diff --git a/.github/workflows/parametermanager.yaml b/.github/workflows/parametermanager.yaml new file mode 100644 index 0000000000..9f2c7b2ab9 --- /dev/null +++ b/.github/workflows/parametermanager.yaml @@ -0,0 +1,52 @@ +# Copyright 2025 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: parametermanager +on: + push: + branches: + - main + paths: + - 'parametermanager/**' + - '.github/workflows/parametermanager.yaml' + pull_request: + types: + - opened + - reopened + - synchronize + - labeled + paths: + - 'parametermanager/**' + - '.github/workflows/parametermanager.yaml' + schedule: + - cron: '0 0 * * 0' +jobs: + test: + # Ref: https://github.com/google-github-actions/auth#usage + permissions: + contents: 'read' + id-token: 'write' + if: github.event.action != 'labeled' || github.event.label.name == 'actions:force-run' + uses: ./.github/workflows/test.yaml + with: + name: 'parametermanager' + path: 'parametermanager' + flakybot: + # Ref: https://github.com/google-github-actions/auth#usage + permissions: + contents: 'read' + id-token: 'write' + if: github.event_name == 'schedule' && always() # always() submits logs even if tests fail + uses: ./.github/workflows/flakybot.yaml + needs: [test] diff --git a/.github/workflows/utils/workflows.json b/.github/workflows/utils/workflows.json index ec662d7be7..002145312a 100644 --- a/.github/workflows/utils/workflows.json +++ b/.github/workflows/utils/workflows.json @@ -79,6 +79,7 @@ "mediatranslation", "monitoring/prometheus", "monitoring/snippets", + "parametermanager", "retail", "run/filesystem", "scheduler", diff --git a/parametermanager/README.md b/parametermanager/README.md index b8cd53a814..dad3d8e230 100644 --- a/parametermanager/README.md +++ b/parametermanager/README.md @@ -1 +1,32 @@ -### Initial README.md placeholder file. \ No newline at end of file +## Sample Snippets for Google Parameter Manager API + +Google [Parameter Manager](https://cloud.google.com/secret-manager/parameter-manager/docs/overview) +provides a centralized storage for all configuration parameters related to your workload deployments. +Parameters are variables, often in the form of key-value pairs, which customize how an application functions. +These samples demonstrate how to access +the Parameter Manager API using the Google Node API Client Libraries. + +## Prerequisites + +### Enable the API + +You +must [enable the Parameter Manager API](https://console.cloud.google.com/apis/enableflow?apiid=parametermanager.googleapis.com) +for your project in order to use these samples + +### Grant Permissions + +You must ensure that +the [user account or service account](https://cloud.google.com/iam/docs/service-accounts#differences_between_a_service_account_and_a_user_account) +you used to authorize your gcloud session has the proper permissions to edit Parameter Manager resources for your project. +In the Cloud Console under IAM, add the following roles to the project whose service account you're using to test: + +* Parameter Manager Admin (`roles/parametermanager.admin`) +* Parameter Manager Parameter Accessor (`roles/parametermanager.parameterAccessor`) +* Parameter Manager Parameter Version Adder (`roles/parametermanager.parameterVersionAdder`) + +To use the rendering of secret through parameter manager add the following role also: +* Secret Manager Secret Accessor (`roles/secretmanager.secretAccessor`) + +More information can be found in +the [Parameter Manager Docs](https://cloud.google.com/secret-manager/parameter-manager/docs/access-control) \ No newline at end of file diff --git a/parametermanager/createParam.js b/parametermanager/createParam.js new file mode 100644 index 0000000000..27a64f653d --- /dev/null +++ b/parametermanager/createParam.js @@ -0,0 +1,53 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +/** + * Creates a global parameter using the Parameter Manager SDK. + * + * @param {string} projectId - The Google Cloud project ID where the parameter is to be created. + * @param {string} parameterId - The ID of the parameter to create. This ID must be unique within the project. + */ +async function main(projectId = 'my-project', parameterId = 'my-parameter') { + // [START parametermanager_create_param] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const projectId = 'YOUR_PROJECT_ID'; + // const parameterId = 'YOUR_PARAMETER_ID'; + + // Imports the Parameter Manager library + const {ParameterManagerClient} = require('@google-cloud/parametermanager'); + + // Instantiates a client + const client = new ParameterManagerClient(); + + async