google-cloud-secret_manager-v1 0.4.1 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c56e848f11b4a29f377ddaf2abfa57696a2e81a0cd28e37b2e31ac69541e54bd
-  data.tar.gz: e36e4a3e29fa7ae09e9fc3b2fd80269f3f696529ea600d1de432c240d03ee645
+  metadata.gz: 60f66ce89caf973101116d6d957c9b4ba970b5330b1f8861031e8003c5c7a165
+  data.tar.gz: dd5055b0d36e650f2b725081fbda8db240da05986d388a2b202634cd0441dc97
 SHA512:
-  metadata.gz: f2f2e3677d8423f6d4abf63b5b9d073a815ec6aa29d6e0ca97b8b58e266e99ecfc94906b8fb53ccc2763335221041260a861c6c0d17e3adbccbd9dcd4e8f1aa7
-  data.tar.gz: 39ba848ca08e7e059d8419b414080a066f406b24f5d5162e272c6a7ff944e157460939ff29a808ad57c758789622b03db5bfc9a55ef53b934736e9cbd217813c
+  metadata.gz: d1cc3dff17faab412f0fe300f5f3226045cf00f965ef0ed3073d052a372a71f62b999bc8b3ee2ae67dfc82a699dda3a411d4a69c6016cf0b8d783a3490a5ca34
+  data.tar.gz: 7ea0ce88abfc1b4423d27723d48857610a245a393b8f5a083664f5bbf6465d112cdbe3ac1986279aac74406c76c0bee05c5a872626c51b94270c996cf021a4a2

data/README.md

@@ -18,6 +18,7 @@ In order to use this library, you first need to go through the following steps:
 
 1. [Select or create a Cloud Platform project.](https://console.cloud.google.com/project)
 1. [Enable billing for your project.](https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project)
+1. [Enable the API.](https://console.cloud.google.com/apis/library/secretmanager.googleapis.com)
 1. {file:AUTHENTICATION.md Set up authentication.}
 
 ## Quick Start
@@ -33,6 +34,9 @@ response = client.list_secrets request
 View the [Client Library Documentation](https://googleapis.dev/ruby/google-cloud-secret_manager-v1/latest)
 for class and method documentation.
 
+See also the [Product Documentation](https://cloud.google.com/secret-manager)
+for general usage information.
+
 ## Enabling Logging
 
 To enable logging for this library, set the logger for the underlying [gRPC](https://github.com/grpc/grpc/tree/master/src/ruby) library.

data/lib/google/cloud/secret_manager/v1/secret_manager_service/client.rb

@@ -92,7 +92,7 @@ module Google
                   initial_delay: 1.0,
                   max_delay:     60.0,
                   multiplier:    1.3,
-                  retry_codes:   ["UNAVAILABLE", "UNKNOWN"]
+                  retry_codes:   [14, 2]
                 }
 
                 default_config.rpcs.disable_secret_version.timeout = 60.0
@@ -1347,7 +1347,7 @@ module Google
 
               config_attr :endpoint,      "secretmanager.googleapis.com", ::String
               config_attr :credentials,   nil do |value|
-                allowed = [::String, ::Hash, ::Proc, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
+                allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
                 allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
                 allowed.any? { |klass| klass === value }
               end
@@ -1375,7 +1375,7 @@ module Google
               def rpcs
                 @rpcs ||= begin
                   parent_rpcs = nil
-                  parent_rpcs = @parent_config.rpcs if @parent_config&.respond_to? :rpcs
+                  parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config&.respond_to?(:rpcs)
                   Rpcs.new parent_rpcs
                 end
               end

data/lib/google/cloud/secret_manager/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module SecretManager
       module V1
-        VERSION = "0.4.1"
+        VERSION = "0.5.0"
       end
     end
   end

