diff --git a/secret-manager/deleteSecretAnnotation.js b/secret-manager/deleteSecretAnnotation.js new file mode 100644 index 0000000000..7273cda862 --- /dev/null +++ b/secret-manager/deleteSecretAnnotation.js @@ -0,0 +1,66 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +async function main(name, annotationKey) { + // [START secretmanager_delete_secret_annotation] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const name = 'projects/my-project/secrets/my-secret'; + // const annotationKey = 'secretmanager'; + + // Imports the Secret Manager library + const {SecretManagerServiceClient} = require('@google-cloud/secret-manager'); + + // Instantiates a client + const client = new SecretManagerServiceClient(); + + async function getSecret() { + const [secret] = await client.getSecret({ + name: name, + }); + + return secret; + } + + async function deleteSecretAnnotation() { + const oldSecret = await getSecret(); + if (!oldSecret.annotations) { + console.info( + `Secret ${oldSecret.name} has no annotations, skipping update.` + ); + return; + } + delete oldSecret.annotations[annotationKey]; + const [secret] = await client.updateSecret({ + secret: { + name: name, + annotations: oldSecret.annotations, + }, + updateMask: { + paths: ['annotations'], + }, + }); + + console.info(`Updated secret ${secret.name}`); + } + + deleteSecretAnnotation(); + // [END secretmanager_delete_secret_annotation] +} + +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/secret-manager/regional_samples/deleteRegionalSecretAnnotation.js b/secret-manager/regional_samples/deleteRegionalSecretAnnotation.js new file mode 100644 index 0000000000..ab7eca2a68 --- /dev/null +++ b/secret-manager/regional_samples/deleteRegionalSecretAnnotation.js @@ -0,0 +1,73 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +async function main(projectId, locationId, secretId, annotationKey) { + // [START secretmanager_delete_regional_secret_annotation] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const projectId = 'my-project' + // const locationId = 'locationId'; + // const secretId = 'my-secret'; + // const annotationKey = 'secretmanager'; + const name = `projects/${projectId}/locations/${locationId}/secrets/${secretId}`; + + // Imports the Secret Manager library + const {SecretManagerServiceClient} = require('@google-cloud/secret-manager'); + + // Adding the endpoint to call the regional secret manager sever + const options = {}; + options.apiEndpoint = `secretmanager.${locationId}.rep.googleapis.com`; + + // Instantiates a client + const client = new SecretManagerServiceClient(options); + + async function getSecret() { + const [secret] = await client.getSecret({ + name: name, + }); + + return secret; + } + + async function deleteRegionalSecretAnnotation() { + const oldSecret = await getSecret(); + if (!oldSecret.annotations) { + console.info( + `Secret ${oldSecret.name} has no annotations, skipping update.` + ); + return; + } + delete oldSecret.annotations[annotationKey]; + const [secret] = await client.updateSecret({ + secret: { + name: name, + annotations: oldSecret.annotations, + }, + updateMask: { + paths: ['annotations'], + }, + }); + + console.info(`Updated secret ${secret.name}`); + } + + deleteRegionalSecretAnnotation(); + // [END secretmanager_delete_regional_secret_annotation] +} + +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/secret-manager/test/secretmanager.test.js b/secret-manager/test/secretmanager.test.js index 3d60ddc191..f7a3ad684b 100644 --- a/secret-manager/test/secretmanager.test.js +++ b/secret-manager/test/secretmanager.test.js @@ -547,6 +547,20 @@ describe('Secret Manager samples', () => { assert.match(output, new RegExp(`Updated secret ${regionalSecret.name}`)); }); + it('deletes a secret annotation', async () => { + const output = execSync( + `node deleteSecretAnnotation.js ${secret.name} ${annotationKey}` + ); + assert.match(output, new RegExp(`Updated secret ${secret.name}`)); + }); + + it('deletes a regional secret annotation', async () => { + const output = execSync( + `node regional_samples/deleteRegionalSecretAnnotation.js ${projectId} ${locationId} ${secretId} ${annotationKey}` + ); + assert.match(output, new RegExp(`Updated secret ${regionalSecret.name}`)); + }); + it('deletes a regional secret', async () => { const output = execSync( `node regional_samples/deleteRegionalSecret.js ${projectId} ${locationId} ${secretId}-3`