function createParam() { + const parent = client.locationPath(projectId, 'global'); + const request = { + parent: parent, + parameterId: parameterId, + }; + + const [parameter] = await client.createParameter(request); + console.log(`Created parameter: ${parameter.name}`); + } + + await createParam(); + // [END parametermanager_create_param] +} + +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/parametermanager/createParamVersion.js b/parametermanager/createParamVersion.js new file mode 100644 index 0000000000..9c383022e6 --- /dev/null +++ b/parametermanager/createParamVersion.js @@ -0,0 +1,75 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +/** + * Creates a parameter version globally for unstructured data. + * + * @param {string} projectId - The Google Cloud project ID where the parameter is to be created + * @param {string} parameterId - The ID of the parameter for which the version is to be created. + * @param {string} parameterVersionId - The ID of the parameter version to be created. + * @param {string} payload - The unformatted string payload to be stored in the new parameter version. + */ +async function main( + projectId = 'my-project', + parameterId = 'my-parameter', + parameterVersionId = 'v1', + payload = 'This is unstructured data' +) { + // [START parametermanager_create_param_version] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const projectId = 'YOUR_PROJECT_ID'; + // const parameterId = 'YOUR_PARAMETER_ID'; + // const parameterVersionId = 'YOUR_PARAMETER_VERSION_ID'; + // const payload = 'This is unstructured data'; + + // Imports the Parameter Manager library + const {ParameterManagerClient} = require('@google-cloud/parametermanager'); + + // Instantiates a client + const client = new ParameterManagerClient(); + + async function createParamVersion() { + // Construct the parent resource name + const parent = client.parameterPath(projectId, 'global', parameterId); + + // Construct the parameter version + const parameterVersion = { + payload: { + data: Buffer.from(payload, 'utf8'), + }, + }; + + // Construct the request + const request = { + parent: parent, + parameterVersionId: parameterVersionId, + parameterVersion: parameterVersion, + }; + + // Create the parameter version + const [response] = await client.createParameterVersion(request); + console.log(`Created parameter version: ${response.name}`); + } + + await createParamVersion(); + // [END parametermanager_create_param_version] +} + +// Parse command line arguments +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/parametermanager/createParamVersionWithSecret.js b/parametermanager/createParamVersionWithSecret.js new file mode 100644 index 0000000000..5e1bb26e02 --- /dev/null +++ b/parametermanager/createParamVersionWithSecret.js @@ -0,0 +1,85 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +/** + * Creates a new version of an existing parameter in the global location + * of the specified project using the Google Cloud Parameter Manager SDK. + * The payload is specified as a JSON string and includes a reference to a secret. + * + * @param {string} projectId - The Google Cloud project ID where the parameter is located. + * @param {string} parameterId - The ID of the parameter for which the version is to be created. + * @param {string} parameterVersionId - The ID of the parameter version to be created. + * @param {string} secretId - The ID of the secret to be referenced. + */ +async function main( + projectId = 'my-project', + parameterId = 'my-parameter', + parameterVersionId = 'v1', + secretId = 'projects/my-project/secrets/application-secret/version/latest' +) { + // [START parametermanager_create_param_version_with_secret] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const projectId = 'YOUR_PROJECT_ID'; + // const parameterId = 'YOUR_PARAMETER_ID'; + // const parameterVersionId = 'YOUR_PARAMETER_VERSION_ID'; + // const secretId = 'YOUR_SECRET_ID'; // For example projects/my-project/secrets/application-secret/version/latest + + // Imports the Parameter Manager library + const {ParameterManagerClient} = require('@google-cloud/parametermanager'); + + // Instantiates a client + const client = new ParameterManagerClient(); + + async function createParamVersionWithSecret() { + // Construct the parent resource name + const parent = client.parameterPath(projectId, 'global', parameterId); + + // Construct the JSON data with secret references + const jsonData = { + db_user: 'test_user', + db_password: `__REF__(//secretmanager.googleapis.com/${secretId})`, + }; + + // Construct