^JSrSSKJr SSKJr SSKJr SSKJr SSKJr SSKJr SSK J r SS K J r SS K J r SS KJr SS KJr SS KJr SESjrSESjrSESjrSESjrSESjrSESjrSESjrSESjrSESjrSFSjrSESjrSESjrSESjr Sr!Sr"Sr#SESjr$SES jr%SES!\RLS"\'S#S4S$jjr(S%r)S&r*S'r+S(r,S)r-S*r.SES+jr/S,r0SGS-jr1SHS.jr2SIS/jr3S0r4S1r5S2r6S3r7S4r8S5r9S6r:S7r;S8rS;r?S<r@S=rAS>rBS?rCSJS@\DSA\D4SBjjrESCrFSKSDjrGg)Lz$Shared resource arguments and flags.)absolute_import)division)unicode_literals) arg_parsers)base)parser_arguments)concepts) multitype) completers)concept_parsers)presentation_specs) resourcesc DUR"[SU54SSS.UD6 g)Nz data-filePATHz]File path from which to read secret data. Set this to "-" to read the secret data from stdin.metavarhelp add_argument _ArgOrFlagparser positionalkwargss .lib/googlecloudsdk/command_lib/secrets/args.py AddDataFiler#s1j) *  c DUR"[SU54SSS.UD6 g)Nzout-filez OUT-FILE-PATHz~File path to which secret data is written. If this flag is not provided secret data will be written to stdout in UTF-8 format.rrrs r AddOutFiler,s2Z( N  rc [RR"S[SU5[ 5SS.UD6R U5 g)NprojectzThe project ID.name resource_spec group_help)r ConceptParser ForResourcerGetProjectResourceSpec AddToParserrs r AddProjectr+5sD++ i ,*,"   F#rc [RR"S[SU5[ 5SR U5S.UD6R U5 g)NlocationzThe location {}.r"r&)r r'r(rGetLocationResourceSpecformatr*rpurposerrs r AddLocationr2=sO++ j* -+-#**73   F#rc DUR"[SU54SSS.UD6 g)Nreplication-policy-fileREPLICATION-POLICY-FILEJSON or YAML file to use to read the replication policy. The file must conform to https://cloud.google.com/secret-manager/docs/reference/rest/v1/projects.secrets#replication.Set this to "-" to read from stdin.rrrs rAddReplicationPolicyFiler7Es2*J7' 0  rc DUR"[SU54SSS.UD6 g)N kms-key-name KMS-KEY-NAMEyGlobal KMS key with which to encrypt and decrypt the secret. Only valid for secrets with an automatic replication policy.rrrs r AddKmsKeyNamer<Qs2, F  rc DUR"[SU54SSS.UD6 g)N set-kms-key SET-KMS-KEYENew KMS key with which to encrypt and decrypt future secret versions.rrrs rAddSetKmsKeyNamerAZs/ + Q   rc DUR"[SU54SSS.UD6 g)N remove-cmek store_truetRemove customer managed encryption key so that future versions will be encrypted by a Google managed encryption key.actionrrrs r AddRemoveCmekrHds1 +  =   rc DUR"[SU54SSS.UD6 g)Nr-REPLICA-LOCATIONdLocation of replica to update. For secrets with automatic replication policies, this can be omitted.rrrs rAddReplicaLocationrLns1Z(  9  rNc UcSRU5n[RR"S[ SU5[ 5US.UD6R U5 g)a)Add secret resource argument to the parser. Args: parser: The parser to add the argument to. purpose: The purpose of the secret, used to generate the help text. positional: Whether the argument is positional. help_text: The help text to use for the argument. **kwargs: Extra arguments. NzThe secret {}.secretr"r&)r/r r'r(rGetSecretResourceSpecr*)rr1r help_textrs r AddSecretrQws\ ''0I++ h +)+   Krc [RR"S[SU5[ 5SR U5S.UD6R U5 g)NversionzNumeric secret version {}.r"r&r r'r(rGetVersionResourceSpecr/r*r0s r AddVersionrVsO++ i ,*,.66w?   