chore(secretmanager): Added samples for delayed destroy (#10136)

* chore(secretmanager): Added samples for delayed destroy

* chore(secretmanager): Update code sample

* chore(secretmanager): Update test assertions

Author: durgesh-ninave-crest

secretmanager/src/main/java/secretmanager/CreateSecretWithDelayedDestroy.java

@@ -0,0 +1,67 @@
+/*
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package secretmanager;
+
+// [START secretmanager_create_secret_with_delayed_destroy]
+
+import com.google.cloud.secretmanager.v1.ProjectName;
+import com.google.cloud.secretmanager.v1.Replication;
+import com.google.cloud.secretmanager.v1.Secret;
+import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
+import com.google.protobuf.Duration;
+import java.io.IOException;
+
+public class CreateSecretWithDelayedDestroy {
+
+  public static void createSecretWithDelayedDestroy() throws IOException {
+    // TODO(developer): Replace these variables before running the sample.
+    String projectId = "your-project-id";
+    String secretId = "your-secret-id";
+    Integer versionDestroyTtl = 86400;
+    createSecretWithDelayedDestroy(projectId, secretId, versionDestroyTtl);
+  }
+
+  // Create secret with version destroy TTL.
+  public static Secret createSecretWithDelayedDestroy(
+      String projectId,
+      String secretId,
+      Integer versionDestroyTtl)
+      throws IOException {
+    // Initialize the client that will be used to send requests.
+    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
+      // Build the parent name from the project.
+      ProjectName projectName = ProjectName.of(projectId);
+
+      // Build the secret to create.
+      Secret secret =
+          Secret.newBuilder()
+              .setReplication(
+                  Replication.newBuilder()
+                      .setAutomatic(Replication.Automatic.newBuilder().build())
+                      .build())
+              .setVersionDestroyTtl(Duration.newBuilder().setSeconds(versionDestroyTtl))
+              .build();
+
+      // Create the secret.
+      Secret createdSecret = client.createSecret(projectName, secretId, secret);
+      System.out.printf("Created secret with version destroy ttl %s\n", createdSecret.getName());
+
+      return createdSecret;
+    }
+  }
+}
+// [END secretmanager_create_secret_with_delayed_destroy]

secretmanager/src/main/java/secretmanager/DisableSecretDelayedDestroy.java

@@ -0,0 +1,64 @@
+/*
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package secretmanager;
+
+// [START secretmanager_disable_secret_delayed_destroy]
+
+import com.google.cloud.secretmanager.v1.Secret;
+import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
+import com.google.cloud.secretmanager.v1.SecretName;
+import com.google.protobuf.FieldMask;
+import com.google.protobuf.util.FieldMaskUtil;
+import java.io.IOException;
+
+public class DisableSecretDelayedDestroy {
+
+  public static void disableSecretDelayedDestroy() throws IOException {
+    // TODO(developer): Replace these variables before running the sample.
+    String projectId = "your-project-id";
+    String secretId = "your-secret-id";
+    disableSecretDelayedDestroy(projectId, secretId);
+  }
+
+  // Disables delayed destroy for a secret.
+  public static Secret disableSecretDelayedDestroy(
+      String projectId,
+      String secretId)
+      throws IOException {
+    // Initialize the client that will be used to send requests.
+    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
+      // Build the parent name from the project and secret.
+      SecretName secretName = SecretName.of(projectId, secretId);
+
+      // Build the secret to update.
+      Secret secret =
+          Secret.newBuilder()
+              .setName(secretName.toString())
+              .build();
+
+      // Build the field mask.
+      FieldMask fieldMask = FieldMaskUtil.fromString("version_destroy_ttl");
+
+      // Update the secret.
+      Secret updatedSecret = client.updateSecret(secret, fieldMask);
+      System.out.printf("Updated secret %s\n", updatedSecret.getName());
+
+      return updatedSecret;
+    }
+  }
+}
+// [END secretmanager_disable_secret_delayed_destroy]

secretmanager/src/main/java/secretmanager/UpdateSecretWithDelayedDestroy.java

@@ -0,0 +1,68 @@
+/*
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package secretmanager;
+
+// [START secretmanager_update_secret_with_delayed_destroy]
+
+import com.google.cloud.secretmanager.v1.Secret;
+import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
+import com.google.cloud.secretmanager.v1.SecretName;
+import com.google.protobuf.Duration;
+import com.google.protobuf.FieldMask;
+import com.google.protobuf.util.FieldMaskUtil;
+import java.io.IOException;
+
+public class UpdateSecretWithDelayedDestroy {
+
+  public static void updateSecretWithDelayedDestroy() throws IOException {
+    // TODO(developer): Replace these variables before running the sample.
+    String projectId = "your-project-id";
+    String secretId = "your-secret-id";
+    Integer versionDestroyTtl = 86400;
+    updateSecretWithDelayedDestroy(projectId, secretId, versionDestroyTtl);
+  }
+
+  // Update secret with version destroy TTL.
+  public static Secret updateSecretWithDelayedDestroy(
+      String projectId,
+      String secretId,
+      Integer versionDestroyTtl)
+      throws IOException {
+    // Initialize the client that will be used to send requests.
+    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
+      // Build the parent name from the project and secret.
+      SecretName secretName = SecretName.of(projectId, secretId);
+
+      // Build the secret to update.
+      Secret secret =
+          Secret.newBuilder()
+              .setName(secretName.toString())
+              .setVersionDestroyTtl(Duration.newBuilder().setSeconds(versionDestroyTtl))
+              .build();
+
+      // Build the field mask.
+      FieldMask fieldMask = FieldMaskUtil.fromString("version_destroy_ttl");
+
+      // Update the secret.
+      Secret updatedSecret = client.updateSecret(secret, fieldMask);
+      System.out.printf("Updated secret %s\n", updatedSecret.getName());
+
+      return updatedSecret;
+    }
+  }
+}
+// [END secretmanager_update_secret_with_delayed_destroy]

secretmanager/src/main/java/secretmanager/regionalsamples/CreateRegionalSecretWithDelayedDestroy.java

