feat(secretmanager): Adding expiretime samples

secret-manager/createSecretWithCmek.js

@@ -0,0 +1,56 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+async function main(parent, secretId, kmsKeyName) {
+  // [START secretmanager_create_secret_with_cmek]
+  /**
+   * TODO(developer): Uncomment these variables before running the sample.
+   */
+  // const projectId = 'projects/my-project';
+  // const secretId = 'my-secret-with-cmek';
+  // const kmsKeyName = 'projects/my-project/locations/global/keyRings/my-keyring/cryptoKeys/my-key';
+
+  // Import the Secret Manager library
+  const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');
+
+  // Create the Secret Manager client
+  const client = new SecretManagerServiceClient();
+
+  async function createSecretWithCmek() {
+    // Create the secret with automatic replication and CMEK
+    const [secret] = await client.createSecret({
+      parent: parent,
+      secretId: secretId,
+      secret: {
+        replication: {
+          automatic: {
+            customerManagedEncryption: {
+              kmsKeyName: kmsKeyName,
+            },
+          },
+        },
+      },
+    });
+
+    console.log(`Created secret ${secret.name} with CMEK key ${kmsKeyName}`);
+  }
+
+  createSecretWithCmek();
+  // [END secretmanager_create_secret_with_cmek]
+}
+
+const args = process.argv.slice(2);
+main(...args).catch(console.error);

secret-manager/createSecretWithExpiration.js

@@ -0,0 +1,61 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+async function main(parent, secretId) {
+  // [START secretmanager_create_secret_with_expiration]
+  /**
+   * TODO(developer): Uncomment these variables before running the sample.
+   */
+  // const parent = 'projects/my-project';
+  // const secretId = 'my-secret';
+
+  // Import the Secret Manager library
+  const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');
+
+  // Create the Secret Manager client
+  const client = new SecretManagerServiceClient();
+
+  async function createSecretWithExpiration() {
+    // Calculate expiration time (1 hour from now)
+    const expireTime = new Date();
+    expireTime.setHours(expireTime.getHours() + 1);
+
+    // Create the secret with automatic replication and expiration time
+    const [secret] = await client.createSecret({
+      parent: parent,
+      secretId: secretId,
+      secret: {
+        replication: {
+          automatic: {},
+        },
+        expireTime: {
+          seconds: Math.floor(expireTime.getTime() / 1000),
+          nanos: (expireTime.getTime() % 1000) * 1000000,
+        },
+      },
+    });
+
+    console.log(
+      `Created secret ${secret.name} with expiration time ${expireTime.toISOString()}`
+    );
+  }
+
+  createSecretWithExpiration();
+  // [END secretmanager_create_secret_with_expiration]
+}
+
+const args = process.argv.slice(2);
+main(...args).catch(console.error);

secret-manager/createSecretWithUserManagedReplicationPolicy.js

@@ -0,0 +1,62 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+async function main(parent, secretId, locations, ttl) {
+  // [START secretmanager_create_ummr_secret]
+  /**
+   * TODO(developer): Uncomment these variables before running the sample.
+   */
+  // const parent = 'projects/my-project';
+  // const secretId = 'my-new-secret';
+  // const locations = ['us-east1', 'europe-west1'];
+  // const ttl = 7776000; // Optional: 90 days in seconds
+
+  // Import the Secret Manager library
+  const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');
+
+  // Create the Secret Manager client
+  const client = new SecretManagerServiceClient();
+
+  async function createUmmrSecret() {
+    // Create the secret configuration
+    const secretConfig = {
+      replication: {
+        userManaged: {
+          replicas: locations.map(location => ({location})),
+        },
+      },
+      ttl: {
+        seconds: ttl,
+      },
+    };
+
+    // Create the secret
+    const [secret] = await client.createSecret({
+      parent: parent,
+      secretId: secretId,
+      secret: secretConfig,
+    });
+
+    console.log(`Created secret: ${secret.name}`);
+  }
+
+  createUmmrSecret();
+  // [END secretmanager_create_ummr_secret]
+}
+
+const args = process.argv.slice(2);
+const locations = args[2] ? args[2].split(',') : [];
+main(args[0], args[1], locations, args[3]).catch(console.error);