F#rc [RR"S[SU5[ 5SR U5S.UD6R U5 g)NrSz_Numeric secret version {} or a configured alias (including 'latest' to use the latest version).r"r&rTr0s rAddVersionOrAliasrXsM++ i ,*, mw     F#rc UR"[SU54S[R"5[RSS.UD6 g)NtopicsTOPICSz2List of Pub/Sub topics to configure on the secret.rtyperGr)rrrArgList UpdateActionrs r AddTopicsr`sD:&     % % @   rcRURSSS9nUR[SS5S[R"5[R SS9 UR[S S5S [R"5[R S S9 UR[S S5S SS9 g)z2Add flags for specifying topics on secret updates.TzTopics.mutexrz add-topicsFz ADD-TOPICSz,List of Pub/Sub topics to add to the secret.r\z remove-topicsz REMOVE-TOPICSz1List of Pub/Sub topics to remove from the secret.z clear-topicsrDz)Clear all Pub/Sub topics from the secret.rFN) add_grouprrrr^r_rgroups rAddUpdateTopicsGrouprgs   I  6%u%     % % : = %(     % % ? B '  7:rcURSSS9nUR[SS5SSS9 URS S 9nUR[S S5S S S9 UR[SS5SSS9 g)z4Add flags for specifying replication policy updates.TzReplication update.rbrCFrDrErFz CMEK Update.rr>r?r@rr-rJrKNrdrrrrfsubgroups rAddUpdateReplicationGrouprms   ,A  B%&  = ? __._ 1( & Q   U#  9;rc`URSSS9nUR[SS5SSS9 URS S 9nUR[S S5S S S9 UR[SS5SSS9 UR[SS5[RS[R "5SS9 g)z?Add flags for specifying replication policy on secret creation.TzReplication policy.rbr4Fr5r6rzInline replication arguments.rizreplication-policyPOLICYzThe type of replication policy to apply to this secret. Allowed values are "automatic" and "user-managed". If user-managed then --locations must also be provided.r9r:r; locationsLOCATIONzKComma-separated list of locations in which the secret should be replicated.)rGrr]rN)rdrrrr_r^rks rAddCreateReplicationPolicyGrouprrs   ,A  B%*E2' 0 2__"A_ B( %u- 13  ' FH  e$  % %      rc lUR"[SU54S[R"5SS.UD6 g)z?Add flags for specifying version destroy ttl on secret creates.version-destroy-ttlVERSION-DESTROY-TTLa8Secret Version Time To Live (TTL) after destruction request. For secret with TTL>0, version destruction does not happen immediately on calling destroy; instead, the version goes to a disabled state and destruction happens after the TTL expires. See `$ gcloud topic datetimes` for information on duration formats.rr]rN)rrrDurationrs rAddCreateVersionDestroyTTLrxs?& 3 #    ! P   rc URSSS9nUR"[SU54S[R"5SS.UD6 UR"[SS 54S S S .UD6 g )z?Add flags for specifying version destroy ttl on secret updates.TzVersion destroy ttl.rbrtrua)Secret Version TTL after destruction request. For secret with TTL>0, version destruction does not happen immediately on calling destroy; instead, the version goes to a disabled state and destruction happens after the TTL expires. See `$ gcloud topic datetimes` for information on duration formats.rvzremove-version-destroy-ttlFrDz8If set, removes the version destroy TTL from the secret.rFN)rdrrrrwrrrrfs rAddUpdateVersionDestroyTTLr{s   ,B  C%& 3 #    ! P   -u5  E  rrrreturnc URSSS9nUR"[SU54SSS.UD6 UR"[SS 54S S S .UD6 g )zAdd flags for specifying regional cmek on secret updates. Args: parser: Given argument parser. positional : Whether the argument is positional. **kwargs: Extra arguments. Tzregional kms key.rbregional-kms-key-namezREGIONAL-KMS-KEY-NAMEz*regional kms key name for regional secret.rzremove-regional-kms-key-nameFrDz%If set, removes the regional kms key.rFNrjrzs rAddUpdateRegionalKmsKeyrsx   ,?  @%(*5% 7   /7  2  rcURSSS9nUR[SS5SSS9 UR[S S5S S S9 g ) z6Add flags for specifying expiration on secret creates.T Expiration.rb expire-timeF EXPIRE-TIME6Timestamp at which to automatically delete the secret.rttlTTLhDuration of time (in seconds) from the running of the command until the secret is automatically deleted.Nrjres rAddCreateExpirationGroupr:sd   M  :%& DG 1 3rcURSSS9nUR[SS5SSS9 UR[S S5S S S9 UR[S S5S SS9 g)z7Add flags for specifying expiration on secret updates..TrrbrFrrrrrrzremove-expirationrDzAIf set, removes scheduled expiration from