the parameter version + const parameterVersion = { + payload: { + data: Buffer.from(JSON.stringify(jsonData), 'utf8'), + }, + }; + + // Construct the request + const request = { + parent: parent, + parameterVersionId: parameterVersionId, + parameterVersion: parameterVersion, + }; + + // Create the parameter version + const [response] = await client.createParameterVersion(request); + console.log( + `Created parameter version with secret references: ${response.name}` + ); + } + + await createParamVersionWithSecret(); + // [END parametermanager_create_param_version_with_secret] +} + +// Parse command line arguments +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/parametermanager/createStructuredParam.js b/parametermanager/createStructuredParam.js new file mode 100644 index 0000000000..2385d2e9b4 --- /dev/null +++ b/parametermanager/createStructuredParam.js @@ -0,0 +1,69 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +const {protos} = require('@google-cloud/parametermanager'); + +/** + * Creates a parameter in the global location of the specified + * project with specified format using the Google Cloud Parameter Manager SDK. + * + * @param {string} projectId - The Google Cloud project ID where the parameter is to be created. + * @param {string} parameterId - The ID of the parameter to create. This ID must be unique within the project. + * @param {string} formatType - The format type of the parameter (UNFORMATTED, YAML, JSON). + */ +async function main( + projectId = 'my-project', + parameterId = 'my-json-parameter', + formatType = protos.google.cloud.parametermanager.v1.ParameterFormat.JSON +) { + // [START parametermanager_create_structured_param] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const {protos} = require('@google-cloud/parametermanager'); + // const projectId = 'YOUR_PROJECT_ID'; + // const parameterId = 'YOUR_PARAMETER_ID'; + // const formatType = protos.google.cloud.parametermanager.v1.ParameterFormat.JSON; + + // Imports the Parameter Manager library + const {ParameterManagerClient} = require('@google-cloud/parametermanager'); + + // Instantiates a client + const client = new ParameterManagerClient(); + + async function createStructuredParam() { + const parent = client.locationPath(projectId, 'global'); + const request = { + parent: parent, + parameterId: parameterId, + parameter: { + format: formatType, + }, + }; + + const [parameter] = await client.createParameter(request); + console.log( + `Created parameter ${parameter.name} with format ${parameter.format}` + ); + } + + await createStructuredParam(); + // [END parametermanager_create_structured_param] +} + +// This sample demonstrates how to create a parameter for structured data of JSON type. +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/parametermanager/createStructuredParamVersion.js b/parametermanager/createStructuredParamVersion.js new file mode 100644 index 0000000000..eee1859d34 --- /dev/null +++ b/parametermanager/createStructuredParamVersion.js @@ -0,0 +1,77 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +/** + * Creates a new version of an existing parameter in the global location + * of the specified project using the Google Cloud Parameter Manager SDK. + * The payload is specified as a JSON format. + * + * @param {string} projectId - The Google Cloud project ID where the parameter is to be created. + * @param {string} parameterId - The ID of the parameter to create. This ID must be unique within the project. + * @param {string} parameterVersionId - The ID of the parameter version to be created. + * @param {Object} payload - The JSON payload data to be stored in the parameter version. + */ +async function main( + projectId = 'my-project', + parameterId = 'my-parameter', + parameterVersionId = 'v1', + payload = {username: 'test-user', host: 'localhost'} +) { + // [START parametermanager_create_structured_param_version] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const projectId = 'YOUR_PROJECT_ID'; + // const parameterId = 'YOUR_PARAMETER_ID'; + // const parameterVersionId = 'YOUR_PARAMETER_VERSION_ID'; + // const jsonData = {username: "test-user", host: "localhost"}; + + // Imports the Parameter Manager library + const {ParameterManagerClient} = require('@google-cloud/parametermanager'); + + // Instantiates a client + const client = new ParameterManagerClient(); + + async function createStructuredParamVersion() { + // Construct the parent resource name + const parent = client.parameterPath(projectId, 'global', parameterId); + + // Construct