Class: Google::Cloud::Functions::V1::SecretVolume

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/functions/v1/functions.rb

Overview

Configuration for a secret volume. It has the information necessary to fetch the secret value from secret manager and make it available as files mounted at the requested paths within the application container. Secret value is not a part of the configuration. Every filesystem read operation performs a lookup in secret manager to retrieve the secret value.

Defined Under Namespace

Classes: SecretVersion

Instance Attribute Summary collapse

Instance Attribute Details

#mount_path::String

Returns The path within the container to mount the secret volume. For example, setting the mount_path as /etc/secrets would mount the secret value files under the /etc/secrets directory. This directory will also be completely shadowed and unavailable to mount any other secrets.

Recommended mount paths: /etc/secrets Restricted mount paths: /cloudsql, /dev/log, /pod, /proc, /var/log.

Returns:

  • (::String)

    The path within the container to mount the secret volume. For example, setting the mount_path as /etc/secrets would mount the secret value files under the /etc/secrets directory. This directory will also be completely shadowed and unavailable to mount any other secrets.

    Recommended mount paths: /etc/secrets Restricted mount paths: /cloudsql, /dev/log, /pod, /proc, /var/log



524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
# File 'proto_docs/google/cloud/functions/v1/functions.rb', line 524

class SecretVolume
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Configuration for a single version.
  # @!attribute [rw] version
  #   @return [::String]
  #     Version of the secret (version number or the string 'latest'). It is
  #     preferable to use `latest` version with secret volumes as secret value
  #     changes are reflected immediately.
  # @!attribute [rw] path
  #   @return [::String]
  #     Relative path of the file under the mount path where the secret value for
  #     this version will be fetched and made available. For example, setting the
  #     mount_path as '/etc/secrets' and path as `/secret_foo` would mount the
  #     secret value file at `/etc/secrets/secret_foo`.
  class SecretVersion
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#project_id::String

Returns Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function.

Returns:

  • (::String)

    Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function.



524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
# File 'proto_docs/google/cloud/functions/v1/functions.rb', line 524

class SecretVolume
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Configuration for a single version.
  # @!attribute [rw] version
  #   @return [::String]
  #     Version of the secret (version number or the string 'latest'). It is
  #     preferable to use `latest` version with secret volumes as secret value
  #     changes are reflected immediately.
  # @!attribute [rw] path
  #   @return [::String]
  #     Relative path of the file under the mount path where the secret value for
  #     this version will be fetched and made available. For example, setting the
  #     mount_path as '/etc/secrets' and path as `/secret_foo` would mount the
  #     secret value file at `/etc/secrets/secret_foo`.
  class SecretVersion
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#secret::String

Returns Name of the secret in secret manager (not the full resource name).

Returns:

  • (::String)

    Name of the secret in secret manager (not the full resource name).



524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
# File 'proto_docs/google/cloud/functions/v1/functions.rb', line 524

class SecretVolume
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Configuration for a single version.
  # @!attribute [rw] version
  #   @return [::String]
  #     Version of the secret (version number or the string 'latest'). It is
  #     preferable to use `latest` version with secret volumes as secret value
  #     changes are reflected immediately.
  # @!attribute [rw] path
  #   @return [::String]
  #     Relative path of the file under the mount path where the secret value for
  #     this version will be fetched and made available. For example, setting the
  #     mount_path as '/etc/secrets' and path as `/secret_foo` would mount the
  #     secret value file at `/etc/secrets/secret_foo`.
  class SecretVersion
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#versions::Array<::Google::Cloud::Functions::V1::SecretVolume::SecretVersion>

Returns List of secret versions to mount for this secret. If empty, the latest version of the secret will be made available in a file named after the secret under the mount point.

Returns:



524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
# File 'proto_docs/google/cloud/functions/v1/functions.rb', line 524

class SecretVolume
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Configuration for a single version.
  # @!attribute [rw] version
  #   @return [::String]
  #     Version of the secret (version number or the string 'latest'). It is
  #     preferable to use `latest` version with secret volumes as secret value
  #     changes are reflected immediately.
  # @!attribute [rw] path
  #   @return [::String]
  #     Relative path of the file under the mount path where the secret value for
  #     this version will be fetched and made available. For example, setting the
  #     mount_path as '/etc/secrets' and path as `/secret_foo` would mount the
  #     secret value file at `/etc/secrets/secret_foo`.
  class SecretVersion
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end