Skip to content

chore(secretmanager): Add samples for deleting secret annotations and updating annotation and label args #13511

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 6 commits into
base: main
Choose a base branch
from

Conversation

durgesh-ninave-crest
Copy link
Contributor

@durgesh-ninave-crest durgesh-ninave-crest commented Jul 18, 2025

Description

Created samples for Global and Regional Secret Manager API

Samples

  • Delete Secret Annotation
  • Delete Regional Secret Annotations

Also, fixed the TypeError in some samples by changing the initialization of labels and annotations from a set to a dictionary.

Checklist

@product-auto-label product-auto-label bot added api: secretmanager Issues related to the Secret Manager API. samples Issues that are directly related to samples. labels Jul 18, 2025
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Summary of Changes

Hello @durgesh-ninave-crest, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the sample coverage for Google Cloud Secret Manager by introducing new Python examples that demonstrate advanced management of secret metadata, specifically focusing on labels and annotations. It also addresses a critical bug by correcting the data structure used for labels and annotations in several existing samples, improving their reliability and correctness.

Highlights

  • New Secret Manager Samples: I've added new Python samples for Google Cloud Secret Manager, specifically demonstrating how to edit secret labels and delete secret annotations. These samples cover both global and regional Secret Manager API interactions.
  • Bug Fix: TypeError in Samples: I've addressed a TypeError in several existing Secret Manager samples. The issue stemmed from labels and annotations being incorrectly initialized as sets ({key, value}) instead of dictionaries ({key: value}). This has been corrected across all affected samples.
  • Expanded Test Coverage: Corresponding unit tests have been added or updated in snippets_test.py and regional_samples/snippets_test.py to validate the functionality of the newly introduced samples for deleting annotations and editing labels.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in issue comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

The pull request introduces new samples for managing secret labels and annotations in both global and regional Secret Manager APIs, and fixes a bug in existing samples related to TypeError on label and annotation initialization.

Comment on lines 494 to 500
) -> None:
project_id, secret_id, _ = secret
delete_secret_annotation(project_id, secret_id, annotation_key)
with pytest.raises(exceptions.NotFound):
print(f"{client}")
name = f"projects/{project_id}/secrets/{secret_id}/versions/latest"
retry_client_access_secret_version(client, request={"name": name})
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

critical

This test has a critical logical flaw. Deleting an annotation does not affect the secret or its versions, so checking for exceptions.NotFound when accessing a version is incorrect. The test currently passes only because the secret fixture doesn't create a version, so access_secret_version with the 'latest' alias fails.

The test should be updated to verify that the annotation is removed from the secret.

# Verify the annotation was deleted.
    secret_name = client.secret_path(project_id, secret_id)
    updated_secret = client.get_secret(request={"name": secret_name})
    assert annotation_key not in updated_secret.annotations

@durgesh-ninave-crest durgesh-ninave-crest changed the title feat(secretmanager): Add samples for labels and annotations in Secret Manager feat(secretmanager): Added samples for delete secret annotation in Secret Manager Jul 18, 2025
@YashSaraf11
Copy link

This is not a feature, please use chore for future work!

Also please update the title of the pull request, since we are adding more than delete secrets annotation code samples here

@durgesh-ninave-crest durgesh-ninave-crest changed the title feat(secretmanager): Added samples for delete secret annotation in Secret Manager chore(secretmanager): Add samples for deleting secret annotations and updating annotation and label args Jul 21, 2025
@YashSaraf11 YashSaraf11 marked this pull request as ready for review July 21, 2025 04:15
@YashSaraf11 YashSaraf11 requested review from a team as code owners July 21, 2025 04:15
Copy link

snippet-bot bot commented Jul 21, 2025

Here is the summary of changes.

You are about to add 2 region tags.

This comment is generated by snippet-bot.
If you find problems with this result, please file an issue at:
https://github.com/googleapis/repo-automation-bots/issues.
To update this comment, add snippet-bot:force-run label or use the checkbox below:

  • Refresh this comment

YashSaraf11
YashSaraf11 previously approved these changes Jul 22, 2025
Copy link

@YashSaraf11 YashSaraf11 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@YashSaraf11 YashSaraf11 self-assigned this Jul 22, 2025
@YashSaraf11 YashSaraf11 added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 22, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 22, 2025
@@ -469,6 +470,24 @@ def test_create_regional_secret_with_label(
assert secret_id in secret.name


def test_delete_regional_secret_annotation(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add some asserts in the tests

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I followed the pattern of the other delete test cases, which is why it was missing. I've added the necessary assertion to the tests.

@YashSaraf11 YashSaraf11 self-requested a review July 22, 2025 04:50
@YashSaraf11 YashSaraf11 dismissed their stale review July 22, 2025 04:58

The tests are missing assertion

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
api: secretmanager Issues related to the Secret Manager API. samples Issues that are directly related to samples.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants