func()

in pkg/berglas/create.go [106:190]

• 72 lines of code
• 10 McCabe index (conditional complexity)

func (c *Client) secretManagerCreate(ctx context.Context, i *SecretManagerCreateRequest) (*Secret, error) {
	project := i.Project
	if project == "" {
		return nil, fmt.Errorf("missing project")
	}

	name := i.Name
	if name == "" {
		return nil, fmt.Errorf("missing secret name")
	}

	plaintext := i.Plaintext
	if plaintext == nil {
		return nil, fmt.Errorf("missing plaintext")
	}

	var replication *secretspb.Replication
	if len(i.Locations) == 0 {
		replication = &secretspb.Replication{
			Replication: &secretspb.Replication_Automatic_{
				Automatic: &secretspb.Replication_Automatic{},
			},
		}
	} else {
		sort.Strings(i.Locations)
		replicas := make([]*secretspb.Replication_UserManaged_Replica, len(i.Locations))

		for n, loc := range i.Locations {
			replicas[n] = &secretspb.Replication_UserManaged_Replica{Location: loc}
		}

		replication = &secretspb.Replication{
			Replication: &secretspb.Replication_UserManaged_{
				UserManaged: &secretspb.Replication_UserManaged{
					Replicas: replicas,
				},
			},
		}
	}

	logger := logging.FromContext(ctx).With(
		"project", project,
		"name", name,
	)

	logger.DebugContext(ctx, "create.start")
	defer logger.DebugContext(ctx, "create.finish")

	logger.DebugContext(ctx, "creating secret")

	secretResp, err := c.secretManagerClient.CreateSecret(ctx, &secretspb.CreateSecretRequest{
		Parent:   fmt.Sprintf("projects/%s", project),
		SecretId: name,
		Secret:   &secretspb.Secret{Replication: replication},
	})

	if err != nil {
		terr, ok := grpcstatus.FromError(err)
		if ok && terr.Code() == grpccodes.AlreadyExists {
			return nil, errSecretAlreadyExists
		}
		return nil, fmt.Errorf("failed to create secret: %w", err)
	}

	logger.DebugContext(ctx, "creating secret version")

	versionResp, err := c.secretManagerClient.AddSecretVersion(ctx, &secretspb.AddSecretVersionRequest{
		Parent: secretResp.Name,
		Payload: &secretspb.SecretPayload{
			Data: plaintext,
		},
	})
	if err != nil {
		return nil, fmt.Errorf("failed to create secret version: %w", err)
	}

	return &Secret{
		Parent:    project,
		Name:      name,
		Version:   path.Base(versionResp.Name),
		Plaintext: plaintext,
		UpdatedAt: timestampToTime(versionResp.CreateTime),
		Locations: i.Locations,
	}, nil
}