revert: "feat: added regional secret support for secret-manager (#3365)" (#3734)

This reverts commit 42dcccb.

Author: zhumin8

docs/src/main/asciidoc/secretmanager.adoc

@@ -56,15 +56,12 @@ This allows you to specify and load secrets from Google Cloud Secret Manager as
 
 The Secret Manager config data resource uses the following syntax to specify secrets:
 
-== Global Secrets
-The following formats apply to **global secrets**, where secrets are stored without specifying a region.
-
 [source]
 ----
 # 1. Long form - specify the project ID, secret ID, and version
 sm@projects/<project-id>/secrets/<secret-id>/versions/<version-id>}
 
-# 2. Long form - specify project ID, secret ID, and use latest version
+# 2.  Long form - specify project ID, secret ID, and use latest version
 sm@projects/<project-id>/secrets/<secret-id>
 
 # 3. Short form - specify project ID, secret ID, and version
@@ -81,28 +78,6 @@ sm@<secret-id>/<version>
 sm@<secret-id>
 ----
 
-== Regional Secrets
-The following formats apply to **regional secrets**, where secrets are stored in a specific Google Cloud region.
-For more details, see https://cloud.google.com/secret-manager/regional-secrets/data-residency[Google Cloud Regional Secrets].
-
-[source]
-----
-# 6. Long form - specify project ID, location ID, secret ID, and version
-sm@projects/<project-id>/locations/<location-id>/secrets/<secret-id>/versions/<version-id>
-
-# 7. Long form - specify project ID, location ID, secret ID, and use latest version
-sm@projects/<project-id>/locations/<location-id>/secrets/<secret-id>
-
-# 8. Short form - specify project ID, location ID, secret ID, and version
-sm@<project-id>/<location-id>/<secret-id>/<version-id>
-
-# 9. Short form - specify location ID, secret ID, version and use default project
-sm@locations/<location-id>/<secret-id>/<version>
-
-# 10. Shortest form - specify location ID, secret ID, and use default project and latest version
-sm@locations/<location-id>/<secret-id>
-----
-
 You can use this syntax in the following places:
 
 1. In your `application.properties` file:

spring-cloud-gcp-autoconfigure/src/main/java/com/google/cloud/spring/autoconfigure/secretmanager/DefaultSecretManagerServiceClientFactory.java

@@ -22,10 +22,8 @@
 import com.google.cloud.spring.autoconfigure.core.GcpContextAutoConfiguration;
 import com.google.cloud.spring.core.GcpProjectIdProvider;
 import com.google.cloud.spring.core.UserAgentHeaderProvider;
-import com.google.cloud.spring.secretmanager.SecretManagerServiceClientFactory;
 import com.google.cloud.spring.secretmanager.SecretManagerTemplate;
 import java.io.IOException;
-import org.springframework.beans.factory.ObjectProvider;
 import org.springframework.boot.autoconfigure.AutoConfiguration;
 import org.springframework.boot.autoconfigure.AutoConfigureAfter;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
@@ -34,7 +32,6 @@
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 
-
 /**
  *  Autoconfiguration for GCP Secret Manager.
  *
@@ -66,36 +63,22 @@ public GcpSecretManagerAutoConfiguration(
 
   @Bean
   @ConditionalOnMissingBean
-  public SecretManagerServiceClient secretManagerClient() throws IOException {
+  public SecretManagerServiceClient secretManagerClient()
+      throws IOException {
     SecretManagerServiceSettings settings =
         SecretManagerServiceSettings.newBuilder()
             .setCredentialsProvider(this.credentialsProvider)
-            .setHeaderProvider(new UserAgentHeaderProvider(GcpSecretManagerAutoConfiguration.class))
+            .setHeaderProvider(
+                new UserAgentHeaderProvider(GcpSecretManagerAutoConfiguration.class))
             .build();
-    return SecretManagerServiceClient.create(settings);
-  }
 
