetData(secret_ref, data) version_ref = secrets_args.ParseVersionRef(version.name) secrets_log.Versions().Created(version_ref) else: secrets_log.Secrets().Created(secret_ref) return response
def _RunUpdate(self, original, args): messages = secrets_api.GetMessages() secret_ref = args.CONCEPTS.secret.Parse() data = secrets_util.ReadFileOrStdin(args.data_file) # Collect the list of update masks update_mask = [] labels_diff = labels_util.Diff.FromUpdateArgs(args) if labels_diff.MayHaveUpdates(): update_mask.append('labels') locations = args.locations if locations: update_mask.append('policy.replicaLocations') update_mask.sort() # Validations if not update_mask and not data: raise exceptions.ToolException( self.NO_CHANGES_MESSAGE.format(secret=secret_ref.Name())) if update_mask: labels = labels_diff.Apply(messages.Secret.LabelsValue, original.labels).GetOrNone() secret = secrets_api.Secrets().Update(secret_ref=secret_ref, locations=args.locations, labels=labels, update_mask=update_mask) secrets_log.Secrets().Updated(secret_ref) if not data: return secret version = secrets_api.Secrets().SetData(secret_ref, data) version_ref = secrets_args.ParseVersionRef(version.name) secrets_log.Versions().Created(version_ref) return version
def Run(self, args): messages = secrets_api.GetMessages() secret_ref = args.CONCEPTS.secret.Parse() data = secrets_util.ReadFileOrStdin(args.data_file) labels = labels_util.ParseCreateArgs(args, messages.Secret.LabelsValue) # Differentiate between the flag being provided with an empty value and the # flag being omitted. See b/138796299 for info. if args.data_file == '': # pylint: disable=g-explicit-bool-comparison raise exceptions.ToolException(self.EMPTY_DATA_FILE_MESSAGE) # Create the secret response = secrets_api.Secrets().Create( secret_ref, labels=labels, locations=args.locations) # Create the version if data was given if data: version = secrets_api.Secrets().SetData(secret_ref, data) version_ref = secrets_args.ParseVersionRef(version.name) secrets_log.Versions().Created(version_ref) else: secrets_log.Secrets().Created(secret_ref) return response
def _RunCreate(self, args): messages = secrets_api.GetMessages() secret_ref = args.CONCEPTS.secret.Parse() data = secrets_util.ReadFileOrStdin(args.data_file) locations = args.locations if not locations: raise parser_errors.RequiredError(argument='--locations') labels = labels_util.Diff.FromUpdateArgs(args).Apply( messages.Secret.LabelsValue).GetOrNone() secret = secrets_api.Secrets().Create(secret_ref=secret_ref, labels=labels, locations=locations) secrets_log.Secrets().Created(secret_ref) if not data: return secret version = secrets_api.Secrets().SetData(secret_ref, data) version_ref = secrets_args.ParseVersionRef(version.name) secrets_log.Versions().Created(version_ref) return version
def Run(self, args): messages = secrets_api.GetMessages() secret_ref = args.CONCEPTS.secret.Parse() data = secrets_util.ReadFileOrStdin(args.data_file) replication_policy_contents = secrets_util.ReadFileOrStdin( args.replication_policy_file, is_binary=False) labels = labels_util.ParseCreateArgs(args, messages.Secret.LabelsValue) replication_policy = args.replication_policy locations = args.locations kms_keys = [] if args.replication_policy_file and args.replication_policy: raise exceptions.ConflictingArgumentsException( self.POLICY_AND_POLICY_FILE_MESSAGE) if args.replication_policy_file and args.locations: raise exceptions.ConflictingArgumentsException( self.LOCATIONS_AND_POLICY_FILE_MESSAGE) if args.replication_policy_file and args.kms_key_name: raise exceptions.ConflictingArgumentsException( self.KMS_KEY_AND_POLICY_FILE_MESSAGE) if args.kms_key_name: kms_keys.append(args.kms_key_name) if args.replication_policy_file: if not replication_policy_contents: raise exceptions.InvalidArgumentException( 'replication-policy', self.REPLICATION_POLICY_FILE_EMPTY_MESSAGE) replication_policy, locations, kms_keys = secrets_util.ParseReplicationFileContents( replication_policy_contents) else: if not replication_policy: replication_policy = properties.VALUES.secrets.replication_policy.Get( ) default_to_automatic = replication_policy is None if default_to_automatic: replication_policy = 'automatic' if replication_policy not in {'user-managed', 'automatic'}: if args.replication_policy: raise exceptions.InvalidArgumentException( 'replication-policy', self.INVALID_POLICY_MESSAGE) raise exceptions.InvalidArgumentException( 'replication-policy', self.INVALID_POLICY_PROP_MESSAGE) if replication_policy == 'user-managed' and kms_keys: raise exceptions.InvalidArgumentException( 'kms-key-name', self.KMS_KEY_AND_USER_MANAGED_MESSAGE) if not locations: # if