secret (if it had one).rFNrjres rAddUpdateExpirationGrouprJs   M  :%& DG 1 3 $e,  M PrcURSSS9nUR[SS5SS9 UR[SS5SS9 g ) z4Add flags for specifying rotation on secret creates.F Rotation.rbnext-rotation-time1Timestamp at which to send rotation notification.rirotation-period=Duration of time (in seconds) between rotation notifications.Nrjres rAddCreateRotationGroupr_s_   [  9%%u- ?B"E* KNrc.URSSS9nUR[SS5SS9 UR[SS5SS S 9 UR[S S5S S9 UR[S S5SSS 9 UR[SS5SSS 9 g)z5Add flags for specifying rotation on secret updates..Frrbrrrizremove-next-rotation-timerDz8Remove timestamp at which to send rotation notification.rFrrzremove-rotation-periodzVIf set, removes the rotation period, cancelling all rotations except for the next one.zremove-rotation-schedulez.If set, removes rotation policy from a secret.Nrjres rAddUpdateRotationGrouprks   [  9%%u- ?B,e4  FI"E* KN)51  %  +U3  <?rcTUR[SS5SSRUS9S9 g)z0Add flag for specifying the current secret etag.etagFETAGzCurrent entity tag (ETag) of the secret. If specified, the secret is {action} only if the ETag provided matches the current secret's ETag.rGrNrrr/rrGs r AddSecretEtagrs5  frcTUR[SS5SSRUS9S9 g)z8Add flag for specifying the current secret version etag.rFrzCurrent entity tag (ETag) of the secret version. If specified, the version is {action} only if the ETag provided matches the current version's ETag.rrNrrs rAddVersionEtagrs5  frc DUR"[SU54SSS.UD6 g)z2Add flag for specifying the regional KMS key name.r~r:z_Regional KMS key with which to encrypt and decrypt the secret. Only valid for regional secrets.rNrrs rAddRegionalKmsKeyNamers2(*5 (  rcrU(a UR5RSS5$SRU5$)zReturns the argument name in resource argument format or flag format. Args: name (str): name of the argument positional (bool): whether the argument is positional Returns: arg (str): the argument or flag -_z--{})upperreplacer/)r#rs rrrs/ ::<  S )) t rc [R"S[5[54SS0UD6n[R "[ R"SUUSSS9/5RU5 g)aAdds a secret resource. Secret resource can be global secret or regional secret. If command has "--location" then regional secret will be created or else global secret will be created. Regionl secret - projects//locations//secrets/ Global secret - projects//secrets/ Args: parser: given argument parser purpose: help text **kwargs: extra arguments zglobal or regional secretallow_inactiveTrNrequiredhiddenN) r MultitypeResourceSpecrOGetRegionalSecretResourceSpecr r'r !MultitypeResourcePresentationSpecr*)rr1rsecret_or_region_secret_specs rAddGlobalOrRegionalSecretrsv"+!@!@!#%" "  "::  &  ![rc [R"S[5[54SS0UD6n[R "[ R"SUUSSS9/5RU5 g)zwAdds a version resource. Args: parser: given argument parser purpose: help text **kwargs: extra arguments !global or regional secret versionrTrSrN r rrUGetRegionalVersionResourceSpecr r'r rr*rr1rglobal_or_region_version_specs rAddGlobalOrRegionalVersionrsv#,"A"A)$&# #  #::  '  ![rc [R"S[5[54SS0UD6n[R "[ R"SUUSSS9/5RU5 g)zAdds a version resource or alias. Args: parser: given argument parser purpose: help text **kwargs: extra arguments rrTrSrNrrs r!AddGlobalOrRegionalVersionOrAliasrsv#,"A"A)$&# #  #::  '  ![rc"[R$)N)r DEFAULT_PROJECT_ATTRIBUTE_CONFIGr&rrGetProjectAttributeConfigrs  2 22rc4[R"SSSS0SS9$)Nr-zThe location of the {resource}. fieldMaskr#r#rPcompletion_request_paramscompletion_id_fieldr ResourceParameterAttributeConfigr&rrGetLocationAttributeConfigrs&  2 2 1!,f 5  ""rc4[R"SSSS0SS9$)z3Returns the attribute config for location resource.r-z.