From 823400ef71ab6129441e867af6dab6e30ac809db Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Mon, 7 Jun 2021 19:02:26 +0000 Subject: [PATCH 1/7] chore: Report warning on `.github/workflows/ci.yaml` (#458) * fix: Report warning on `.github/workflows/ci.yaml` Not all files in `.github/workflows` are managed, only `ci.yaml`. Related false-positive: https://github.com/googleapis/repo-automation-bots/pull/1952#issuecomment-856142886 * fix: Report warning on `.github/workflows/ci.yaml` Not all files in `.github/workflows` are managed, only `ci.yaml`. Source-Link: https://github.com/googleapis/synthtool/commit/2430f8d90ed8a508e8422a3a7191e656d5a6bf53 Post-Processor: gcr.io/repo-automation-bots/owlbot-nodejs:latest@sha256:14aaee566d6fc07716bb92da416195156e47a4777e7d1cd2bb3e28c46fe30fe2 --- .github/.OwlBot.lock.yaml | 2 +- .github/generated-files-bot.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index 043a6066..3a93af92 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/repo-automation-bots/owlbot-nodejs:latest - digest: sha256:f4734af778c3d0eb58a6db0078907a87f2e53f3c7a6422363fc37ee52e02b25a + digest: sha256:14aaee566d6fc07716bb92da416195156e47a4777e7d1cd2bb3e28c46fe30fe2 diff --git a/.github/generated-files-bot.yml b/.github/generated-files-bot.yml index 6b04910c..7bb7ce54 100644 --- a/.github/generated-files-bot.yml +++ b/.github/generated-files-bot.yml @@ -3,8 +3,8 @@ generatedFiles: message: '`.kokoro` files are templated and should be updated in [`synthtool`](https://github.com/googleapis/synthtool)' - path: '.github/CODEOWNERS' message: 'CODEOWNERS should instead be modified via the `codeowner_team` property in .repo-metadata.json' -- path: '.github/workflows/**' - message: '`.github/workflows` (GitHub Actions) should be updated in [`synthtool`](https://github.com/googleapis/synthtool)' +- path: '.github/workflows/ci.yaml' + message: '`.github/workflows/ci.yaml` (GitHub Actions) should be updated in [`synthtool`](https://github.com/googleapis/synthtool)' - path: '.github/generated-files-bot.+(yml|yaml)' message: '`.github/generated-files-bot.(yml|yaml)` should be updated in [`synthtool`](https://github.com/googleapis/synthtool)' - path: 'README.md' From 82fd0c71270115b1faf8af11d29c91699fa69118 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Wed, 9 Jun 2021 19:24:28 +0000 Subject: [PATCH 2/7] chore(nodejs): use cloud-rad publication process (#1112) (#460) VERSION is used in @google-cloud/cloud-rad to publish ref docs for a particular version. Pass VERSION in via Stubby or Fusion. Source-Link: https://github.com/googleapis/synthtool/commit/740366bbb9a7e0f4b77fc75dc26be1d3a376c3e0 Post-Processor: gcr.io/repo-automation-bots/owlbot-nodejs:latest@sha256:bbdd52de226c00df3356cdf25460397b429ab49552becca645adbc412f6a4ed5 --- .github/.OwlBot.lock.yaml | 2 +- .kokoro/release/docs-devsite.cfg | 2 +- .kokoro/release/docs-devsite.sh | 48 ++------------------------------ .trampolinerc | 3 +- 4 files changed, 7 insertions(+), 48 deletions(-) diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index 3a93af92..f6467c3a 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/repo-automation-bots/owlbot-nodejs:latest - digest: sha256:14aaee566d6fc07716bb92da416195156e47a4777e7d1cd2bb3e28c46fe30fe2 + digest: sha256:bbdd52de226c00df3356cdf25460397b429ab49552becca645adbc412f6a4ed5 diff --git a/.kokoro/release/docs-devsite.cfg b/.kokoro/release/docs-devsite.cfg index f8ccbb74..e07366c6 100644 --- a/.kokoro/release/docs-devsite.cfg +++ b/.kokoro/release/docs-devsite.cfg @@ -11,7 +11,7 @@ before_action { # doc publications use a Python image. env_vars: { key: "TRAMPOLINE_IMAGE" - value: "gcr.io/cloud-devrel-kokoro-resources/node:10-user" + value: "gcr.io/cloud-devrel-kokoro-resources/node:14-user" } # Download trampoline resources. diff --git a/.kokoro/release/docs-devsite.sh b/.kokoro/release/docs-devsite.sh index 7657be33..2198e67f 100755 --- a/.kokoro/release/docs-devsite.sh +++ b/.kokoro/release/docs-devsite.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2019 Google LLC +# Copyright 2021 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,7 +16,6 @@ set -eo pipefail -# build jsdocs (Python is installed on the Node 10 docker image). if [[ -z "$CREDENTIALS" ]]; then # if CREDENTIALS are explicitly set, assume we're testing locally # and don't set NPM_CONFIG_PREFIX. @@ -25,47 +24,6 @@ if [[ -z "$CREDENTIALS" ]]; then cd $(dirname $0)/../.. fi -mkdir ./etc - npm install -npm run api-extractor -npm run api-documenter - -npm i json@9.0.6 -g -NAME=$(cat .repo-metadata.json | json name) - -mkdir ./_devsite -cp ./yaml/$NAME/* ./_devsite - -# Clean up TOC -# Delete SharePoint item, see https://github.com/microsoft/rushstack/issues/1229 -sed -i -e '1,3d' ./yaml/toc.yml -sed -i -e 's/^ //' ./yaml/toc.yml -# Delete interfaces from TOC (name and uid) -sed -i -e '/name: I[A-Z]/{N;d;}' ./yaml/toc.yml -sed -i -e '/^ *\@google-cloud.*:interface/d' ./yaml/toc.yml - -cp ./yaml/toc.yml ./_devsite/toc.yml - -# create docs.metadata, based on package.json and .repo-metadata.json. -pip install -U pip -python3 -m pip install --user gcp-docuploader -python3 -m docuploader create-metadata \ - --name=$NAME \ - --version=$(cat package.json | json version) \ - --language=$(cat .repo-metadata.json | json language) \ - --distribution-name=$(cat .repo-metadata.json | json distribution_name) \ - --product-page=$(cat .repo-metadata.json | json product_documentation) \ - --github-repository=$(cat .repo-metadata.json | json repo) \ - --issue-tracker=$(cat .repo-metadata.json | json issue_tracker) -cp docs.metadata ./_devsite/docs.metadata - -# deploy the docs. -if [[ -z "$CREDENTIALS" ]]; then - CREDENTIALS=${KOKORO_KEYSTORE_DIR}/73713_docuploader_service_account -fi -if [[ -z "$BUCKET" ]]; then - BUCKET=docs-staging-v2 -fi - -python3 -m docuploader upload ./_devsite --destination-prefix docfx --credentials $CREDENTIALS --staging-bucket $BUCKET +npm install --no-save @google-cloud/cloud-rad@^0.2.5 +npx @google-cloud/cloud-rad \ No newline at end of file diff --git a/.trampolinerc b/.trampolinerc index 164613b9..d4fcb894 100644 --- a/.trampolinerc +++ b/.trampolinerc @@ -20,7 +20,8 @@ required_envvars+=( # Add env vars which are passed down into the container here. pass_down_envvars+=( - "AUTORELEASE_PR" + "AUTORELEASE_PR", + "VERSION" ) # Prevent unintentional override on the default image. From ea1319a39a77eb6f098e14dc8613887bab9a8eca Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Thu, 10 Jun 2021 14:29:28 -0500 Subject: [PATCH 3/7] build: add auto-approve to Node libraries (#1100) (#461) * build: add auto-approve to Node libraries Co-authored-by: Benjamin E. Coe Source-Link: https://github.com/googleapis/synthtool/commit/5cae043787729a908ed0cab28ca27baf9acee3c4 Post-Processor: gcr.io/repo-automation-bots/owlbot-nodejs:latest@sha256:65aa68f2242c172345d7c1e780bced839bfdc344955d6aa460aa63b4481d93e5 Co-authored-by: Owl Bot Co-authored-by: Benjamin E. Coe --- .github/.OwlBot.lock.yaml | 2 +- .github/CODEOWNERS | 3 +++ .github/auto-approve.yml | 7 +++++++ 3 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 .github/auto-approve.yml diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index f6467c3a..1b520297 