the parameter version + const parameterVersion = { + payload: { + data: Buffer.from(JSON.stringify(payload), 'utf8'), + }, + }; + + // Construct the request + const request = { + parent: parent, + parameterVersionId: parameterVersionId, + parameterVersion: parameterVersion, + }; + + // Create the parameter version + const [response] = await client.createParameterVersion(request); + console.log(`Created parameter version: ${response.name}`); + } + + await createStructuredParamVersion(); + // [END parametermanager_create_structured_param_version] +} + +// Parse command line arguments +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/parametermanager/getParam.js b/parametermanager/getParam.js new file mode 100644 index 0000000000..bc63bae1c8 --- /dev/null +++ b/parametermanager/getParam.js @@ -0,0 +1,60 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +/** + * Retrieves a parameter from the global location of the specified + * project using the Google Cloud Parameter Manager SDK. + * + * @param {string} projectId - The Google Cloud project ID where the parameter is located. + * @param {string} parameterId - The ID of the parameter to retrieve. + */ +async function main(projectId = 'my-project', parameterId = 'my-parameter') { + // [START parametermanager_get_param] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const projectId = 'my-project'; + // const parameterId = 'my-parameter'; + + // Imports the Parameter Manager library + const {ParameterManagerClient} = require('@google-cloud/parametermanager'); + + // Instantiates a client + const client = new ParameterManagerClient(); + + async function getParam() { + // Construct the fully qualified parameter name + const name = client.parameterPath(projectId, 'global', parameterId); + + // Get the parameter + const [parameter] = await client.getParameter({ + name: name, + }); + + // Find more details for the Parameter object here: + // https://cloud.google.com/secret-manager/parameter-manager/docs/reference/rest/v1/projects.locations.parameters#Parameter + console.log( + `Found parameter ${parameter.name} with format ${parameter.format}` + ); + } + + await getParam(); + // [END parametermanager_get_param] +} + +// The command-line arguments are passed as an array to main() +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/parametermanager/getParamVersion.js b/parametermanager/getParamVersion.js new file mode 100644 index 0000000000..914d21a0a3 --- /dev/null +++ b/parametermanager/getParamVersion.js @@ -0,0 +1,75 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +/** + * Retrieves the details of a specific version of an existing parameter in the specified + * project using the Google Cloud Parameter Manager SDK. + * + * @param {string} projectId - The Google Cloud project ID where the parameter is located. + * @param {string} parameterId - The ID of the parameter for which the version details are to be retrieved. + * @param {string} versionId - The version ID of the parameter to retrieve. + */ +async function main( + projectId = 'my-project', + parameterId = 'my-parameter', + versionId = 'v1' +) { + // [START parametermanager_get_param_version] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const projectId = 'my-project'; + // const parameterId = 'my-parameter'; + // const versionId = 'v1'; + + // Imports the Parameter Manager library + const {ParameterManagerClient} = require('@google-cloud/parametermanager'); + + // Instantiates a client + const client = new ParameterManagerClient(); + + async function getParamVersion() { + // Construct the fully qualified parameter version name + const name = client.parameterVersionPath( + projectId, + 'global', + parameterId, + versionId + ); + + // Get the parameter version + const [parameterVersion] = await client.getParameterVersion({ + name: name, + }); + // Find more details for the Parameter Version object here: + // https://cloud.google.com/secret-manager/parameter-manager/docs/reference/rest/v1/projects.locations.parameters.versions#ParameterVersion + console.log( + `Found parameter version ${parameterVersion.name} with state ${parameterVersion.disabled ? 