@@ -0,0 +1,71 @@
+/*
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package secretmanager.regionalsamples;
+
+// [START secretmanager_create_regional_secret_with_delayed_destroy]
+
+import com.google.cloud.secretmanager.v1.LocationName;
+import com.google.cloud.secretmanager.v1.Secret;
+import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
+import com.google.cloud.secretmanager.v1.SecretManagerServiceSettings;
+import com.google.protobuf.Duration;
+import java.io.IOException;
+
+public class CreateRegionalSecretWithDelayedDestroy {
+
+  public static void createRegionalSecretWithDelayedDestroy() throws IOException {
+    // TODO(developer): Replace these variables before running the sample.
+    String projectId = "your-project-id";
+    String locationId = "your-location-id";
+    String secretId = "your-secret-id";
+    Integer versionDestroyTtl = 86400;
+    createRegionalSecretWithDelayedDestroy(projectId, locationId, secretId, versionDestroyTtl);
+  }
+
+  // Create secret with version destroy TTL.
+  public static Secret createRegionalSecretWithDelayedDestroy(
+      String projectId,
+      String locationId,
+      String secretId,
+      Integer versionDestroyTtl)
+      throws IOException {
+    // Endpoint to call the regional secret manager sever
+    String apiEndpoint = String.format("secretmanager.%s.rep.googleapis.com:443", locationId);
+    SecretManagerServiceSettings secretManagerServiceSettings =
+        SecretManagerServiceSettings.newBuilder().setEndpoint(apiEndpoint).build();
+
+    // Initialize the client that will be used to send requests.
+    try (SecretManagerServiceClient client =
+             SecretManagerServiceClient.create(secretManagerServiceSettings)) {
+      // Build the parent name from the project.
+      LocationName locationName = LocationName.of(projectId, locationId);
+
+      // Build the secret to create.
+      Secret secret =
+          Secret.newBuilder()
+              .setVersionDestroyTtl(Duration.newBuilder().setSeconds(versionDestroyTtl))
+              .build();
+
+      // Create the secret.
+      Secret createdSecret = client.createSecret(locationName, secretId, secret);
+      System.out.printf("Created secret with version destroy ttl %s\n", createdSecret.getName());
+
+      return createdSecret;
+    }
+  }
+}
+// [END secretmanager_create_regional_secret_with_delayed_destroy]

secretmanager/src/main/java/secretmanager/regionalsamples/DisableRegionalSecretDelayedDestroy.java

@@ -0,0 +1,74 @@
+/*
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package secretmanager.regionalsamples;
+
+// [START secretmanager_disable_regional_secret_delayed_destroy]
+
+import com.google.cloud.secretmanager.v1.Secret;
+import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
+import com.google.cloud.secretmanager.v1.SecretManagerServiceSettings;
+import com.google.cloud.secretmanager.v1.SecretName;
+import com.google.protobuf.FieldMask;
+import com.google.protobuf.util.FieldMaskUtil;
+import java.io.IOException;
+
+public class DisableRegionalSecretDelayedDestroy {
+
+  public static void disableRegionalSecretDelayedDestroy() throws IOException {
+    // TODO(developer): Replace these variables before running the sample.
+    String projectId = "your-project-id";
+    String locationId = "your-location-id";
+    String secretId = "your-secret-id";
+    disableRegionalSecretDelayedDestroy(projectId, locationId, secretId);
+  }
+
+  // Disables the secret's delayed destroy.
+  public static Secret disableRegionalSecretDelayedDestroy(
+      String projectId,
+      String locationId,
+      String secretId)
+      throws IOException {
+    // Endpoint to call the regional secret manager sever
+    String apiEndpoint = String.format("secretmanager.%s.rep.googleapis.com:443", locationId);
+    SecretManagerServiceSettings secretManagerServiceSettings =
+        SecretManagerServiceSettings.newBuilder().setEndpoint(apiEndpoint).build();
+
+    // Initialize the client that will be used to send requests.
+    try (SecretManagerServiceClient client =
+             SecretManagerServiceClient.create(secretManagerServiceSettings)) {
+      // Build the parent name from the project and secret.
+      SecretName secretName =
+          SecretName.ofProjectLocationSecretName(projectId, locationId, secretId);
+
+      // Build the secret to update.
+      Secret secret =
+          Secret.newBuilder()
+              .setName(secretName.toString())
+              .build();
+
+      // Build the field mask.
+      FieldMask fieldMask = FieldMaskUtil.fromString("version_destroy_ttl");
+
+      // Update the secret.
+      Secret updatedSecret = client.updateSecret(secret, fieldMask);
+      System.out.printf("Updated secret %s\n", updatedSecret.getName());
+
+      return updatedSecret;
+    }
+  }
+}
+// [END secretmanager_disable_regional_secret_delayed_destroy]