secret-manager/deleteSecretExpiration.js

@@ -0,0 +1,50 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+async function main(name = 'projects/my-project/secrets/my-secret') {
+  // [START secretmanager_delete_secret_expiration]
+  /**
+   * TODO(developer): Uncomment these variables before running the sample.
+   */
+  // const name = 'projects/my-project/secrets/my-secret';
+
+  // Import the Secret Manager library
+  const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');
+
+  // Create the Secret Manager client
+  const client = new SecretManagerServiceClient();
+
+  async function deleteSecretExpiration() {
+    // Update the secret with an empty expireTime field to remove the expiration
+    const [secret] = await client.updateSecret({
+      secret: {
+        name: name,
+        // No expireTime field specified, which will clear it
+      },
+      updateMask: {
+        paths: ['expire_time'],
+      },
+    });
+
+    console.log(`Removed expiration from secret ${secret.name}`);
+  }
+
+  await deleteSecretExpiration();
+  // [END secretmanager_delete_secret_expiration]
+}
+
+const args = process.argv.slice(2);
+main(...args).catch(console.error);

secret-manager/detachTagBinding.js

@@ -0,0 +1,72 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+async function main(name, tagValue) {
+  // [START secretmanager_detach_tag_binding]
+  /**
+   * TODO(developer): Uncomment these variables before running the sample.
+   */
+  // const name = 'projects/my-project/secrets/my-secret';
+  // const tagValue = 'tagValues/123456789012';
+
+  // Import the Resource Manager and Secret Manager libraries
+  const {TagBindingsClient} = require('@google-cloud/resource-manager').v3;
+
+  // Create the Resource Manager client
+  const rmClient = new TagBindingsClient();
+
+  // Build the resource name of the parent secret
+  const parent = `//secretmanager.googleapis.com/${name}`;
+
+  async function detachTag() {
+    // Find the binding name for the given tag value
+    let bindingName = null;
+    const iterable = rmClient.listTagBindingsAsync(
+      {
+        parent: parent,
+        pageSize: 50,
+      },
+      {autoPaginate: false}
+    );
+
+    for await (const binding of iterable) {
+      if (binding.tagValue === tagValue) {
+        bindingName = binding.name;
+        break;
+      }
+    }
+
+    if (bindingName === null) {
+      console.log(`Tag binding for value ${tagValue} not found on ${name}.`);
+      return;
+    }
+
+    // Delete the tag binding
+    const [operation] = await rmClient.deleteTagBinding({
+      name: bindingName,
+    });
+
+    // Wait for the operation to complete
+    await operation.promise();
+    console.log(`Detached tag value ${tagValue} from ${name}`);
+  }
+
+  detachTag();
+  // [END secretmanager_detach_tag_binding]
+}
+
+const args = process.argv.slice(2);
+main(...args).catch(console.error);

secret-manager/listSecretVersionsWithFilter.js

@@ -0,0 +1,47 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+async function main(parent = 'projects/my-project/secrets/my-secret') {
+  // [START secretmanager_list_secret_versions_with_filter]
+  /**
+   * TODO(developer): Uncomment these variables before running the sample.
+   */
+  // const parent = 'projects/my-project/secrets/my-secret';
+  const filterStr = 'state=DISABLED';
+
+  // Imports the Secret Manager library
+  const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');
+
+  // Instantiates a client
+  const client = new SecretManagerServiceClient();
+
+  async function listSecretVersionsWithFilter() {
+    const [versions] = await client.listSecretVersions({
+      parent: parent,
+      filter: filterStr,
+    });
+
+    versions.forEach(version => {
+      console.log(`Found version: ${version.name}`);
+    });
+  }
+
+  listSecretVersionsWithFilter();
+  // [END secretmanager_list_secret_versions_with_filter]
+}
+
+const args = process.argv.slice(2);
+main(...args).catch(console.error);