Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.11/site-packages/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/base.py: 74%

Shortcuts on this page

r m x   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

102 statements  

1# -*- coding: utf-8 -*- 

2# Copyright 2026 Google LLC 

3# 

4# Licensed under the Apache License, Version 2.0 (the "License"); 

5# you may not use this file except in compliance with the License. 

6# You may obtain a copy of the License at 

7# 

8# http://www.apache.org/licenses/LICENSE-2.0 

9# 

10# Unless required by applicable law or agreed to in writing, software 

11# distributed under the License is distributed on an "AS IS" BASIS, 

12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 

13# See the License for the specific language governing permissions and 

14# limitations under the License. 

15# 

16import abc 

17from typing import Awaitable, Callable, Dict, Optional, Sequence, Union 

18 

19import google.api_core 

20import google.auth # type: ignore 

21import google.iam.v1.iam_policy_pb2 as iam_policy_pb2 # type: ignore 

22import google.iam.v1.policy_pb2 as policy_pb2 # type: ignore 

23import google.protobuf 

24import google.protobuf.empty_pb2 as empty_pb2 # type: ignore 

25from google.api_core import exceptions as core_exceptions 

26from google.api_core import gapic_v1 

27from google.api_core import retry as retries 

28from google.auth import credentials as ga_credentials # type: ignore 

29from google.cloud.location import locations_pb2 # type: ignore 

30from google.oauth2 import service_account # type: ignore 

31 

32from google.cloud.secretmanager_v1beta1 import gapic_version as package_version 

33from google.cloud.secretmanager_v1beta1.types import resources, service 

34 

35DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( 

36 gapic_version=package_version.__version__ 

37) 

38 

39if hasattr(DEFAULT_CLIENT_INFO, "protobuf_runtime_version"): # pragma: NO COVER 

40 DEFAULT_CLIENT_INFO.protobuf_runtime_version = google.protobuf.__version__ 

41 

42 

43class SecretManagerServiceTransport(abc.ABC): 

44 """Abstract transport class for SecretManagerService.""" 

45 

46 AUTH_SCOPES = ("https://www.googleapis.com/auth/cloud-platform",) 

47 

48 DEFAULT_HOST: str = "secretmanager.googleapis.com" 

49 

50 def __init__( 

51 self, 

52 *, 

53 host: str = DEFAULT_HOST, 

54 credentials: Optional[ga_credentials.Credentials] = None, 

55 credentials_file: Optional[str] = None, 

56 scopes: Optional[Sequence[str]] = None, 

57 quota_project_id: Optional[str] = None, 

58 client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, 

59 always_use_jwt_access: Optional[bool] = False, 

60 api_audience: Optional[str] = None, 

61 **kwargs, 

62 ) -> None: 

63 """Instantiate the transport. 

64 

65 Args: 

66 host (Optional[str]): 

67 The hostname to connect to (default: 'secretmanager.googleapis.com'). 

68 credentials (Optional[google.auth.credentials.Credentials]): The 

69 authorization credentials to attach to requests. These 

70 credentials identify the application to the service; if none 

71 are specified, the client will attempt to ascertain the 

72 credentials from the environment. 

73 credentials_file (Optional[str]): Deprecated. A file with credentials that can 

74 be loaded with :func:`google.auth.load_credentials_from_file`. 

75 This argument is mutually exclusive with credentials. This argument will be 

76 removed in the next major version of this library. 

77 scopes (Optional[Sequence[str]]): A list of scopes. 

78 quota_project_id (Optional[str]): An optional project to use for billing 

79 and quota. 

80 client_info (google.api_core.gapic_v1.client_info.ClientInfo): 

81 The client info used to send a user-agent string along with 

82 API requests. If ``None``, then default info will be used. 

83 Generally, you only need to set this if you're developing 

84 your own client library. 

85 always_use_jwt_access (Optional[bool]): Whether self signed JWT should 

86 be used for service account credentials. 

87 api_audience (Optional[str]): The intended audience for the API calls 

88 to the service that will be set when using certain 3rd party 

89 authentication flows. Audience is typically a resource identifier. 

90 If not set, the host value will be used as a default. 

91 """ 

92 

93 # Save the scopes. 

94 self._scopes = scopes 

95 if not hasattr(self, "_ignore_credentials"): 

96 self._ignore_credentials: bool = False 

97 

98 # If no credentials are provided, then determine the appropriate 

99 # defaults. 

100 if credentials and credentials_file: 

101 raise core_exceptions.DuplicateCredentialArgs( 

102 "'credentials_file' and 'credentials' are mutually exclusive" 

103 ) 

104 

105 if credentials_file is not None: 

106 credentials, _ = google.auth.load_credentials_from_file( 

107 credentials_file, 

108 scopes=scopes, 

109 quota_project_id=quota_project_id, 

110 default_scopes=self.AUTH_SCOPES, 

111 ) 

112 elif credentials is None and not self._ignore_credentials: 

113 credentials, _ = google.auth.default( 

114 scopes=scopes, 

115 quota_project_id=quota_project_id, 

116 default_scopes=self.AUTH_SCOPES, 

117 ) 

118 # Don't apply audience if the credentials file passed from user. 