-  @Bean
-  @ConditionalOnMissingBean
-  public SecretManagerServiceClientFactory clientFactory(SecretManagerServiceClient client) {
-    return new DefaultSecretManagerServiceClientFactory(this.credentialsProvider, client);
+    return SecretManagerServiceClient.create(settings);
   }
 
-
   @Bean
   @ConditionalOnMissingBean
-  public SecretManagerTemplate secretManagerTemplate(
-      SecretManagerServiceClient client, ObjectProvider<SecretManagerServiceClientFactory> clientFactoryProvider) {
-
-    SecretManagerServiceClientFactory clientFactory = clientFactoryProvider.getIfAvailable();
-
-    if (clientFactory != null) {
-      return new SecretManagerTemplate(clientFactory, this.gcpProjectIdProvider)
-          .setAllowDefaultSecretValue(this.properties.isAllowDefaultSecret());
-    } else {
-      return new SecretManagerTemplate(client, this.gcpProjectIdProvider)
-          .setAllowDefaultSecretValue(this.properties.isAllowDefaultSecret());
-    }
+  public SecretManagerTemplate secretManagerTemplate(SecretManagerServiceClient client) {
+    return new SecretManagerTemplate(client, this.gcpProjectIdProvider)
+        .setAllowDefaultSecretValue(this.properties.isAllowDefaultSecret());
   }
-
 }

spring-cloud-gcp-autoconfigure/src/main/java/com/google/cloud/spring/autoconfigure/secretmanager/GcpSecretManagerAutoConfiguration.java

@@ -40,8 +40,7 @@ public ConfigData load(
     GcpProjectIdProvider projectIdProvider = context.getBootstrapContext()
         .get(GcpProjectIdProvider.class);
 
-    SecretManagerPropertySource secretManagerPropertySource = new SecretManagerPropertySource(
-        "spring-cloud-gcp-secret-manager", secretManagerTemplate, projectIdProvider);
-    return new ConfigData(Collections.singleton(secretManagerPropertySource));
+    return new ConfigData(Collections.singleton(new SecretManagerPropertySource(
+        "spring-cloud-gcp-secret-manager", secretManagerTemplate, projectIdProvider)));
   }
 }

spring-cloud-gcp-autoconfigure/src/main/java/com/google/cloud/spring/autoconfigure/secretmanager/SecretManagerConfigDataLoader.java

@@ -19,15 +19,13 @@
 import static com.google.cloud.spring.secretmanager.SecretManagerSyntaxUtils.getMatchedPrefixes;
 import static com.google.cloud.spring.secretmanager.SecretManagerSyntaxUtils.warnIfUsingDeprecatedSyntax;
 
-import com.google.api.gax.core.CredentialsProvider;
 import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
 import com.google.cloud.secretmanager.v1.SecretManagerServiceSettings;
 import com.google.cloud.spring.autoconfigure.core.GcpProperties;
 import com.google.cloud.spring.core.DefaultCredentialsProvider;
 import com.google.cloud.spring.core.DefaultGcpProjectIdProvider;
 import com.google.cloud.spring.core.GcpProjectIdProvider;
 import com.google.cloud.spring.core.UserAgentHeaderProvider;
-import com.google.cloud.spring.secretmanager.SecretManagerServiceClientFactory;
 import com.google.cloud.spring.secretmanager.SecretManagerTemplate;
 import java.io.IOException;
 import java.util.Collections;
@@ -54,10 +52,6 @@ public class SecretManagerConfigDataLocationResolver implements
    * A static client to avoid creating another client after refreshing.
    */
   private static SecretManagerServiceClient secretManagerServiceClient;
-  /**
-   * A static client factory to avoid creating another client after refreshing.
-   */
-  private static SecretManagerServiceClientFactory secretManagerServiceClientFactory;
 