locations weren't given, try to get them from properties locations = properties.VALUES.secrets.locations.Get() if locations: locations = locations.split(',') if replication_policy == 'user-managed' and not locations: raise exceptions.RequiredArgumentException( 'locations', self.MANAGED_BUT_NO_LOCATIONS_MESSAGE) if replication_policy == 'automatic': if args.locations: # check args.locations separately from locations because we have # different error messages depending on whether the user used the # --locations flag or the secrets/locations property if args.replication_policy: raise exceptions.InvalidArgumentException( 'locations', self.AUTOMATIC_AND_LOCATIONS_MESSAGE) if default_to_automatic: raise exceptions.InvalidArgumentException( 'locations', self.NO_POLICY_AND_LOCATIONS_MESSAGE) raise exceptions.InvalidArgumentException( 'locations', self.AUTOMATIC_PROP_AND_LOCATIONS_MESSAGE) if locations: raise exceptions.InvalidArgumentException( 'replication-policy', self.AUTOMATIC_AND_LOCATIONS_PROP_MESSAGE) locations = [] # Differentiate between the flag being provided with an empty value and the # flag being omitted. See b/138796299 for info. if args.data_file == '': # pylint: disable=g-explicit-bool-comparison raise exceptions.BadFileException(self.EMPTY_DATA_FILE_MESSAGE) if args.expire_time: msg = self.CONFIRM_EXPIRE_TIME_MESSAGE.format( expire_time=args.expire_time) console_io.PromptContinue(msg, throw_if_unattended=True, cancel_on_no=True) if args.ttl: msg = self.CONFIRM_TTL_MESSAGE.format(ttl=args.ttl) console_io.PromptContinue(msg, throw_if_unattended=True, cancel_on_no=True) # Create the secret response = secrets_api.Secrets().Create( secret_ref, labels=labels, locations=locations, policy=replication_policy, expire_time=args.expire_time, ttl=args.ttl, keys=kms_keys, next_rotation_time=args.next_rotation_time, rotation_period=args.rotation_period, topics=args.topics) if data: data_crc32c = crc32c.get_crc32c(data) version = secrets_api.Secrets().AddVersion( secret_ref, data, crc32c.get_checksum(data_crc32c)) version_ref = secrets_args.ParseVersionRef(version.name) secrets_log.Versions().Created(version_ref) else: secrets_log.Secrets().Created(secret_ref) return response
def Run(self, args): messages = secrets_api.GetMessages() secret_ref = args.CONCEPTS.secret.Parse() data = secrets_util.ReadFileOrStdin(args.data_file) labels = labels_util.ParseCreateArgs(args, messages.Secret.LabelsValue) replication_policy = args.replication_policy if not replication_policy: replication_policy = properties.VALUES.secrets.replication_policy.Get( ) if not replication_policy: raise exceptions.RequiredArgumentException( 'replication-policy', self.MISSING_POLICY_MESSAGE) if replication_policy not in {'user-managed', 'automatic'}: if args.replication_policy: raise exceptions.InvalidArgumentException( 'replication-policy', self.INVALID_POLICY_MESSAGE) raise exceptions.InvalidArgumentException( 'replication-policy', self.INVALID_POLICY_PROP_MESSAGE) locations = args.locations if not locations: # if locations weren't given, try to get them from properties locations = properties.VALUES.secrets.locations.Get() if locations: locations = locations.split(',') if replication_policy == 'user-managed' and not locations: raise exceptions.RequiredArgumentException( 'locations', self.MANAGED_BUT_NO_LOCATIONS_MESSAGE) if replication_policy == 'automatic': if args.locations: # check args.locations separately from locations because we have # different error messages depending on whether the user used the # --locations flag or the secrets/locations property if args.replication_policy: raise exceptions.InvalidArgumentException( 'locations', self.AUTOMATIC_AND_LOCATIONS_MESSAGE) raise exceptions.InvalidArgumentException( 'locations', self.AUTOMATIC_PROP_AND_LOCATIONS_MESSAGE) if locations: raise exceptions.InvalidArgumentException( 'replication-policy', self.AUTOMATIC_AND_LOCATIONS_PROP_MESSAGE) locations = [] # Differentiate between the flag being provided with an empty value and the # flag being omitted. See b/138796299 for info. if args.data_file == '': # pylint: disable=g-explicit-bool-comparison raise exceptions.BadFileException(self.EMPTY_DATA_FILE_MESSAGE) # Create the secret response = secrets_api.Secrets().Create(secret_ref, labels=labels, locations=locations, policy=replication_policy) if data: version = secrets_api.Secrets().AddVersion(secret_ref, data) version_ref = secrets_args.ParseVersionRef(version.name) secrets_log.Versions().Created(version_ref) else: secrets_log.Secrets().Created(secret_ref) return response