data/lib/google/cloud/secretmanager/v1/resources_pb.rb

@@ -20,6 +20,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :create_time, :message, 2, "google.protobuf.Timestamp"
       optional :destroy_time, :message, 3, "google.protobuf.Timestamp"
       optional :state, :enum, 4, "google.cloud.secretmanager.v1.SecretVersion.State"
+      optional :replication_status, :message, 5, "google.cloud.secretmanager.v1.ReplicationStatus"
     end
     add_enum "google.cloud.secretmanager.v1.SecretVersion.State" do
       value :STATE_UNSPECIFIED, 0
@@ -34,12 +35,36 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       end
     end
     add_message "google.cloud.secretmanager.v1.Replication.Automatic" do
+      optional :customer_managed_encryption, :message, 1, "google.cloud.secretmanager.v1.CustomerManagedEncryption"
     end
     add_message "google.cloud.secretmanager.v1.Replication.UserManaged" do
       repeated :replicas, :message, 1, "google.cloud.secretmanager.v1.Replication.UserManaged.Replica"
     end
     add_message "google.cloud.secretmanager.v1.Replication.UserManaged.Replica" do
       optional :location, :string, 1
+      optional :customer_managed_encryption, :message, 2, "google.cloud.secretmanager.v1.CustomerManagedEncryption"
+    end
+    add_message "google.cloud.secretmanager.v1.CustomerManagedEncryption" do
+      optional :kms_key_name, :string, 1
+    end
+    add_message "google.cloud.secretmanager.v1.ReplicationStatus" do
+      oneof :replication_status do
+        optional :automatic, :message, 1, "google.cloud.secretmanager.v1.ReplicationStatus.AutomaticStatus"
+        optional :user_managed, :message, 2, "google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus"
+      end
+    end
+    add_message "google.cloud.secretmanager.v1.ReplicationStatus.AutomaticStatus" do
+      optional :customer_managed_encryption, :message, 1, "google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus"
+    end
+    add_message "google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus" do
+      repeated :replicas, :message, 1, "google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus.ReplicaStatus"
+    end
+    add_message "google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus.ReplicaStatus" do
+      optional :location, :string, 1
+      optional :customer_managed_encryption, :message, 2, "google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus"
+    end
+    add_message "google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus" do
+      optional :kms_key_version_name, :string, 1
     end
     add_message "google.cloud.secretmanager.v1.SecretPayload" do
       optional :data, :bytes, 1
@@ -58,6 +83,12 @@ module Google
         Replication::Automatic = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.Replication.Automatic").msgclass
         Replication::UserManaged = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.Replication.UserManaged").msgclass
         Replication::UserManaged::Replica = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.Replication.UserManaged.Replica").msgclass
+        CustomerManagedEncryption = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.CustomerManagedEncryption").msgclass
+        ReplicationStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus").msgclass
+        ReplicationStatus::AutomaticStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus.AutomaticStatus").msgclass
+        ReplicationStatus::UserManagedStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus").msgclass
+        ReplicationStatus::UserManagedStatus::ReplicaStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus.ReplicaStatus").msgclass
+        CustomerManagedEncryptionStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus").msgclass
         SecretPayload = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.SecretPayload").msgclass
       end
     end

data/lib/google/cloud/secretmanager/v1/service_services_pb.rb

@@ -24,9 +24,6 @@ module Google
     module SecretManager
       module V1
         module SecretManagerService
-          # `projects/*/secrets/*/versions/latest` is an alias to the `latest`
-          # [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
-          #
           # Secret Manager Service
           #
           # Manages secrets and operations using those secrets. Implements a REST

data/proto_docs/google/cloud/secretmanager/v1/resources.rb

@@ -83,6 +83,9 @@ module Google
         # @!attribute [r] state
         #   @return [::Google::Cloud::SecretManager::V1::SecretVersion::State]
         #     Output only. The current state of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
+        # @!attribute [rw] replication_status
+        #   @return [::Google::Cloud::SecretManager::V1::ReplicationStatus]
+        #     The replication status of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
         class SecretVersion
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -106,7 +109,7 @@ module Google
           end
         end
 
-        # A policy that defines the replication configuration of data.
+        # A policy that defines the replication and encryption configuration of data.
         # @!attribute [rw] automatic
         #   @return [::Google::Cloud::SecretManager::V1::Replication::Automatic]
         #     The {::Google::Cloud::SecretManager::V1::Secret Secret} will automatically be replicated without any restrictions.
@@ -119,6 +122,14 @@ module Google
 