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/repo-automation-bots/owlbot-nodejs:latest - digest: sha256:bbdd52de226c00df3356cdf25460397b429ab49552becca645adbc412f6a4ed5 + digest: sha256:65aa68f2242c172345d7c1e780bced839bfdc344955d6aa460aa63b4481d93e5 diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index d904d1e2..80520bba 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -7,3 +7,6 @@ # The yoshi-nodejs team is the default owner for nodejs repositories. * @googleapis/yoshi-nodejs + +# The github automation team is the default owner for the auto-approve file. +.github/auto-approve.yml @googleapis/github-automation diff --git a/.github/auto-approve.yml b/.github/auto-approve.yml new file mode 100644 index 00000000..90369797 --- /dev/null +++ b/.github/auto-approve.yml @@ -0,0 +1,7 @@ +rules: +- author: "release-please[bot]" + title: "^chore: release" + changedFiles: + - "package\\.json$" + - "CHANGELOG\\.md$" + maxFiles: 3 \ No newline at end of file From 90fdea0b2882840b400511390c1a6ff05f0074e6 Mon Sep 17 00:00:00 2001 From: "F. Hinkelmann" Date: Thu, 10 Jun 2021 23:32:10 +0200 Subject: [PATCH 4/7] chore(nodejs): remove api-extractor dependencies (#462) --- package.json | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/package.json b/package.json index acd806c9..d3c816cd 100644 --- a/package.json +++ b/package.json @@ -40,16 +40,12 @@ "prepare": "npm run compile-protos && npm run compile", "samples-test": "cd samples/ && npm link ../ && npm install && npm test && cd ../", "system-test": "c8 mocha build/system-test", - "test": "c8 mocha build/test", - "api-extractor": "api-extractor run --local", - "api-documenter": "api-documenter yaml --input-folder=temp" + "test": "c8 mocha build/test" }, "dependencies": { "google-gax": "^2.12.0" }, "devDependencies": { - "@microsoft/api-documenter": "^7.8.10", - "@microsoft/api-extractor": "^7.8.10", "@types/mocha": "^8.0.0", "@types/node": "^14.0.0", "@types/sinon": "^10.0.0", From 6577359f3e169d5f4ff517a5238a8a39608f4ab7 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Fri, 11 Jun 2021 19:10:48 +0000 Subject: [PATCH 5/7] build: remove errant comma (#1113) (#463) Source-Link: https://github.com/googleapis/synthtool/commit/41ccd8cd13ec31f4fb839cf8182aea3c7156e19d Post-Processor: gcr.io/repo-automation-bots/owlbot-nodejs:latest@sha256:c9c7828c165b1985579098978877935ee52dda2b1b538087514fd24fa2443e7a --- .github/.OwlBot.lock.yaml | 2 +- .trampolinerc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index 1b520297..e7c45fd3 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,3 +1,3 @@ docker: image: gcr.io/repo-automation-bots/owlbot-nodejs:latest - digest: sha256:65aa68f2242c172345d7c1e780bced839bfdc344955d6aa460aa63b4481d93e5 + digest: sha256:c9c7828c165b1985579098978877935ee52dda2b1b538087514fd24fa2443e7a diff --git a/.trampolinerc b/.trampolinerc index d4fcb894..5fc22531 100644 --- a/.trampolinerc +++ b/.trampolinerc @@ -20,7 +20,7 @@ required_envvars+=( # Add env vars which are passed down into the container here. pass_down_envvars+=( - "AUTORELEASE_PR", + "AUTORELEASE_PR" "VERSION" ) From a27f95dffdea8a803d02da443a38b10ed7720c86 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Mon, 14 Jun 2021 20:58:06 +0000 Subject: [PATCH 6/7] feat: add ECDSA secp256k1 to the list of supported algorithms (#464) PiperOrigin-RevId: 379309757 Source-Link: https://github.com/googleapis/googleapis/commit/8d1d6694519ed9a1195067cd2138376ac1389883 Source-Link: https://github.com/googleapis/googleapis-gen/commit/b2d98d795c76af902b897e85719b1d9f0b454dcb --- protos/google/cloud/kms/v1/resources.proto | 6 +++++- protos/google/cloud/kms/v1/service.proto | 5 +++-- protos/protos.d.ts | 1 + protos/protos.js | 22 ++++++++++++++++++++++ protos/protos.json | 1 + src/v1/key_management_service_client.ts | 3 ++- 6 files changed, 34 insertions(+), 4 deletions(-) diff --git a/protos/google/cloud/kms/v1/resources.proto b/protos/google/cloud/kms/v1/resources.proto index 88e31bd9..825c3297 100644 --- a/protos/google/cloud/kms/v1/resources.proto +++ b/protos/google/cloud/kms/v1/resources.proto @@ -1,4 +1,4 @@ -// Copyright 2020 Google LLC +// Copyright 2021 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -286,6 +286,10 @@ message CryptoKeyVersion { // ECDSA on the NIST P-384 curve with a SHA384 digest. EC_SIGN_P384_SHA384 = 13; + // ECDSA on the non-NIST secp256k1 curve. This curve is only supported for + // HSM protection level. + EC_SIGN_SECP256K1_SHA256 = 31; + // Algorithm representing symmetric encryption by an external key manager. EXTERNAL_SYMMETRIC_ENCRYPTION = 18; } diff --git a/protos/google/cloud/kms/v1/service.proto b/protos/google/cloud/kms/v1/service.proto index 65d20771..e96b612a 100644 --- a/protos/google/cloud/kms/v1/service.proto +++ b/protos/google/cloud/kms/v1/service.proto @@ -1,4 +1,4 @@ -// Copyright 2020 Google LLC +// Copyright 2021 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -253,7 +253,8 @@ service KeyManagementService { // Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. // - // Returns an error if called on an asymmetric key. + // Returns an error if called on a key whose purpose is not + // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]. rpc UpdateCryptoKeyPrimaryVersion(UpdateCryptoKeyPrimaryVersionRequest) returns (CryptoKey) { option (google.api.http) = { post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*}:updatePrimaryVersion" diff --git a/protos/protos.d.ts b/protos/protos.d.ts index 5c36ef7b..b78c6e5d 100644 --- a/protos/protos.d.ts +++ b/protos/protos.d.ts @@ -652,6 +652,7 @@ export namespace google { RSA_DECRYPT_OAEP_4096_SHA512 = 17, EC_SIGN_P256_SHA256 = 12, EC_SIGN_P384_SHA384 = 13, + EC_SIGN_SECP256K1_SHA256 = 31, EXTERNAL_SYMMETRIC_ENCRYPTION = 18 } diff --git a/protos/protos.js b/protos/protos.js index ad8270a5..c20bc6c0 100644 --- a/protos/protos.js +++ b/protos/protos.js @@ -919,6 +919,7 @@ case 17: case 12: case 13: + case 31: case 18: break; } @@ -1020,6 +1021,10 @@ case 13: message.algorithm = 13; break; + case "EC_SIGN_SECP256K1_SHA256": + case 31: + message.algorithm = 31; + break; case "EXTERNAL_SYMMETRIC_ENCRYPTION": case 18: message.algorithm = 18; @@ -1664,6 +1669,7 @@ case 17: case 12: case 13: + case 31: case 18: break; } @@ -1842,6 +1848,10 @@ case 13: message.algorithm = 13; break; + case "EC_SIGN_SECP256K1_SHA256": + case 31: + message.algorithm = 31; + break; case "EXTERNAL_SYMMETRIC_ENCRYPTION": case 18: message.algorithm = 18; @@ -1977,6 +1987,7 @@ * @property {number} RSA_DECRYPT_OAEP_4096_SHA512=17 RSA_DECRYPT_OAEP_4096_SHA512 value * @property {number} EC_SIGN_P256_SHA256=12 EC_SIGN_P256_SHA256 value * @property {number} EC_SIGN_P384_SHA384=13 EC_SIGN_P384_SHA384 value + * @property {number} EC_SIGN_SECP256K1_SHA256=31 EC_SIGN_SECP256K1_SHA256 value * @property {number} EXTERNAL_SYMMETRIC_ENCRYPTION=18 EXTERNAL_SYMMETRIC_ENCRYPTION value */ CryptoKeyVersion.CryptoKeyVersionAlgorithm = (function() { @@ -1997,6 +2008,7 @@ values[valuesById[17] = "RSA_DECRYPT_OAEP_4096_SHA512"] = 17; values[valuesById[12] = "EC_SIGN_P256_SHA256"] = 12; values[valuesById[13] = "EC_SIGN_P384_SHA384"] = 13; + values[valuesById[31] = "EC_SIGN_SECP256K1_SHA256"] = 31; values[valuesById[18] = "EXTERNAL_SYMMETRIC_ENCRYPTION"] = 18; return values; })(); @@ -2239,6 +2251,7 @@ case 17: case 12: case 13: + case 31: case 18: break; } @@ -2332,6 +2345,10 @@ case 13: message.algorithm = 13; break; + case "EC_SIGN_SECP256K1_SHA256": + case 31: + message.algorithm = 31; + break; case "EXTERNAL_SYMMETRIC_ENCRYPTION": case 18: message.algorithm = 18; @@ -8137,6 +8154,7 @@ case 17: case 12: case 13: + case 31: case 18: break; } @@ -8230,6 +8248,10 @@ case 13: message.algorithm = 13; break; + case "EC_SIGN_SECP256K1_SHA256": + case 31: + message.algorithm = 31; + break; case "EXTERNAL_SYMMETRIC_ENCRYPTION": case 18: message.algorithm = 18; diff --git a/protos/protos.json b/protos/protos.json index c3c43850..c7b6e104 100644 --- a/protos/protos.json +++ b/protos/protos.json @@ -262,6 +262,7 @@ "RSA_DECRYPT_OAEP_4096_SHA512": 17, "EC_SIGN_P256_SHA256": 12, "EC_SIGN_P384_SHA384": 13, + "EC_SIGN_SECP256K1_SHA256": 31, "EXTERNAL_SYMMETRIC_ENCRYPTION": 18 } }, diff --git a/src/v1/key_management_service_client.ts b/src/v1/key_management_service_client.ts index 68ecee4b..482a3d1f 100644 --- a/src/v1/key_management_service_client.ts +++ b/src/v1/key_management_service_client.ts @@ -2005,7 +2005,8 @@ export class KeyManagementServiceClient { /** * Update the version of a {@link google.cloud.kms.v1.CryptoKey|CryptoKey} that will be used in {@link google.cloud.kms.v1.KeyManagementService.Encrypt|Encrypt}. * - * Returns an error if called on an asymmetric key. + * Returns an error if called on a key whose purpose is not + * {@link google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT|ENCRYPT_DECRYPT}. * * @param {Object} request * The request object that will be sent. From a5d51a97cbf66477bdee4cf74fe7a37e608af4ad Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Mon, 14 Jun 2021 21:04:10 +0000 Subject: [PATCH 7/7] chore: release 2.4.0 (#465) :robot: I have created a release \*beep\* \*boop\* --- ## [2.4.0](https://www.github.com/googleapis/nodejs-kms/compare/v2.3.3...v2.4.0) (2021-06-14) ### Features * add ECDSA secp256k1 to the list of supported algorithms ([#464](https://www.github.com/googleapis/nodejs-kms/issues/464)) ([a27f95d](https://www.github.com/googleapis/nodejs-kms/commit/a27f95dffdea8a803d02da443a38b10ed7720c86)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --- CHANGELOG.md | 7 +++++++ package.json | 2 +- samples/package.json | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2f7147ad..45066d7d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,13 @@ [1]: https://www.npmjs.com/package/@google-cloud/kms?activeTab=versions +## [2.4.0](https://www.github.com/googleapis/nodejs-kms/compare/v2.3.3...v2.4.0) (2021-06-14) + + +### Features + +* add ECDSA secp256k1 to the list of supported algorithms ([#464](https://www.github.com/googleapis/nodejs-kms/issues/464)) ([a27f95d](https://www.github.com/googleapis/nodejs-kms/commit/a27f95dffdea8a803d02da443a38b10ed7720c86)) + ### [2.3.3](https://www.github.com/googleapis/nodejs-kms/compare/v2.3.2...v2.3.3) (2021-05-25) diff --git a/package.json b/package.json index d3c816cd..18949d2f 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "@google-cloud/kms", "description": "Google Cloud Key Management Service (KMS) API client for Node.js", - "version": "2.3.3", + "version": "2.4.0", "license": "Apache-2.0", "author": "Google LLC", "engines": { diff --git a/samples/package.json b/samples/package.json index 5b4fb8ca..7a2a3532 100644 --- a/samples/package.json +++ b/samples/package.json @@ -14,7 +14,7 @@ "test": "c8 mocha --recursive test/ --timeout=800000" }, "dependencies": { - "@google-cloud/kms": "^2.3.3", + "@google-cloud/kms": "^2.4.0", "fast-crc32c": "^2.0.0", "jslint": "^0.12.1" },