   /**
    * Checks if the property can be resolved by the Secret Manager resolver.
@@ -110,15 +104,8 @@ private static void registerSecretManagerBeans(ConfigDataLocationResolverContext
     // Register the Core properties.
     registerBean(context, GcpProperties.class, getGcpProperties(context));
     // Register the Secret Manager properties.
-    registerBean(context, GcpSecretManagerProperties.class, getSecretManagerProperties(context));
-    // Register the CredentialsProvider.
-    registerBean(context, CredentialsProvider.class, getCredentialsProvider(context));
-    // Register the Secret Manager client factory.
-    registerAndPromoteBean(
-        context,
-        SecretManagerServiceClientFactory.class,
-        BootstrapRegistry.InstanceSupplier.from(
-            () -> createSecretManagerServiceClientFactory(context)));
+    registerBean(
+        context, GcpSecretManagerProperties.class, getSecretManagerProperties(context));
     // Register the Secret Manager client.
     registerAndPromoteBean(
         context,
@@ -148,20 +135,6 @@ private static GcpSecretManagerProperties getSecretManagerProperties(
         .orElse(new GcpSecretManagerProperties());
   }
 
-  private static CredentialsProvider getCredentialsProvider(
-      ConfigDataLocationResolverContext context) {
-    try {
-      GcpSecretManagerProperties properties =
-          context.getBootstrapContext().get(GcpSecretManagerProperties.class);
-      return context.getBinder()
-          .bind(GcpSecretManagerProperties.PREFIX, CredentialsProvider.class)
-          .orElse(new DefaultCredentialsProvider(properties));
-    } catch (IOException e) {
-      throw new RuntimeException(
-          "Failed to create the Secret Manager Client Factory for ConfigData loading.", e);
-    }
-  }
-
   @VisibleForTesting
   static GcpProjectIdProvider createProjectIdProvider(ConfigDataLocationResolverContext context) {
     ConfigurableBootstrapContext bootstrapContext = context.getBootstrapContext();
@@ -203,36 +176,17 @@ static synchronized SecretManagerServiceClient createSecretManagerClient(
     }
   }
 
-  @VisibleForTesting
-  static synchronized SecretManagerServiceClientFactory createSecretManagerServiceClientFactory(
-      ConfigDataLocationResolverContext context) {
-    if (secretManagerServiceClientFactory != null) {
-      return secretManagerServiceClientFactory;
-    }
-    SecretManagerServiceClient client = context.getBootstrapContext()
-        .get(SecretManagerServiceClient.class);
-    return new DefaultSecretManagerServiceClientFactory(
-        context.getBootstrapContext().get(CredentialsProvider.class), client);
-  }
-
   private static SecretManagerTemplate createSecretManagerTemplate(
       ConfigDataLocationResolverContext context) {
     SecretManagerServiceClient client = context.getBootstrapContext()
         .get(SecretManagerServiceClient.class);
-    SecretManagerServiceClientFactory clientFactory = context.getBootstrapContext()
-        .get(SecretManagerServiceClientFactory.class);
     GcpProjectIdProvider projectIdProvider = context.getBootstrapContext()
         .get(GcpProjectIdProvider.class);
     GcpSecretManagerProperties properties = context.getBootstrapContext()
         .get(GcpSecretManagerProperties.class);
 
-    if (clientFactory != null) {
-      return new SecretManagerTemplate(clientFactory, projectIdProvider)
-          .setAllowDefaultSecretValue(properties.isAllowDefaultSecret());
-    } else {
-      return new SecretManagerTemplate(client, projectIdProvider)
-          .setAllowDefaultSecretValue(properties.isAllowDefaultSecret());
-    }
+    return new SecretManagerTemplate(client, projectIdProvider)
+        .setAllowDefaultSecretValue(properties.isAllowDefaultSecret());
   }
 
