From 6513e8cf6195740b570b39fb645d8a1adafc0580 Mon Sep 17 00:00:00 2001
From: Yoshi Automation Bot <yoshi-automation@google.com>
Date: Thu, 11 Jun 2020 17:40:24 -0700
Subject: [PATCH] feat(secrets): begin migration to secret manager from
 keystore (#70)

This PR was generated using Autosynth. :rainbow:

Synth log will be available here:
https://source.cloud.google.com/results/invocations/8d5e906d-0de4-4e28-b374-7d5fd4a1ce62/targets

- [ ] To automatically regenerate this PR, check this box.

Source-Link: https://github.com/googleapis/synthtool/commit/1c92077459db3dc50741e878f98b08c6261181e0
---
 .kokoro/populate-secrets.sh             | 32 +++++++++++++++++++++++++
 .kokoro/publish.sh                      |  2 +-
 .kokoro/release/publish.cfg             | 10 +++-----
 .kokoro/trampoline.sh                   |  1 +
 protos/protos.js                        |  2 +-
 src/v1/big_query_read_client.ts         |  7 ++++++
 src/v1beta1/big_query_storage_client.ts |  7 ++++++
 synth.metadata                          |  4 ++--
 tsconfig.json                           |  2 +-
 9 files changed, 55 insertions(+), 12 deletions(-)
 create mode 100755 .kokoro/populate-secrets.sh

diff --git a/.kokoro/populate-secrets.sh b/.kokoro/populate-secrets.sh
new file mode 100755
index 00000000..85801f40
--- /dev/null
+++ b/.kokoro/populate-secrets.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+# Copyright 2020 Google LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -eo pipefail
+
+# Populates requested secrets set in SECRET_MANAGER_KEYS from service account:
+# kokoro-trampoline@cloud-devrel-kokoro-resources.iam.gserviceaccount.com
+SECRET_LOCATION="${KOKORO_GFILE_DIR}/secret_manager"
+mkdir -p ${SECRET_LOCATION}
+for key in $(echo ${SECRET_MANAGER_KEYS} | sed "s/,/ /g")
+do
+  docker run --entrypoint=gcloud \
+    --volume=${KOKORO_GFILE_DIR}:${KOKORO_GFILE_DIR} \
+    gcr.io/google.com/cloudsdktool/cloud-sdk \
+    secrets versions access latest \
+    --credential-file-override=${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json \
+    --project cloud-devrel-kokoro-resources \
+    --secret $key > \
+    "$SECRET_LOCATION/$key"
+done
diff --git a/.kokoro/publish.sh b/.kokoro/publish.sh
index ff9c2622..24957d71 100755
--- a/.kokoro/publish.sh
+++ b/.kokoro/publish.sh
@@ -24,7 +24,7 @@ python3 -m releasetool publish-reporter-script > /tmp/publisher-script; source /
 
 cd $(dirname $0)/..
 
-NPM_TOKEN=$(cat $KOKORO_KEYSTORE_DIR/73713_google-cloud-bigquery-storage-npm-token)
+NPM_TOKEN=$(cat $KOKORO_GFILE_DIR/secret_manager/npm_publish_token
 echo "//wombat-dressing-room.appspot.com/:_authToken=${NPM_TOKEN}" > ~/.npmrc
 
 npm install
diff --git a/.kokoro/release/publish.cfg b/.kokoro/release/publish.cfg
index 5531834c..948aefb0 100644
--- a/.kokoro/release/publish.cfg
+++ b/.kokoro/release/publish.cfg
@@ -47,13 +47,9 @@ before_action {
   }
 }
 
-before_action {
-  fetch_keystore {
-    keystore_resource {
-      keystore_config_id: 73713
-      keyname: "google-cloud-bigquery-storage-npm-token"
-    }
-  }
+env_vars: {
+  key: "SECRET_MANAGER_KEYS"
+  value: "npm_publish_token"
 }
 
 # Download trampoline resources.
diff --git a/.kokoro/trampoline.sh b/.kokoro/trampoline.sh
index 9bd4905c..a4241db2 100755
--- a/.kokoro/trampoline.sh
+++ b/.kokoro/trampoline.sh
@@ -24,4 +24,5 @@ function cleanup() {
 }
 trap cleanup EXIT
 