           # A replication policy that replicates the {::Google::Cloud::SecretManager::V1::Secret Secret} payload without any
           # restrictions.
+          # @!attribute [rw] customer_managed_encryption
+          #   @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryption]
+          #     Optional. The customer-managed encryption configuration of the {::Google::Cloud::SecretManager::V1::Secret Secret}. If no
+          #     configuration is provided, Google-managed default encryption is used.
+          #
+          #     Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret} encryption configuration only apply to
+          #     {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} added afterwards. They do not apply
+          #     retroactively to existing {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions}.
           class Automatic
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -140,6 +151,15 @@ module Google
             #   @return [::String]
             #     The canonical IDs of the location to replicate data.
             #     For example: `"us-east1"`.
+            # @!attribute [rw] customer_managed_encryption
+            #   @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryption]
+            #     Optional. The customer-managed encryption configuration of the [User-Managed
+            #     Replica][Replication.UserManaged.Replica]. If no configuration is
+            #     provided, Google-managed default encryption is used.
+            #
+            #     Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret} encryption configuration only apply to
+            #     {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} added afterwards. They do not apply
+            #     retroactively to existing {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions}.
             class Replica
               include ::Google::Protobuf::MessageExts
               extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -147,6 +167,97 @@ module Google
           end
         end
 
+        # Configuration for encrypting secret payloads using customer-managed
+        # encryption keys (CMEK).
+        # @!attribute [rw] kms_key_name
+        #   @return [::String]
+        #     Required. The resource name of the Cloud KMS CryptoKey used to encrypt secret
+        #     payloads.
+        #
+        #     For secrets using the {::Google::Cloud::SecretManager::V1::Replication::UserManaged UserManaged} replication
+        #     policy type, Cloud KMS CryptoKeys must reside in the same location as the
+        #     [replica location][Secret.UserManaged.Replica.location].
+        #
+        #     For secrets using the {::Google::Cloud::SecretManager::V1::Replication::Automatic Automatic} replication policy
+        #     type, Cloud KMS CryptoKeys must reside in `global`.
+        #
+        #     The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
+        class CustomerManagedEncryption
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # The replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
+        # @!attribute [rw] automatic
+        #   @return [::Google::Cloud::SecretManager::V1::ReplicationStatus::AutomaticStatus]
+        #     Describes the replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} with
+        #     automatic replication.
+        #
+        #     Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret} has an automatic replication
+        #     policy.
+        # @!attribute [rw] user_managed
+        #   @return [::Google::Cloud::SecretManager::V1::ReplicationStatus::UserManagedStatus]
+        #     Describes the replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} with
+        #     user-managed replication.
+        #
+        #     Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret} has a user-managed replication
+        #     policy.
+        class ReplicationStatus
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # The replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} using automatic replication.
+          #
+          # Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret} has an automatic replication
+          # policy.
+          # @!attribute [r] customer_managed_encryption
+          #   @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryptionStatus]
+          #     Output only. The customer-managed encryption status of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. Only
+          #     populated if customer-managed encryption is used.
+          class AutomaticStatus
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # The replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} using user-managed
+          # replication.
+          #
+          # Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret} has a user-managed replication
+          # policy.
+          # @!attribute [r] replicas
+          #   @return [::Array<::Google::Cloud::SecretManager::V1::ReplicationStatus::UserManagedStatus::ReplicaStatus>]
+          #     Output only. The list of replica statuses for the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
+          class UserManagedStatus
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+
+            # Describes the status of a user-managed replica for the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
+            # @!attribute [r] location
+            #   @return [::String]
+            #     Output only. The canonical ID of the replica location.
+            #     For example: `"us-east1"`.
+            # @!attribute [r] customer_managed_encryption
+            #   @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryptionStatus]
+            #     Output only. The customer-managed encryption status of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. Only
+            #     populated if customer-managed encryption is used.
+            class ReplicaStatus
+              include ::Google::Protobuf::MessageExts
+              extend ::Google::Protobuf::MessageExts::ClassMethods
+            end
+          end
+        end
+
+        # Describes the status of customer-managed encryption.
+        # @!attribute [rw] kms_key_version_name
+        #   @return [::String]
+        #     Required. The resource name of the Cloud KMS CryptoKeyVersion used to encrypt the
+        #     secret payload, in the following format:
+        #     `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.
+        class CustomerManagedEncryptionStatus
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # A secret payload resource in the Secret Manager API. This contains the
         # sensitive secret payload that is associated with a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
         # @!attribute [rw] data

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-secret_manager-v1
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.5.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-05-26 00:00:00.000000000 Z
+date: 2020-09-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.2'
+        version: '0.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.2'
+        version: '0.3'
 - !ruby/object:Gem::Dependency
   name: google-cloud-errors
   requirement: !ruby/object:Gem::Requirement
@@ -224,7 +224,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.6
+rubygems_version: 3.1.3
 signing_key: 
 specification_version: 4
 summary: API Client library for the Secret Manager V1 API