mock gcp log

GoogleCloudPlatform · Dec 12, 2024 · 16438ad · 16438ad
1 parent 31cacb9
commit 16438ad
Show file tree

Hide file tree

Showing 12 changed files with 161 additions and 9 deletions.
diff --git a/mockgcp/mocksecretmanager/secrets.go b/mockgcp/mocksecretmanager/secrets.go
@@ -84,6 +84,13 @@ func (s *SecretsV1) populateDefaultsForSecret(ctx context.Context, obj *pb.Secre
 			return fmt.Errorf("Aliases cannot be assigned to versions that don't exist")
 		}
 	}
+	// TTL and ExpireTime are OneOf, but the GCP service always converts TTL to expireTime before storing the object.
+	if obj.GetTtl() != nil {
+		expirateTime := timestamppb.Now().AsTime().Add(obj.GetTtl().AsDuration())
+		obj.Expiration = &pb.Secret_ExpireTime{
+			ExpireTime: timestamppb.New(expirateTime),
+		}
+	}
 	return nil
 }
 
@@ -154,6 +161,10 @@ func (s *SecretsV1) UpdateSecret(ctx context.Context, req *pb.UpdateSecretReques
 			updated.Expiration = &pb.Secret_ExpireTime{
 				ExpireTime: req.Secret.GetExpireTime(),
 			}
+		case "ttl":
+			updated.Expiration = &pb.Secret_Ttl{
+				Ttl: req.Secret.GetTtl(),
+			}
 		case "expiration":
 			updated.Expiration = req.Secret.GetExpiration()
 		case "rotation.nextRotationTime":

diff --git a/...r/v1beta1/basicsecretmanagersecret/_generated_object_basicsecretmanagersecret.golden.yaml b/...r/v1beta1/basicsecretmanagersecret/_generated_object_basicsecretmanagersecret.golden.yaml
@@ -2,6 +2,7 @@ apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
 kind: SecretManagerSecret
 metadata:
   annotations:
+    alpha.cnrm.cloud.google.com/reconciler: direct
     cnrm.cloud.google.com/management-conflict-prevention-policy: none
     cnrm.cloud.google.com/project-id: ${projectId}
   finalizers:

