chore(secretmanager): Add samples for deleting secret annotations and updating annotation and label args #13511
Conversation
product-auto-label
bot
added
api: secretmanager
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary of Changes
Hello @durgesh-ninave-crest, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
This pull request significantly enhances the sample coverage for Google Cloud Secret Manager by introducing new Python examples that demonstrate advanced management of secret metadata, specifically focusing on labels and annotations. It also addresses a critical bug by correcting the data structure used for labels and annotations in several existing samples, improving their reliability and correctness.
Highlights
- New Secret Manager Samples: I've added new Python samples for Google Cloud Secret Manager, specifically demonstrating how to edit secret labels and delete secret annotations. These samples cover both global and regional Secret Manager API interactions.
- Bug Fix: TypeError in Samples: I've addressed a
TypeErrorin several existing Secret Manager samples. The issue stemmed fromlabelsandannotationsbeing incorrectly initialized as sets ({key, value}) instead of dictionaries ({key: value}). This has been corrected across all affected samples. - Expanded Test Coverage: Corresponding unit tests have been added or updated in
snippets_test.pyandregional_samples/snippets_test.pyto validate the functionality of the newly introduced samples for deleting annotations and editing labels.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
| ) -> None: | ||
| project_id, secret_id, _ = secret | ||
| delete_secret_annotation(project_id, secret_id, annotation_key) | ||
| with pytest.raises(exceptions.NotFound): | ||
| print(f"{client}") | ||
| name = f"projects/{project_id}/secrets/{secret_id}/versions/latest" | ||
| retry_client_access_secret_version(client, request={"name": name}) |
There was a problem hiding this comment.
This test has a critical logical flaw. Deleting an annotation does not affect the secret or its versions, so checking for exceptions.NotFound when accessing a version is incorrect. The test currently passes only because the secret fixture doesn't create a version, so access_secret_version with the 'latest' alias fails.
The test should be updated to verify that the annotation is removed from the secret.
# Verify the annotation was deleted.
secret_name = client.secret_path(project_id, secret_id)
updated_secret = client.get_secret(request={"name": secret_name})
assert annotation_key not in updated_secret.annotations
There was a problem hiding this comment.
@durgesh-ninave-crest can you please update, this was not addressed and we have marked this as resolved. Please add an assert statement to verify that the annotations were removed!
There was a problem hiding this comment.
I've already added an assertion.
secretmanager/snippets/regional_samples/delete_regional_secret_annotation.py
Show resolved
Hide resolved
secretmanager/snippets/regional_samples/delete_regional_secret_annotation.py
Show resolved
Hide resolved
durgesh-ninave-crest
changed the title
|
This is not a feature, please use chore for future work! Also please update the title of the pull request, since we are adding more than delete secrets annotation code samples here |
durgesh-ninave-crest
changed the title
|
Here is the summary of changes. You are about to add 2 region tags.
This comment is generated by snippet-bot.
|
YashSaraf11
added
the
kokoro:force-run
kokoro-team
removed
the
kokoro:force-run
| @@ -469,6 +470,24 @@ def test_create_regional_secret_with_label( | |||
| assert secret_id in secret.name | |||
|
|
|||
|
|
|||
| def test_delete_regional_secret_annotation( | |||
There was a problem hiding this comment.
Can we add some asserts in the tests
There was a problem hiding this comment.
I followed the pattern of the other delete test cases, which is why it was missing. I've added the necessary assertion to the tests.
There was a problem hiding this comment.
The assert statement doesn't verify the functionality of the sample, we should assert to verify the operation performed.
Here you could have verified that after deleting the secret annotation, it should be null. Please update similarly at all other places.
There was a problem hiding this comment.
I've updated the assertion to reflect the intended functionality of the sample.
| ) -> None: | ||
| project_id, secret_id, _ = secret | ||
| delete_secret_annotation(project_id, secret_id, annotation_key) | ||
| with pytest.raises(exceptions.NotFound): | ||
| print(f"{client}") | ||
| name = f"projects/{project_id}/secrets/{secret_id}/versions/latest" | ||
| retry_client_access_secret_version(client, request={"name": name}) |
There was a problem hiding this comment.
@durgesh-ninave-crest can you please update, this was not addressed and we have marked this as resolved. Please add an assert statement to verify that the annotations were removed!
| @@ -469,6 +470,24 @@ def test_create_regional_secret_with_label( | |||
| assert secret_id in secret.name | |||
|
|
|||
|
|
|||
| def test_delete_regional_secret_annotation( | |||
There was a problem hiding this comment.
The assert statement doesn't verify the functionality of the sample, we should assert to verify the operation performed.
Here you could have verified that after deleting the secret annotation, it should be null. Please update similarly at all other places.
durgesh-ninave-crest
force-pushed
the
secretmanager-label-and-annotation-samples
branch
from
e75e533 to
0703bef
Compare
Description
Created samples for Global and Regional Secret Manager API
Samples
Also, fixed the TypeError in some samples by changing the initialization of
labelsandannotationsfrom a set to a dictionary.Checklist
nox -s py-3.9(see Test Environment Setup)nox -s lint(see Test Environment Setup)