   /**
@@ -269,10 +223,4 @@ private static <T> void registerAndPromoteBean(
   static void setSecretManagerServiceClient(SecretManagerServiceClient client) {
     secretManagerServiceClient = client;
   }
-
-  @VisibleForTesting
-  static void setSecretManagerServiceClientFactory(
-      SecretManagerServiceClientFactory clientFactory) {
-    secretManagerServiceClientFactory = clientFactory;
-  }
 }

spring-cloud-gcp-autoconfigure/src/main/java/com/google/cloud/spring/autoconfigure/secretmanager/SecretManagerConfigDataLocationResolver.java

@@ -17,12 +17,13 @@
 package com.google.cloud.spring.autoconfigure.secretmanager;
 
 import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.mock;
 
 import com.google.api.gax.core.CredentialsProvider;
+import com.google.auth.Credentials;
 import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
 import com.google.cloud.spring.autoconfigure.TestUtils;
 import com.google.cloud.spring.autoconfigure.core.GcpContextAutoConfiguration;
-import com.google.cloud.spring.secretmanager.SecretManagerServiceClientFactory;
 import com.google.cloud.spring.secretmanager.SecretManagerTemplate;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -66,13 +67,6 @@ void testSecretManagerServiceClientExists() {
             .isNotNull());
   }
 
-  @Test
-  void testSecretManagerServiceClientFactoryExists() {
-    contextRunner.run(
-        ctx -> assertThat(ctx.getBean(SecretManagerServiceClientFactory.class))
-            .isNotNull());
-  }
-
   @Test
   void testSecretManagerTemplateExists() {
     contextRunner.run(

spring-cloud-gcp-autoconfigure/src/test/java/com/google/cloud/spring/autoconfigure/secretmanager/GcpSecretManagerAutoConfigurationUnitTests.java

@@ -5,11 +5,9 @@
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
-import com.google.api.gax.core.CredentialsProvider;
 import com.google.cloud.spring.core.GcpProjectIdProvider;
 import com.google.cloud.spring.secretmanager.SecretManagerTemplate;
-import org.junit.jupiter.params.ParameterizedTest;
-import org.junit.jupiter.params.provider.CsvSource;
+import org.junit.jupiter.api.Test;
 import org.springframework.boot.ConfigurableBootstrapContext;
 import org.springframework.boot.context.config.ConfigDataLoaderContext;
 import org.springframework.boot.context.config.ConfigDataLocation;
@@ -23,23 +21,15 @@ class SecretManagerConfigDataLoaderUnitTests {
   private final ConfigDataLoaderContext loaderContext = mock(ConfigDataLoaderContext.class);
   private final GcpProjectIdProvider idProvider = mock(GcpProjectIdProvider.class);
   private final SecretManagerTemplate template = mock(SecretManagerTemplate.class);
-  private final GcpSecretManagerProperties properties = mock(GcpSecretManagerProperties.class);
-  private final CredentialsProvider credentialsProvider = mock(CredentialsProvider.class);
   private final ConfigurableBootstrapContext bootstrapContext = mock(
       ConfigurableBootstrapContext.class);
   private final SecretManagerConfigDataLoader loader = new SecretManagerConfigDataLoader();
 
-  @ParameterizedTest
-  @CsvSource({
-      "regional-fake, us-central1",
-      "fake, "
-  })
-  void loadIncorrectResourceThrowsException(String resourceName, String location) {
+  @Test
+  void loadIncorrectResourceThrowsException() {
     when(loaderContext.getBootstrapContext()).thenReturn(bootstrapContext);
     when(bootstrapContext.get(GcpProjectIdProvider.class)).thenReturn(idProvider);
     when(bootstrapContext.get(SecretManagerTemplate.class)).thenReturn(template);
-    when(bootstrapContext.get(GcpSecretManagerProperties.class)).thenReturn(properties);
-    when(bootstrapContext.get(CredentialsProvider.class)).thenReturn(credentialsProvider);
     when(template.secretExists(anyString(), anyString())).thenReturn(false);
     SecretManagerConfigDataResource resource = new SecretManagerConfigDataResource(
         ConfigDataLocation.of("fake"));