'disabled' : 'enabled'}` + ); + if (!parameterVersion.disabled) { + console.log( + `Payload: ${parameterVersion.payload.data.toString('utf-8')}` + ); + } + } + + await getParamVersion(); + // [END parametermanager_get_param_version] +} + +// The command-line arguments are passed as an array to main() +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/parametermanager/listParamVersions.js b/parametermanager/listParamVersions.js new file mode 100644 index 0000000000..01e67f775d --- /dev/null +++ b/parametermanager/listParamVersions.js @@ -0,0 +1,62 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +/** + * + * Lists all versions of an existing parameter in the global location + * of the specified project using the Google Cloud Parameter Manager SDK. + * + * @param {string} projectId - The Google Cloud project ID where parameter is located. + * @param {string} parameterId - The parameter ID for which versions are to be listed. + */ +async function main(projectId = 'my-project', parameterId = 'my-parameter') { + // [START parametermanager_list_param_versions] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const projectId = 'my-project'; + // const parameterId = 'my-parameter'; + + // Imports the Parameter Manager library + const {ParameterManagerClient} = require('@google-cloud/parametermanager'); + + // Instantiates a client + const client = new ParameterManagerClient(); + + async function listParamVersions() { + // Construct the parent string for listing parameter versions globally + const parent = client.parameterPath(projectId, 'global', parameterId); + + const request = { + parent: parent, + }; + + // Use listParameterVersionsAsync to handle pagination automatically + const iterable = await client.listParameterVersionsAsync(request); + + for await (const version of iterable) { + console.log( + `Found parameter version ${version.name} with state ${version.disabled ? 'disabled' : 'enabled'}` + ); + } + } + + await listParamVersions(); + // [END parametermanager_list_param_versions] +} + +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/parametermanager/listParams.js b/parametermanager/listParams.js new file mode 100644 index 0000000000..0b5b0f84fd --- /dev/null +++ b/parametermanager/listParams.js @@ -0,0 +1,59 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +/** + * Lists all parameters in the global location for the specified + * project using the Google Cloud Parameter Manager SDK. + * + * @param {string} projectId - The Google Cloud project ID where the parameters are located. + */ +async function main(projectId = 'my-project') { + // [START parametermanager_list_params] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const projectId = 'my-project'; + + // Imports the Parameter Manager library + const {ParameterManagerClient} = require('@google-cloud/parametermanager'); + + // Instantiates a client + const client = new ParameterManagerClient(); + + async function listParams() { + // Construct the parent string for listing parameters globally + const parent = client.locationPath(projectId, 'global'); + + const request = { + parent: parent, + }; + + // Use listParametersAsync to handle pagination automatically + const iterable = await client.listParametersAsync(request); + + for await (const parameter of iterable) { + console.log( + `Found parameter ${parameter.name} with format ${parameter.format}` + ); + } + } + + await listParams(); + // [END parametermanager_list_params] +} + +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/parametermanager/package.json b/parametermanager/package.json new file mode 100644 index 0000000000..62cca15a15 --- /dev/null +++ b/parametermanager/package.json @@ -0,0 +1,29 @@ +{ + "name": "nodejs-parameter-manager-samples", + "private": true, + "license": "Apache-2.0", + "files": [ + "*.js" + ], + "author": "Google LLC", + "repository": "googleapis/nodejs-parameter-manager", + "engines": { + "node": ">=20" + }, + "scripts": { + "test": "c8 mocha --recursive test/ --timeout=800000" + }, + "directories": { + "test": "test" + }, + "dependencies": { + "@google-cloud/parametermanager": "^0.1.0" + }, + "devDependencies": { + "@google-cloud/secret-manager": "^5.6.0", + "c8": "^10.1.3", + "chai": "^4.5.0", + "mocha": "^11.1.0", + "uuid": "^11.0.5" + } +} diff --git a/parametermanager/renderParamVersion.js b/parametermanager/renderParamVersion.js new file mode 100644 index 0000000000..65ace26239 --- /dev/null +++ b/parametermanager/renderParamVersion.js @@ -0,0 +1,78 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +/** + * Retrieves and renders the details of a specific version of an + * existing parameter in the global location of the specified project + * using the Google Cloud Parameter Manager SDK. + * + * @param {string} projectId - The Google Cloud project ID where the parameter is located. + * @param {string} parameterId - The ID of the parameter for which version details are to be rendered. + * @param {string} parameterVersionId - The ID of the parameter version to be rendered. + */ +async function main( + projectId = 'my-project', + parameterId = 'my-parameter', + parameterVersionId = 'v1' +) { + // [START parametermanager_render_param_version] + /** + * TODO(developer): Uncomment these variables before running the sample. + */ + // const projectId = 'YOUR_PROJECT_ID'; + // const parameterId = 'YOUR_PARAMETER_ID'; + // const parameterVersionId = 'YOUR_PARAMETER_VERSION_ID'; + + // Imports the Parameter Manager library + const {ParameterManagerClient} = require('@google-cloud/parametermanager'); + + // Instantiates a client + const client = new ParameterManagerClient(); + + async function renderParamVersion() { + // Construct the parameter version name + const name = client.parameterVersionPath( + projectId, + 'global', + parameterId, + parameterVersionId + ); + + // Construct the request + const request = { + name: name, + }; + + // Render the parameter version + const [response] = await client.renderParameterVersion(request); + console.log(`Rendered parameter version: ${response.parameterVersion}`); + + // If the parameter contains secret references, they will be resolved + // and the actual secret values will be included in the rendered output. + // Be cautious with logging or displaying this information. + console.log( + 'Rendered payload: ', + response.renderedPayload.toString('utf-8') + ); + } + + await renderParamVersion(); + // [END parametermanager_render_param_version] +} + +// Parse command line arguments +const args = process.argv.slice(2); +main(...args).catch(console.error); diff --git a/parametermanager/test/.eslintrc.yml b/parametermanager/test/.eslintrc.yml new file mode 100644 index 0000000000..9351c489b5 --- /dev/null +++ b/parametermanager/test/.eslintrc.yml @@ -0,0 +1,17 @@ +# Copyright 2025 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +env: + mocha: true \ No newline at end of file diff --git a/parametermanager/test/parametermanager.test.js b/parametermanager/test/parametermanager.test.js new file mode 100644 index 0000000000..f9005a9550 --- /dev/null +++ b/parametermanager/test/parametermanager.test.js @@ -0,0 +1,253 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict'; + +const {assert} = require('chai'); +const cp = require('child_process'); +const {v4: uuidv4} = require('uuid'); + +const {ParameterManagerClient} = require('@google-cloud/parametermanager'); +const client = new ParameterManagerClient(); + +const {SecretManagerServiceClient} = require('@google-cloud/secret-manager'); +const secretClient = new SecretManagerServiceClient(); + +let projectId; +const locationId = process.env.GCLOUD_LOCATION || 'us-central1'; +const options = {}; +options.apiEndpoint = `parametermanager.${locationId}.rep.googleapis.com`; + +const secretOptions = {}; +secretOptions.apiEndpoint = `secretmanager.${locationId}.rep.googleapis.com`; + +const execSync = cmd => cp.execSync(cmd, {encoding: 'utf-8'}); + +const secretId = `test-secret-${uuidv4()}`; +const parameterId = `test-parameter-${uuidv4()}`; +const parameterVersionId = 'v1'; + +let parameter; +let parameterVersion; +let secret; +let secretVersion; + +describe('Parameter Manager samples', () => { + const parametersToDelete = []; + + before(async () => { + projectId = await client.getProjectId(); + + // Create a secret + [secret] = await secretClient.createSecret({ + parent: `projects/${projectId}`, + secretId: secretId, + secret: { + replication: { + automatic: {}, + }, + }, + }); + + // Create a secret version + [secretVersion] = await secretClient.addSecretVersion({ + parent: secret.name, + payload: { + data: Buffer.from('my super secret data', 'utf-8'), + }, + }); + + // Create a test global parameter + [parameter] = await client.createParameter({ + parent: `projects/${projectId}/locations/global`, + parameterId: parameterId, + parameter: { + format: 'JSON', + }, + }); + parametersToDelete.push(parameter.name); + + // Create a version for the global parameter + [parameterVersion] = await client.createParameterVersion({ + parent: parameter.name, + parameterVersionId: parameterVersionId, + parameterVersion: { + payload: { + data: Buffer.from(JSON.stringify({key: 'global_value'}), 'utf-8'), + }, + }, + }); + }); + + after(async () => { + // Clean up + parametersToDelete.forEach(async parameterName => { + await client.deleteParameterVersion({ + name: `${parameterName}/versions/v1`, + }); + if (parameterName === parameter.name) { + await client.deleteParameterVersion({ + name: `${parameterName}/versions/v12`, + }); + } + await client.deleteParameter({name: parameterName}); + }); + await secretClient.deleteSecret({ + name: secret.name, + }); + }); + + it('should create parameter version with secret references', async () => { + const output = execSync( + `node createParamVersionWithSecret.js ${projectId} ${parameterId} ${parameterVersionId}2 ${secretVersion.name}` + ); + assert.include( + output, + `Created parameter version with secret references: projects/${projectId}/locations/global/parameters/${parameterId}/versions/${parameterVersionId}2` + ); + }); + + it('should create a structured parameter', async () => { + const output = execSync( + `node createStructuredParam.js ${projectId} ${parameterId}-2` + ); + parametersToDelete.push( + client.parameterPath(projectId, 'global', `${parameterId}-2`) + ); + assert.include( + output, + `Created parameter projects/${projectId}/locations/global/parameters/${parameterId}-2 with format JSON` + ); + }); + + it('should create a unstructured parameter', async () => { + const output = execSync( + `node createParam.js ${projectId} ${parameterId}-3` + ); + parametersToDelete.push( + client.parameterPath(projectId, 'global', `${parameterId}-3`) + ); + assert.include( + output, + `Created parameter: projects/${projectId}/locations/global/parameters/${parameterId}-3` + ); + }); + + it('should create a structured parameter version', async () => { + const output = execSync( + `node createStructuredParamVersion.js ${projectId} ${parameterId}-2 ${parameterVersionId}` + ); + assert.include( + output, + `Created parameter version: projects/${projectId}/locations/global/parameters/${parameterId}-2/versions/${parameterVersionId}` + ); + }); + + it('should create a unstructured parameter version', async () => { + const output = execSync( + `node createParamVersion.js ${projectId} ${parameterId}-3 ${parameterVersionId}` + ); + assert.include( + output, + `Created parameter version: projects/${projectId}/locations/global/parameters/${parameterId}-3/versions/${parameterVersionId}` + ); + }); + + it('should list parameters', async () => { + const output = execSync(`node listParams.js ${projectId}`); + assert.include( + output, + `Found parameter ${parameter.name} with format ${parameter.format}` + ); + assert.include( + output, + `Found parameter projects/${projectId}/locations/global/parameters/${parameterId}-2 with format JSON` + ); + assert.include( + output, + `Found parameter projects/${projectId}/locations/global/parameters/${parameterId}-3 with format UNFORMATTED` + ); + }); + + it('should get a parameter', async () => { + const output = execSync(`node getParam.js ${projectId} ${parameterId}`); + assert.include( + output, + `Found parameter ${parameter.name} with format ${parameter.format}` + ); + }); + + it('should list parameter versions', async () => { + const output = execSync( + `node listParamVersions.js ${projectId} ${parameterId}` + ); + assert.include( + output, + `Found parameter version ${parameterVersion.name} with state enabled` + ); + assert.include( + output, + `Found parameter version ${parameterVersion.name}2 with state enabled` + ); + }); + + it('should get a parameter version', async () => { + const output = execSync( + `node getParamVersion.js ${projectId} ${parameterId} ${parameterVersionId}2` + ); + assert.include( + output, + `Found parameter version ${parameterVersion.name}2 with state enabled` + ); + assert.include( + output, + `Payload: {"db_user":"test_user","db_password":"__REF__(//secretmanager.googleapis.com/${secretVersion.name})"}` + ); + }); + + it('should render parameter version', async () => { + // Get the current IAM policy. + const [policy] = await secretClient.getIamPolicy({ + resource: secret.name, + }); + + // Add the user with accessor permissions to the bindings list. + policy.bindings.push({ + role: 'roles/secretmanager.secretAccessor', + members: [parameter.policyMember.iamPolicyUidPrincipal], + }); + + // Save the updated IAM policy. + await secretClient.setIamPolicy({ + resource: secret.name, + policy: policy, + }); + + await new Promise(resolve => setTimeout(resolve, 120000)); + + const output = execSync( + `node renderParamVersion.js ${projectId} ${parameterId} ${parameterVersionId}2` + ); + assert.include(output, 'Rendered parameter version:'); + assert.include( + output, + `/parameters/${parameterId}/versions/${parameterVersionId}2` + ); + assert.include(output, 'Rendered payload:'); + assert.include( + output, + '{"db_user":"test_user","db_password":"my super secret data"}' + ); + }); +});