+$(dirname $0)/populate-secrets.sh # Secret Manager secrets.
 python3 "${KOKORO_GFILE_DIR}/trampoline_v1.py"
diff --git a/protos/protos.js b/protos/protos.js
index 5df38a02..faf2f6c3 100644
--- a/protos/protos.js
+++ b/protos/protos.js
@@ -28,7 +28,7 @@
     var $Reader = $protobuf.Reader, $Writer = $protobuf.Writer, $util = $protobuf.util;
     
     // Exported root namespace
-    var $root = $protobuf.roots._google_cloud_bigquery_storage_2_0_0_protos || ($protobuf.roots._google_cloud_bigquery_storage_2_0_0_protos = {});
+    var $root = $protobuf.roots._google_cloud_bigquery_storage_protos || ($protobuf.roots._google_cloud_bigquery_storage_protos = {});
     
     $root.google = (function() {
     
diff --git a/src/v1/big_query_read_client.ts b/src/v1/big_query_read_client.ts
index ba031a72..62262851 100644
--- a/src/v1/big_query_read_client.ts
+++ b/src/v1/big_query_read_client.ts
@@ -92,6 +92,13 @@ export class BigQueryReadClient {
     }
     opts.servicePath = opts.servicePath || servicePath;
     opts.port = opts.port || port;
+
+    // users can override the config from client side, like retry codes name.
+    // The detailed structure of the clientConfig can be found here: https://github.com/googleapis/gax-nodejs/blob/master/src/gax.ts#L546
+    // The way to override client config for Showcase API:
+    //
+    // const customConfig = {"interfaces": {"google.showcase.v1beta1.Echo": {"methods": {"Echo": {"retry_codes_name": "idempotent", "retry_params_name": "default"}}}}}
+    // const showcaseClient = new showcaseClient({ projectId, customConfig });
     opts.clientConfig = opts.clientConfig || {};
 
     const isBrowser = typeof window !== 'undefined';
diff --git a/src/v1beta1/big_query_storage_client.ts b/src/v1beta1/big_query_storage_client.ts
index 5e8f75d4..e24f7d9a 100644
--- a/src/v1beta1/big_query_storage_client.ts
+++ b/src/v1beta1/big_query_storage_client.ts
@@ -92,6 +92,13 @@ export class BigQueryStorageClient {
     }
     opts.servicePath = opts.servicePath || servicePath;
     opts.port = opts.port || port;
+
+    // users can override the config from client side, like retry codes name.
+    // The detailed structure of the clientConfig can be found here: https://github.com/googleapis/gax-nodejs/blob/master/src/gax.ts#L546
+    // The way to override client config for Showcase API:
+    //
+    // const customConfig = {"interfaces": {"google.showcase.v1beta1.Echo": {"methods": {"Echo": {"retry_codes_name": "idempotent", "retry_params_name": "default"}}}}}
+    // const showcaseClient = new showcaseClient({ projectId, customConfig });
     opts.clientConfig = opts.clientConfig || {};
 
     const isBrowser = typeof window !== 'undefined';
diff --git a/synth.metadata b/synth.metadata
index 86e7c8d5..140b12c5 100644
--- a/synth.metadata
+++ b/synth.metadata
@@ -4,7 +4,7 @@
       "git": {
         "name": ".",
         "remote": "https://github.com/googleapis/nodejs-bigquery-storage.git",
-        "sha": "a83dff661119fc6dc667afffcf984694fe46ee73"
+        "sha": "20d9978cf09493d982bde1914f4ba1ef6fc21711"
       }
     },
     {
@@ -19,7 +19,7 @@
       "git": {
         "name": "synthtool",
         "remote": "https://github.com/googleapis/synthtool.git",
-        "sha": "be74d3e532faa47eb59f1a0eaebde0860d1d8ab4"
+        "sha": "1c92077459db3dc50741e878f98b08c6261181e0"
       }
     }
   ],
diff --git a/tsconfig.json b/tsconfig.json
index 613d3559..c78f1c88 100644
--- a/tsconfig.json
+++ b/tsconfig.json
@@ -5,7 +5,7 @@
     "outDir": "build",
     "resolveJsonModule": true,
     "lib": [
-      "es2016",
+      "es2018",
       "dom"
     ]
   },