def _RunUpdate(self, original, args): messages = secrets_api.GetMessages() secret_ref = args.CONCEPTS.secret.Parse() # Collect the list of update masks update_mask = [] labels_diff = labels_util.Diff.FromUpdateArgs(args) if labels_diff.MayHaveUpdates(): update_mask.append('labels') if args.IsSpecified('ttl'): update_mask.append('ttl') if args.IsSpecified('expire_time') or args.IsSpecified('remove_expiration'): update_mask.append('expire_time') if args.IsSpecified('add_topics') or args.IsSpecified( 'remove_topics') or args.IsSpecified('clear_topics'): update_mask.append('topics') # Validations if not update_mask: raise exceptions.MinimumArgumentException([ '--clear-labels', '--remove-labels', '--update-labels', '--ttl', '--expire-time', '--remove-expiration', '--clear-topics', '--remove-topics', '--add-topics' ], self.NO_CHANGES_MESSAGE.format(secret=secret_ref.Name())) labels_update = labels_diff.Apply(messages.Secret.LabelsValue, original.labels) labels = original.labels if labels_update.needs_update: labels = labels_update.labels if 'topics' in update_mask: topics = secrets_util.ApplyTopicsUpdate(args, original.topics) else: topics = [] if args.expire_time: msg = self.CONFIRM_EXPIRE_TIME_MESSAGE.format( expire_time=args.expire_time) console_io.PromptContinue( msg, throw_if_unattended=True, cancel_on_no=True) if args.ttl: msg = self.CONFIRM_TTL_MESSAGE.format(ttl=args.ttl) console_io.PromptContinue( msg, throw_if_unattended=True, cancel_on_no=True) secret = secrets_api.Secrets().Update( secret_ref=secret_ref, labels=labels, update_mask=update_mask, expire_time=args.expire_time, ttl=args.ttl, topics=topics) secrets_log.Secrets().Updated(secret_ref) return secret
def _RunUpdate(self, original, args): messages = secrets_api.GetMessages() secret_ref = args.CONCEPTS.secret.Parse() # Collect the list of update masks update_mask = [] labels_diff = labels_util.Diff.FromUpdateArgs(args) if labels_diff.MayHaveUpdates(): update_mask.append('labels') if args.IsSpecified('ttl'): update_mask.append('ttl') if args.IsSpecified('expire_time') or args.IsSpecified( 'remove_expiration'): update_mask.append('expire_time') if ((args.IsSpecified('next_rotation_time') or args.IsSpecified('remove_next_rotation_time')) or args.IsSpecified('remove_rotation_schedule')): update_mask.append('rotation.next_rotation_time') if ((args.IsSpecified('rotation_period') or args.IsSpecified('remove_rotation_period')) or args.IsSpecified('remove_rotation_schedule')): update_mask.append('rotation.rotation_period') if args.IsSpecified('add_topics') or args.IsSpecified( 'remove_topics') or args.IsSpecified('clear_topics'): update_mask.append('topics') if args.IsSpecified('update_version_aliases') or args.IsSpecified( 'remove_version_aliases') or args.IsSpecified( 'clear_version_aliases'): update_mask.append('version_aliases') # Validations if not update_mask: raise exceptions.MinimumArgumentException([ '--clear-labels', '--remove-labels', '--update-labels', '--ttl', '--expire-time', '--remove-expiration', '--clear-topics', '--remove-topics', '--add-topics', '--update-version-aliases', '--remove-version-aliases', '--clear-version-aliases', '--next-rotation-time', '--remove-next-rotation-time', '--rotation-period', '--remove-rotation-period', '--remove-rotation-schedule' ], self.NO_CHANGES_MESSAGE.format(secret=secret_ref.Name())) labels_update = labels_diff.Apply(messages.Secret.LabelsValue, original.labels) labels = original.labels if labels_update.needs_update: labels = labels_update.labels if args.expire_time: msg = self.CONFIRM_EXPIRE_TIME_MESSAGE.format( expire_time=args.expire_time) console_io.PromptContinue(msg, throw_if_unattended=True, cancel_on_no=True) if args.ttl: msg = self.CONFIRM_TTL_MESSAGE.format(ttl=args.ttl) console_io.PromptContinue(msg, throw_if_unattended=True, cancel_on_no=True) if 'topics' in update_mask: topics = secrets_util.ApplyTopicsUpdate(args, original.topics) else: topics = [] version_aliases = [] if 'version_aliases' in update_mask: version_aliases = [] if original.versionAliases is None: original.versionAliases = messages.Secret.VersionAliasesValue( additionalProperties=[]) version_aliases_dict = secrets_util.ApplyAliasUpdate( args, original.versionAliases.additionalProperties) for alias, version in version_aliases_dict.items(): version_aliases.append( messages.Secret.VersionAliasesValue.AdditionalProperty( key=alias, value=version)) secret = secrets_api.Secrets().Update( secret_ref=secret_ref, labels=labels, version_aliases=version_aliases, update_mask=update_mask, etag=args.etag, expire_time=args.expire_time, ttl=args.ttl, topics=topics, next_rotation_time=args.next_rotation_time, rotation_period=args.rotation_period) secrets_log.Secrets().Updated(secret_ref) return secret