[EXPERIMENTAL] The location of the {resource}.rr#rrr&rr"GetLocationResourceAttributeConfigr"s&  2 2  :!,f 5  rcJ[R"SS[RS9$)NrNThe secret of the {resource}.r#rP completerr rsecrets_completersSecretsCompleterr&rrGetSecretAttributeConfigr.s$  2 2 /"33 55rcJ[R"SS[RS9$)z1Returns the attribute config for regional secret.rNrrrr&rr GetRegionalSecretAttributeConfigr5s$  2 2 /"33 rc4[R"SSSS0SS9$)NrSThe version of the {resource}.rr#rrr&rrGetVersionAttributeConfigr>s&  2 2 0!,f 5  ""rc4[R"SSSS0SS9$)z9Returns the attribute config for regional secret version.rSrrr#rrr&rr!GetRegionalVersionAttributeConfigrFs&  2 2 0!,f 5  rcB[R"SSSS[5S9$)Nzsecretmanager.projectsr!projectsF)resource_collection resource_name plural_namedisable_auto_completers projectsId)r ResourceSpecrr&rrr)r)Ss'   2#*,  ..rc T[R"SSSS[5[5S9$)Nz secretmanager.projects.locationsr-rpF)rrrr locationsIdr)r rrrr&rrr.r.\s-   <#,.*,  ..rc T[R"SSSS[5[5S9$)Nsecretmanager.projects.secretsrNsecretsF)rrrr secretsIdr)r rrrr&rrrOrOfs-   :#(**,  ..rc f[R"SSSS[5[5[ 5S9$)N'secretmanager.projects.secrets.versionsrSF)rrr versionsIdrr)r rrrrr&rrrUrUps3   /#*,(**, ..rc f[R"SSSS[5[5[ 5S9$)z.Returns the resource spec for regional secret.z(secretmanager.projects.locations.secretszregional secretrF)rrrrrrr)r rrrrr&rrrr{s3   D%#02*,46 rc x[R"SSSS[5[5[ 5[ 5S9$)z6Returns the resource spec for regional secret version.1secretmanager.projects.locations.secrets.versionszregional versionrSF)rrrrrrrr)r rrrrrr&rrrrs9   M&#2402*,46  rc>[RRUSS9$)Nr collectionrREGISTRYParserefs rParseSecretRefrs&    ! ! 6 " rc>[RRUSS9$)Nrrrrs rParseVersionRefrs&    ! ! ? " rc>[RRUSS9$)zParses regional section version into 'secretmanager.projects.locations.secrets.versions' format . Args: ref: resource name of regional secret version. Returns: Parsed secret version. rrrrs rParseRegionalVersionRefrs(    ! ! I " rr api_versionc^^UU4SjnU$)a-Returns a function which turns a resource into a uri. Example: class List(base.ListCommand): def GetUriFunc(self): return MakeGetUriFunc(self) Args: collection: A command instance. api_version: api_version to be displayed. Returns: A function which can be returned in GetUriFunc. c>[RR5nURST5 UR UR TS9nUR 5$)N secretmanagerr)rrCloneRegisterApiByNamerr#SelfLink)resourceregistryparsedrrs r_GetUriMakeGetUriFunc.._GetUrisJ!!'')H  < ^^HMMj^ AF ?? rr&)rrrs`` rMakeGetUriFuncrs  .rc /SQn[R"SS[R"5[RSR U5S9$)z(Makes the base.Argument for --tags flag.)z%List of tags KEY=VALUE pairs to bind.zEach item must be expressed asz4`=`. z?Example: `123/environment=production,123/costCenter=marketing` z--tagsz KEY=VALUE r\)rArgumentrArgDictr_join) help_partss r GetTagsArgrsC*      % % 99Z  rc [X5nU(dgU"[UR55VVs/sHupEURXES9PM snnS9$s snnf)zMakes the tags message object.N)keyvalue)additionalProperties)getattrsorteditemsAdditionalProperty)args tags_message tags_arg_nametagsr r s rGetTagsFromArgsrsZ  %$  tzz|,,.,*#%%#%;,,. //,.sA )F)FN)zcreate a secret)zcreate a version)zcreate a version alias)v1)r)H__doc__ __future__rrrgooglecloudsdk.callioperrr googlecloudsdk.calliope.conceptsr r "googlecloudsdk.command_lib.secretsr r(googlecloudsdk.command_lib.util.conceptsr r googlecloudsdk.corerrrr+r2r7r<rArHrLrQrVrXr`rgrmrrrxr{ArgumentInterceptorboolrrrrrrrrrrrrrrrrrrrr)r.rOrUrrrrrstrrrrr&rrr!s`+&'/(456ODG) $$ ($$:,;.D"4  0 0 6 3 P* N?6    B8-@3" 5"....  "  s2"/r