EdZddlmZddlmZddlmZddlmZddlmZddl m Z ddl m Z dd l mZdd Zdd Zd ZdZGddeZGddeZGddeZGddeZGddeZdZdZdZy )z9Shared utilities to access the Google Secret Manager API.)absolute_import)division)unicode_literals) exceptions) list_pager)apis)base)iam_utilNc\tjd|xstjdS)zGet the default client. secretmanager)rGetClientInstanceResolveVersionversions )lib/googlecloudsdk/api_lib/secrets/api.py GetClientr/  2E $ 3 3O D FFc\tjd|xstjdS)z Get the default messages module.r )rGetMessagesModulerrs r GetMessagesr"rrc$dj|S)N,)join) update_masks r_FormatUpdateMaskr(s + rc  |sy|j|j}|dk(r7|r5|j|j|j|d}|dk(rg}t|D]m\}}|t |kr6|j |j ||j||J|j |j || o|j|j|  }|S) z1Create a replication message from its components.N) automaticrr kmsKeyName)customerManagedEncryptionz user-managed)locationr!)r")replicas) userManaged) Replication AutomaticCustomerManagedEncryption enumeratelenappendReplica UserManaged)messagespolicy locationskeys replicationr#ir"s r_MakeReplicationMessager3,s)  $$x/A/A/C$D+ {t&&$$&.&H&H7'I'$%%'&K ~H + 8 SY   !*2*L*L#Aw+M+(  ) * (()A,(?@,&&((((;'=K rceZdZdZddZy)ClientzBase class for all clients.Ncl|xs t||_|xs|jj|_yNr)rclientMESSAGES_MODULEr-)selfr8r- api_versions r__init__zClient.__init__Js):Ik:DK; ; ;DMrNNN)__name__ __module__ __qualname____doc__r<rrr5r5Gs #>**, ? . //rc|jj|j}tj|j |d|dS)&List secrets returning a pager object.rMr/pageSizerIrequestfieldlimitbatch_size_attribute)r-)SecretmanagerProjectsLocationsListRequestrQr YieldFromListrI)r: project_refrYrWs r ListWithPagerzLocations.ListWithPager\sPmmEE  % % 'F)G  # # '  ))rr=)r>r?r@rAr<rOr^ __classcell__rKs@rrDrDOs(2/ )rrDceZdZdZdfd Z ddZddZddZddZddZ ddZ dd Z d Z dd Z dd Z dd Z ddZxZS)SecretszHigh-level client for secrets.c|xs t|}tt||||jj |_yr7)rrGrbr<r8projects_secretsrIrJs rr<zSecrets.__init__ls4  5y5F '4!&(3;;//DLrc|xsg}t|j|||}g}| r2| D]-}|j|jj|/|jjj g}| r"| D]}|j j|d}| s| r|jj| | }d}| r|jj| }d}|jj|jjt|||j|jj |||||||||| S)zCreate a secret.rMadditionalPropertiesNnextRotationTimerotationPeriodr) labelstagsr1 expireTimettltopics annotationsrotationr!versionDestroyTtl)parentsecretIdsecret)r3r-r*TopicSecretAnnotationsValuergRotationr'rICreate)SecretmanagerProjectsSecretsCreateRequestGetParentRelativeNameForSecretName)r: secret_refr.r/rkrl expire_timernr0next_rotation_timerotation_periodrorpregional_kms_key_nameversion_destroy_ttlsecret_locationr1topics_message_listtopicnew_annotationsannotation_pairrqcustomer_managed_encryptions rrzzSecrets.Createqsl& :2D)$--*.0K %""4==#6#6E#6#BCmm**;;<!O(/,,33OD)H_''-o(h#'$(MM$K$K*%L%! k <<   ??1*oN__&=='''&*+!