diff --git a/...fullsecretmanagersecret-auto-legacy/_generated_export_fullsecretmanagersecret-auto.golden b/...fullsecretmanagersecret-auto-legacy/_generated_export_fullsecretmanagersecret-auto.golden
@@ -0,0 +1,23 @@
+apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
+kind: SecretManagerSecret
+metadata:
+  annotations:
+    cnrm.cloud.google.com/project-id: ${projectId}
+  labels:
+    cnrm-test: "true"
+    label-one: value-one
+    label-two: value-two
+    managed-by-cnrm: "true"
+  name: secretmanagersecret-${uniqueId}
+spec:
+  annotations:
+    bar: secretmanagersecret-bar
+    foo: secretmanagersecret
+  expireTime: "2025-10-03T15:01:23Z"
+  resourceID: secretmanagersecret-${uniqueId}
+  rotation:
+    nextRotationTime: "2025-10-03T15:01:23Z"
+    rotationPeriod: 3600s
+  topics:
+  - topicRef:
+      external: projects/${projectId}/topics/topic-2-${uniqueId}
diff --git a/...eta1/fullsecretmanagersecret-auto-legacy/_generated_export_fullsecretmanagersecret.golden b/...eta1/fullsecretmanagersecret-auto-legacy/_generated_export_fullsecretmanagersecret.golden
@@ -0,0 +1,28 @@
+apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
+kind: SecretManagerSecret
+metadata:
+  annotations:
+    cnrm.cloud.google.com/project-id: ${projectId}
+  labels:
+    cnrm-test: "true"
+    label-one: value-one
+    label-two: value-two
+    managed-by-cnrm: "true"
+  name: secretmanagersecret-${uniqueId}
+spec:
+  annotations:
+    bar: secretmanagersecret-bar
+    foo: secretmanagersecret
+  expireTime: "2025-10-03T15:01:23Z"
+  replication:
+    auto:
+      customerManagedEncryption:
+        kmsKeyRef:
+          external: projects/${projectId}/locations/global/keyRings/kmskeyring-${uniqueId}/cryptoKeys/kmscryptokey-${uniqueId}
+  resourceID: secretmanagersecret-${uniqueId}
+  rotation:
+    nextRotationTime: "2025-10-03T15:01:23Z"
+    rotationPeriod: 7200s
+  topics:
+  - topicRef:
+      external: projects/${projectId}/topics/topic-2-${uniqueId}
diff --git a/...ecretmanagersecret-auto-legacy/_generated_object_fullsecretmanagersecret-auto.golden.yaml b/...ecretmanagersecret-auto-legacy/_generated_object_fullsecretmanagersecret-auto.golden.yaml
@@ -0,0 +1,40 @@
+apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
+kind: SecretManagerSecret
+metadata:
+  annotations:
+    cnrm.cloud.google.com/management-conflict-prevention-policy: none
+    cnrm.cloud.google.com/project-id: ${projectId}
+    cnrm.cloud.google.com/state-into-spec: absent
+  finalizers:
+  - cnrm.cloud.google.com/finalizer
+  - cnrm.cloud.google.com/deletion-defender
+  generation: 3
+  labels:
+    cnrm-test: "true"
+    label-one: value-one
+    label-two: value-two
+  name: secretmanagersecret-${uniqueId}
+  namespace: ${uniqueId}
+spec:
+  annotations:
+    bar: secretmanagersecret-bar
+    foo: secretmanagersecret
+  expireTime: "2025-10-03T15:01:23Z"
+  replication:
+    automatic: true
+  resourceID: secretmanagersecret-${uniqueId}
+  rotation:
+    nextRotationTime: "2025-10-03T15:01:23Z"
+    rotationPeriod: 3600s
+  topics:
+  - topicRef:
+      name: topic-2-${uniqueId}
+status:
+  conditions:
+  - lastTransitionTime: "1970-01-01T00:00:00Z"
+    message: The resource is up to date
+    reason: UpToDate
+    status: "True"
+    type: Ready
+  name: projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}
+  observedGeneration: 3
diff --git a/...fullsecretmanagersecret-auto-legacy/_generated_object_fullsecretmanagersecret.golden.yaml b/...fullsecretmanagersecret-auto-legacy/_generated_object_fullsecretmanagersecret.golden.yaml
@@ -0,0 +1,44 @@
+apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
+kind: SecretManagerSecret
+metadata:
+  annotations:
+    cnrm.cloud.google.com/management-conflict-prevention-policy: none
+    cnrm.cloud.google.com/project-id: ${projectId}
+  finalizers:
+  - cnrm.cloud.google.com/finalizer
+  - cnrm.cloud.google.com/deletion-defender
+  generation: 2
+  labels:
+    cnrm-test: "true"
+    label-one: value-one
+    label-two: value-two
+  name: secretmanagersecret-${uniqueId}
+  namespace: ${uniqueId}
+spec:
+  annotations:
+    bar: secretmanagersecret-bar
+    foo: secretmanagersecret
+  expireTime: "2025-10-03T15:01:23Z"
+  replication:
+    auto:
+      customerManagedEncryption:
+        kmsKeyRef:
+          name: kmscryptokey-${uniqueId}
+    automatic: true
+  rotation:
+    nextRotationTime: "2025-10-03T15:01:23Z"
+    rotationPeriod: 7200s
+  topics:
+  - topicRef:
+      name: topic-2-${uniqueId}
+status:
+  conditions:
+  - lastTransitionTime: "1970-01-01T00:00:00Z"
+    message: The resource is up to date
+    reason: UpToDate
+    status: "True"
+    type: Ready
+  externalRef: projects/${projectId}/secrets/secretmanagersecret-${uniqueId}
+  name: projects/${projectNumber}/secrets/secretmanagersecret-${uniqueId}
+  observedGeneration: 2
+  observedState: {}
diff --git a/...ixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log b/...ixture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-auto-legacy/_http.log
@@ -167,6 +167,7 @@ Content-Type: application/json
 User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager
 
