github.com/google/syzkaller@v0.0.0-20251211124644-a066d2bc4b02/pkg/gcpsecret/secret.go (about) 1 // Copyright 2021 syzkaller project authors. All rights reserved. 2 // Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. 3 4 package gcpsecret 5 6 import ( 7 "context" 8 "fmt" 9 10 "cloud.google.com/go/compute/metadata" 11 secretmanager "cloud.google.com/go/secretmanager/apiv1" 12 "cloud.google.com/go/secretmanager/apiv1/secretmanagerpb" 13 ) 14 15 // GcpSecret returns the GCP Secret Manager blob as a []byte data. 16 func GcpSecret(name string) ([]byte, error) { 17 return GcpSecretWithContext(context.Background(), name) 18 } 19 20 func GcpSecretWithContext(ctx context.Context, name string) ([]byte, error) { 21 // name := "projects/my-project/secrets/my-secret/versions/5" 22 // name := "projects/my-project/secrets/my-secret/versions/latest" 23 24 // Create the client. 25 client, err := secretmanager.NewClient(ctx) 26 if err != nil { 27 return nil, err 28 } 29 defer client.Close() 30 31 // Build the request. 32 req := &secretmanagerpb.AccessSecretVersionRequest{ 33 Name: name, 34 } 35 36 // Call the API. 37 result, err := client.AccessSecretVersion(ctx, req) 38 if err != nil { 39 return nil, err 40 } 41 42 return result.Payload.Data, nil 43 } 44 45 // LatestGcpSecret returns the latest secret value. 46 func LatestGcpSecret(ctx context.Context, projectName, key string) ([]byte, error) { 47 return GcpSecretWithContext(ctx, 48 fmt.Sprintf("projects/%s/secrets/%s/versions/latest", projectName, key)) 49 } 50 51 // ProjectName returns the name of the GCP project the code is running on. 52 func ProjectName(ctx context.Context) (string, error) { 53 if !metadata.OnGCE() { 54 return "", fmt.Errorf("not running on GKE/GCE") 55 } 56 projectID, err := metadata.ProjectIDWithContext(ctx) 57 if err != nil { 58 return "", err 59 } 60 return projectID, nil 61 }