119 if hasattr(credentials, "with_gdch_audience"): 

120 credentials = credentials.with_gdch_audience( 

121 api_audience if api_audience else host 

122 ) 

123 

124 # If the credentials are service account credentials, then always try to use self signed JWT. 

125 if ( 

126 always_use_jwt_access 

127 and isinstance(credentials, service_account.Credentials) 

128 and hasattr(service_account.Credentials, "with_always_use_jwt_access") 

129 ): 

130 credentials = credentials.with_always_use_jwt_access(True) 

131 

132 # Save the credentials. 

133 self._credentials = credentials 

134 

135 # Save the hostname. Default to port 443 (HTTPS) if none is specified. 

136 if ":" not in host: 

137 host += ":443" 

138 self._host = host 

139 

140 self._wrapped_methods: Dict[Callable, Callable] = {} 

141 

142 @property 

143 def host(self): 

144 return self._host 

145 

146 def _prep_wrapped_messages(self, client_info): 

147 # Precompute the wrapped methods. 

148 self._wrapped_methods = { 

149 self.list_secrets: gapic_v1.method.wrap_method( 

150 self.list_secrets, 

151 default_timeout=60.0, 

152 client_info=client_info, 

153 ), 

154 self.create_secret: gapic_v1.method.wrap_method( 

155 self.create_secret, 

156 default_timeout=60.0, 

157 client_info=client_info, 

158 ), 

159 self.add_secret_version: gapic_v1.method.wrap_method( 

160 self.add_secret_version, 

161 default_timeout=60.0, 

162 client_info=client_info, 

163 ), 

164 self.get_secret: gapic_v1.method.wrap_method( 

165 self.get_secret, 

166 default_timeout=60.0, 

167 client_info=client_info, 

168 ), 

169 self.update_secret: gapic_v1.method.wrap_method( 

170 self.update_secret, 

171 default_timeout=60.0, 

172 client_info=client_info, 

173 ), 

174 self.delete_secret: gapic_v1.method.wrap_method( 

175 self.delete_secret, 

176 default_timeout=60.0, 

177 client_info=client_info, 

178 ), 

179 self.list_secret_versions: gapic_v1.method.wrap_method( 

180 self.list_secret_versions, 

181 default_timeout=60.0, 

182 client_info=client_info, 

183 ), 

184 self.get_secret_version: gapic_v1.method.wrap_method( 

185 self.get_secret_version, 

186 default_timeout=60.0, 

187 client_info=client_info, 

188 ), 

189 self.access_secret_version: gapic_v1.method.wrap_method( 

190 self.access_secret_version, 

191 default_retry=retries.Retry( 

192 initial=1.0, 

193 maximum=60.0, 

194 multiplier=1.3, 

195 predicate=retries.if_exception_type( 

196 core_exceptions.ServiceUnavailable, 

197 core_exceptions.Unknown, 

198 ), 

199 deadline=60.0, 

200 ), 

201 default_timeout=60.0, 

202 client_info=client_info, 

203 ), 

204 self.disable_secret_version: gapic_v1.method.wrap_method( 

205 self.disable_secret_version, 

206 default_timeout=60.0, 

207 client_info=client_info, 

208 ), 

209 self.enable_secret_version: gapic_v1.method.wrap_method( 

210 self.enable_secret_version, 

211 default_timeout=60.0, 

212 client_info=client_info, 

213 ), 

214 self.destroy_secret_version: gapic_v1.method.wrap_method( 

215 self.destroy_secret_version, 

216 default_timeout=60.0, 

217 client_info=client_info, 

218 ), 

219 self.set_iam_policy: gapic_v1.method.wrap_method( 

220 self.set_iam_policy, 

221 default_timeout=60.0, 

222 client_info=client_info, 

223 ), 

224 self.get_iam_policy: gapic_v1.method.wrap_method( 

225 self.get_iam_policy, 

226 default_timeout=60.0, 

227 client_info=client_info, 

228 ), 

229 self.test_iam_permissions: gapic_v1.method.wrap_method( 

230 self.test_iam_permissions, 

231 default_timeout=60.0, 

232 client_info=client_info, 

233 ), 

234 self.get_location: gapic_v1.method.wrap_method( 

235 self.get_location, 

236 default_timeout=None, 

237 client_info=client_info, 

238 ), 

239 self.list_locations: gapic_v1.method.wrap_method( 

240 self.list_locations, 

241 default_timeout=None, 

242 client_info=client_info, 

243 ), 

244 } 

245 

246 def close(self): 

247 """Closes resources associated with the transport. 

248 

249 .. warning:: 

250 Only call this method if the transport is NOT shared 

251 with other clients - this may cause errors in other clients! 