*E"5(  @  rc |jj|jj|t ||S)zDelete a secret.)etagrN)rIDeleter-)SecretmanagerProjectsSecretsDeleteRequestGetRelativeName)r:r~rrs rrzSecrets.Deletes= <<   ??OJH @  rc|jj|jjt ||S)z#Get the secret with the given name.rM)rIrOr-&SecretmanagerProjectsSecretsGetRequestrr:r~rs rrOz Secrets.Gets: <<   << _= =  rc\ |j||S#tj$rYywxYw)zGAttempt to get the secret, returning None if the secret does not exist.)r~rN)rOapitools_exceptionsHttpNotFoundErrorrs r GetOrNonezSecrets.GetOrNones2 XX_X MM  0 0 s ++c|jj|j|}tj|j |d|dS)rT)rsfiltersecretsrUrV)r-'SecretmanagerProjectsSecretsListRequestrQrr\rI)r:r]rYrequest_filterrWs rr^zSecrets.ListWithPagersSmmCC'').DBG  # # '  ))rc |jjt|||jj|jj ||}|j j |S)z)Adds a new version of an existing secret.)data dataCrc32c)payload)rsaddSecretVersionRequest)r--SecretmanagerProjectsSecretsAddVersionRequestrAddSecretVersionRequest SecretPayloadrI AddVersion)r:r~r data_crc32crrWs rrzSecrets.AddVersionsqmmIIz?; $ E EMM//k0!F! JG << " "7 ++rcd}| s| r|jj| | }g}|r2|D]-}|j|jj|/|jjj g}|r"|D]}|j j||jjjg}| r"| D]}|j j|d}|r|jj|}|jj|jjt|| |jj ||||||||| | t|S)zUpdate a secret.NrhrMrfr) rkversionAliasesrprrmrnrorqrrr!rNru updateMask)r-ryr*rvrwVersionAliasesValuergrxr'rIPatch(SecretmanagerProjectsSecretsPatchRequestrr)r:r~rkrrrrnroversion_aliasesrprrrrrrqrrnew_version_aliasesversion_alias_pairrrrs rUpdatezSecrets.Updates&H_''-o(Oh %""4==#6#6E#6#BC--..BBC! / 00778JK!0mm**;;<!O(/,,33OD)#'$(MM$K$K*%L%! <<   >> _===''2+&*!"5*E( )5 ?  rc t|j|||}|jj|jj |j |jj |tdgS)z2Set the replication policy on an existing secret..)r1r1r)r3r-rIrrrQrwr)r:r~r.r/r0r1s rSetReplicationzSecrets.SetReplication!st) vy$K <<   >>((*==''K'@(-9 ?  rc~|rQ|jj|_|jj t ||t j}nP|jj|_|jjt jt ||}|jj|S)zGet iam policy request. Args: resource_ref: Multitype resource (regional or global secret resource) secret_location: location of the secret, None if global Returns: Operation response )resourceoptions_requestedPolicyVersion)rr) r8projects_locations_secretsrIr-8SecretmanagerProjectsLocationsSecretsGetIamPolicyRequestrr !MAX_LIBRARY_IAM_SUPPORTED_VERSIONrd/SecretmanagerProjectsSecretsGetIamPolicyRequest GetIamPolicy)r: resource_refrreqs rrzSecrets.GetIamPolicy.s[[;;dl MM R R"<A)1)S)S S c [[11dl MM I I)1)S)S"<A J c << $ $S ))rc|r^|jj|_|jj t |||jj ||}n]|jj|_|jjt |||jj ||}|jj|S)zSet iam policy request. Args: secret_ref: secret resource policy: policy to be set update_mask: update mask secret_location: location of the secret, None if global Returns: Operation response )r.r)rsetIamPolicyRequest) r8rrIr-8SecretmanagerProjectsLocationsSecretsSetIamPolicyRequestrSetIamPolicyRequestrd/SecretmanagerProjectsSecretsSetIamPolicyRequest SetIamPolicy)r:r~r.rrrs rrzSecrets.SetIamPolicyGs[[;;dl MM R R":?"mm?? @  S c[[11dl MM I I":?"mm?? @  J c << $ $S ))rc|j||}tj|_tj|j j |j j|||||j|||S)zAdd iam policy binding request.r condition) rr rr"AddBindingToIamPolicyWithConditionr-BindingExprrr: resorce_refmemberrolerrr.s rAddIamPolicyBindingzSecrets.AddIamPolicyBindinghs{  {O  LF??FN //       V_  rc|j||}tj|_tj|||||j |||S)z"Remove iam policy binding request.rr)rr rr'RemoveBindingFromIamPolicyWithConditionrrs rRemoveIamPolicyBindingzSecrets.RemoveIamPolicyBindingzsa  {O  LF??FN 44     V_  rr=) NNNNNNNNNNNNrF) NNNNNNNNNNN)r>r?r@rAr<rzrrOrr^rrrrrrrr_r`s@rrbrbis&0    !?B ) ,"    >@ *4CG*DHL&HLrrbc,eZdZdZdfd ZddZxZS) SecretsLatestz%High-level client for latest secrets.cftt| ||||jj|_yrF)rGrr<r8projects_secrets_latestrI)r:r8r- api_versionsrKs rr<zSecretsLatest.__init__s' -',G;;66DLrc|jj|jjt ||S)z&Access the latest version of a secret.rM)rIAccessr-/SecretmanagerProjectsSecretsLatestAccessRequestrrs rrzSecretsLatest.Accesss; <<   EE _= F  rr=rF)r>r?r@rAr<rr_r`s@rrrs-7rrc^eZdZdZd fd Zd dZd dZd dZd dZd dZ d dZ d d Z xZ S) Versionsz&High-level client for secret versions.cftt| ||||jj|_yrF)rGrr<r8projects_secrets_versionsrIrJs rr<zVersions.__init__s' (D"68[A;;88DLrc|jj|jjt ||S)z&Access a specific version of a secret.rM)rIrr-1SecretmanagerProjectsSecretsVersionsAccessRequestrr: version_refrs rrzVersions.Accesss; <<   GG o> H  rc |jj|}|jj|jj |t ||S)zDestroy a secret version.r)destroySecretVersionRequestrN)r-DestroySecretVersionRequestrIDestroy2SecretmanagerProjectsSecretsVersionsDestroyRequestr)r:rrrdestroy_secret_version_requests rrzVersions.Destroy\%)]]%N%N &O&" <<   HH(F o> I  rc |jj|}|jj|jj |t ||S)zDisable a secret version.r)disableSecretVersionRequestrN)r-DisableSecretVersionRequestrIDisable2SecretmanagerProjectsSecretsVersionsDisableRequestr)r:rrrdisable_secret_version_requests rrzVersions.Disablerrc |jj|}|jj|jj |t ||S)zEnable a secret version.r)enableSecretVersionRequestrN)r-EnableSecretVersionRequestrIEnable1SecretmanagerProjectsSecretsVersionsEnableRequestr)r:rrrenable_secret_version_requests rrzVersions.Enables\$(MM$L$L %M%! <<   GG'D o> H  rc|jj|jjt ||S)z+Get the secret version with the given name.rM)rIrOr-.SecretmanagerProjectsSecretsVersionsGetRequestrrs rrOz Versions.Gets; <<   DD o> E  rc|jjt|||}|jj |S)z!List secrets and return an array.)rsrU)r-/SecretmanagerProjectsSecretsVersionsListRequestrrIList)r:r~rYrrWs rrz Versions.Lists?mmKKz?;eLG <<  W %%rc|jjt|||d}tj|j |d|ddS)rTr)rsrrUversionsrU)rIrWrXrY batch_sizerZ)r-rrrr\rI)r:r~rYrrrWs rr^zVersions.ListWithPagersYmmKKz?;LG  # # '  ))rr=rFr) r>r?r@rAr<rrrrrOrr^r_r`s@rrrs5.9   &EI)rrc||tjjk(ry|tjjk(ryy)z'Returns api version based on the track.v1beta2v1N)r ReleaseTrackBETAGA)tracks rGetApiFromTrackrs5 d$$$  !!$$$ %rc|rQ|j}|jd}dj|ddd|dzdj|ddzS|jS)N/ /locations/)rQsplitr)rr" resource_urir s rrrsi ((*L   s #E 88E"1I ;xj!: :SXXeABi=P PP     rc|r&|jj}|d|zS|jjS)Nr )ParentrQ)rr"r s rr|r|sB ??$113L Kz2 22   ' ' ))rrF)rA __future__rrrapitools.base.pyrrrgooglecloudsdk.api_lib.utilrgooglecloudsdk.callioper googlecloudsdk.command_lib.iamr rrrr3objectr5rDrbrrrrr|rBrrrs@&'>',(3F F 6