syzkaller: add the gcp secret manager dependency (#2949)

Adds the function to read GCP Secrets.

1 files changed, 38 insertions, 0 deletions

diff --git a/pkg/gce/gcp_secret.go b/pkg/gce/gcp_secret.go
new file mode 100644
index 000000000..c5f84f3bc
--- /dev/null
+++ b/pkg/gce/gcp_secret.go
@@ -0,0 +1,38 @@
+// Copyright 2021 syzkaller project authors. All rights reserved.
+// Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
+
+package gce
+
+import (
+	"context"
+
+	secretmanager "cloud.google.com/go/secretmanager/apiv1"
+	secretmanagerpb "google.golang.org/genproto/googleapis/cloud/secretmanager/v1"
+)
+
+// GcpSecret returns the GCP Secret Manager blob as a []byte data.
+func GcpSecret(name string) ([]byte, error) {
+	// name := "projects/my-project/secrets/my-secret/versions/5"
+	// name := "projects/my-project/secrets/my-secret/versions/latest"
+
+	// Create the client.
+	ctx := context.Background()
+	client, err := secretmanager.NewClient(ctx)
+	if err != nil {
+		return nil, err
+	}
+	defer client.Close()
+
+	// Build the request.
+	req := &secretmanagerpb.AccessSecretVersionRequest{
+		Name: name,
+	}
+
+	// Call the API.
+	result, err := client.AccessSecretVersion(ctx, req)
+	if err != nil {
+		return nil, err
+	}
+
+	return result.Payload.Data, nil
+}