自动抓取最新Google个云平台秘钥版本

Question

我正在尝试获取最新的秘密版本。有没有办法在不指定版本号的情况下做到这一点？例如使用关键字“最新”。正如 GCP 文档所示，我试图避免使用 for 循环遍历所有秘密版本：

try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
  // Build the parent name.
  SecretName projectName = SecretName.of(projectId, secretId);

  // Get all versions.
  ListSecretVersionsPagedResponse pagedResponse = client.listSecretVersions(projectName);

  // List all versions and their state.
  pagedResponse
      .iterateAll()
      .forEach(
          version -> {
            System.out.printf("Secret version %s, %s\n", version.getName(), version.getState());
          });
}

Answer 1

import com.google.cloud.secretmanager.v1.AccessSecretVersionResponse;
import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
import com.google.cloud.secretmanager.v1.SecretVersionName;
import java.io.IOException;

public class AccessSecretVersion {

  public static void accessSecretVersion() throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";
    String secretId = "your-secret-id";
    String versionId = "latest"; //<-- specify version
    accessSecretVersion(projectId, secretId, versionId);
  }

  // Access the payload for the given secret version if one exists. The version
  // can be a version number as a string (e.g. "5") or an alias (e.g. "latest").
  public static void accessSecretVersion(String projectId, String secretId, String versionId)
      throws IOException {
    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the "close" method on the client to safely clean up any remaining background resources.
    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
      SecretVersionName secretVersionName = SecretVersionName.of(projectId, secretId, versionId);

      // Access the secret version.
      AccessSecretVersionResponse response = client.accessSecretVersion(secretVersionName);

      // Print the secret payload.
      //
      // WARNING: Do not print the secret in a production environment - this
      // snippet is showing how to access the secret material.
      String payload = response.getPayload().getData().toStringUtf8();
      System.out.printf("Plaintext: %s\n", payload);
    }
  }
}

来源：https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets#secretmanager-access-secret-version-java

Answer 2

是的，您可以使用“最新”作为版本号。这称为“别名”。目前唯一的别名是“latest”，但我们可能会在未来支持更多的别名。

gcloud secrets versions access "latest" --secret "my-secret"

try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
  SecretVersionName secretVersionName = SecretVersionName.of(projectId, secretId, "latest"); // <-- here

  // Access the secret version.
  AccessSecretVersionResponse response = client.accessSecretVersion(secretVersionName);

  String payload = response.getPayload().getData().toStringUtf8();
  System.out.printf("Plaintext: %s\n", payload);
}