252 """ 

253 raise NotImplementedError() 

254 

255 @property 

256 def list_secrets( 

257 self, 

258 ) -> Callable[ 

259 [service.ListSecretsRequest], 

260 Union[service.ListSecretsResponse, Awaitable[service.ListSecretsResponse]], 

261 ]: 

262 raise NotImplementedError() 

263 

264 @property 

265 def create_secret( 

266 self, 

267 ) -> Callable[ 

268 [service.CreateSecretRequest], 

269 Union[resources.Secret, Awaitable[resources.Secret]], 

270 ]: 

271 raise NotImplementedError() 

272 

273 @property 

274 def add_secret_version( 

275 self, 

276 ) -> Callable[ 

277 [service.AddSecretVersionRequest], 

278 Union[resources.SecretVersion, Awaitable[resources.SecretVersion]], 

279 ]: 

280 raise NotImplementedError() 

281 

282 @property 

283 def get_secret( 

284 self, 

285 ) -> Callable[ 

286 [service.GetSecretRequest], Union[resources.Secret, Awaitable[resources.Secret]] 

287 ]: 

288 raise NotImplementedError() 

289 

290 @property 

291 def update_secret( 

292 self, 

293 ) -> Callable[ 

294 [service.UpdateSecretRequest], 

295 Union[resources.Secret, Awaitable[resources.Secret]], 

296 ]: 

297 raise NotImplementedError() 

298 

299 @property 

300 def delete_secret( 

301 self, 

302 ) -> Callable[ 

303 [service.DeleteSecretRequest], 

304 Union[empty_pb2.Empty, Awaitable[empty_pb2.Empty]], 

305 ]: 

306 raise NotImplementedError() 

307 

308 @property 

309 def list_secret_versions( 

310 self, 

311 ) -> Callable[ 

312 [service.ListSecretVersionsRequest], 

313 Union[ 

314 service.ListSecretVersionsResponse, 

315 Awaitable[service.ListSecretVersionsResponse], 

316 ], 

317 ]: 

318 raise NotImplementedError() 

319 

320 @property 

321 def get_secret_version( 

322 self, 

323 ) -> Callable[ 

324 [service.GetSecretVersionRequest], 

325 Union[resources.SecretVersion, Awaitable[resources.SecretVersion]], 

326 ]: 

327 raise NotImplementedError() 

328 

329 @property 

330 def access_secret_version( 

331 self, 

332 ) -> Callable[ 

333 [service.AccessSecretVersionRequest], 

334 Union[ 

335 service.AccessSecretVersionResponse, 

336 Awaitable[service.AccessSecretVersionResponse], 

337 ], 

338 ]: 

339 raise NotImplementedError() 

340 

341 @property 

342 def disable_secret_version( 

343 self, 

344 ) -> Callable[ 

345 [service.DisableSecretVersionRequest], 

346 Union[resources.SecretVersion, Awaitable[resources.SecretVersion]], 

347 ]: 

348 raise NotImplementedError() 

349 

350 @property 

351 def enable_secret_version( 

352 self, 

353 ) -> Callable[ 

354 [service.EnableSecretVersionRequest], 

355 Union[resources.SecretVersion, Awaitable[resources.SecretVersion]], 

356 ]: 

357 raise NotImplementedError() 

358 

359 @property 

360 def destroy_secret_version( 

361 self, 

362 ) -> Callable[ 

363 [service.DestroySecretVersionRequest], 

364 Union[resources.SecretVersion, Awaitable[resources.SecretVersion]], 

365 ]: 

366 raise NotImplementedError() 

367 

368 @property 

369 def set_iam_policy( 

370 self, 

371 ) -> Callable[ 

372 [iam_policy_pb2.SetIamPolicyRequest], 

373 Union[policy_pb2.Policy, Awaitable[policy_pb2.Policy]], 

374 ]: 

375 raise NotImplementedError() 

376 

377 @property 

378 def get_iam_policy( 

379 self, 

380 ) -> Callable[ 

381 [iam_policy_pb2.GetIamPolicyRequest], 

382 Union[policy_pb2.Policy, Awaitable[policy_pb2.Policy]], 

383 ]: 

384 raise NotImplementedError() 

385 

386 @property 

387 def test_iam_permissions( 

388 self, 

389 ) -> Callable[ 

390 [iam_policy_pb2.TestIamPermissionsRequest], 

391 Union[ 

392 iam_policy_pb2.TestIamPermissionsResponse, 

393 Awaitable[iam_policy_pb2.TestIamPermissionsResponse], 

394 ], 

395 ]: 

396 raise NotImplementedError() 

397 

398 @property 

399 def get_location( 

400 self, 

401 ) -> Callable[ 

402 [locations_pb2.GetLocationRequest], 

403 Union[locations_pb2.Location, Awaitable[locations_pb2.Location]], 

404 ]: 

405 raise NotImplementedError() 

406 

407 @property 

408 def list_locations( 

409 self, 

410 ) -> Callable[ 

411 [locations_pb2.ListLocationsRequest], 

412 Union[ 

413 locations_pb2.ListLocationsResponse, 

414 Awaitable[locations_pb2.ListLocationsResponse], 

415 ], 

416 ]: 

417 raise NotImplementedError() 

418 

419 @property 

420 def kind(self) -> str: 

421 raise NotImplementedError() 

422 

423 

424__all__ = ("SecretManagerServiceTransport",)