 200 OK
+Cache-Control: private
 Content-Type: application/json; charset=UTF-8
 Server: ESF
 Vary: Origin
@@ -180,7 +181,7 @@ X-Xss-Protection: 0
   "done": true,
   "name": "operations/${operationID}",
   "response": {
-    "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity",
+    "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity",
     "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com",
     "uniqueId": "12345678"
   }
@@ -899,5 +900,4 @@ Vary: Referer
 X-Content-Type-Options: nosniff
 X-Frame-Options: SAMEORIGIN
 X-Xss-Protection: 0
-
-{}
+{}
diff --git a/...anagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden b/...anagersecret-manual-direct/_generated_export_fullsecretmanagersecret-manual-direct.golden
@@ -13,7 +13,7 @@ spec:
   annotations:
     bar: secretmanagersecret-bar
     foo: secretmanagersecret
-  expireTime: "2024-12-12T06:58:02.096290745Z"
+  expireTime: "2025-10-03T15:01:23Z"
   replication:
     userManaged:
       replicas:

diff --git a/...ture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log b/...ture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-direct/_http.log
@@ -349,6 +349,7 @@ Content-Type: application/json
 User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager
 
 200 OK
+Cache-Control: private
 Content-Type: application/json; charset=UTF-8
 Server: ESF
 Vary: Origin
@@ -362,7 +363,7 @@ X-Xss-Protection: 0
   "done": true,
   "name": "operations/${operationID}",
   "response": {
-    "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity",
+    "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity",
     "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com",
     "uniqueId": "12345678"
   }
@@ -1493,4 +1494,4 @@ X-Xss-Protection: 0
 {
   "createTime": "2024-04-01T12:34:56.123456Z",
   "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}"
-}
+}
diff --git a/...anagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden b/...anagersecret-manual-legacy/_generated_export_fullsecretmanagersecret-manual-legacy.golden
@@ -13,7 +13,7 @@ spec:
   annotations:
     bar: secretmanagersecret-bar
     foo: secretmanagersecret
-  expireTime: "2024-12-12T06:55:04.583510160Z"
+  expireTime: "2025-10-03T15:01:23Z"
   replication:
     userManaged:
       replicas:

diff --git a/...ture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log b/...ture/testdata/basic/secretmanager/v1beta1/fullsecretmanagersecret-manual-legacy/_http.log
@@ -349,6 +349,7 @@ Content-Type: application/json
 User-Agent: Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager
 
 200 OK
+Cache-Control: private
 Content-Type: application/json; charset=UTF-8
 Server: ESF
 Vary: Origin
@@ -362,7 +363,7 @@ X-Xss-Protection: 0
   "done": true,
   "name": "operations/${operationID}",
   "response": {
-    "@type": "type.googleapis.com/google.api.serviceusage.v1beta1.ServiceIdentity",
+    "@type": "type.googleapis.com/mockgcp.api.serviceusage.v1beta1.ServiceIdentity",
     "email": "service-${projectNumber}@gcp-sa-secretmanager.iam.gserviceaccount.com",
     "uniqueId": "12345678"
   }
@@ -1430,4 +1431,4 @@ X-Xss-Protection: 0
 {
   "createTime": "2024-04-01T12:34:56.123456Z",
   "name": "projects/${projectId}/locations/us-central1/keyRings/kmskeyring-${uniqueId}"
-}
+}
diff --git a/tests/e2e/normalize.go b/tests/e2e/normalize.go
@@ -146,6 +146,9 @@ func normalizeKRMObject(t *testing.T, u *unstructured.Unstructured, project test
 	// Specific to Certificate Manager
 	visitor.replacePaths[".status.dnsResourceRecord[].data"] = "${uniqueId}"
 
+	// Specific to Secret Manager
+	visitor.replacePaths[".spec.expireTime"] = "2025-10-03T15:01:23Z"
+
 	// Specific to MonitoringDashboard
 	visitor.stringTransforms = append(visitor.stringTransforms, func(path string, s string) string {
 		if strings.HasSuffix(path, ".alertChart.alertPolicyRef.external") {