Retrieve the Secret Value form Google Cloud Secret Manager using Apps Script

[maarofi]

Greetings, 

I hope you all are having great time. 

In my google cloud project, I have some secrets in the cloud "Secret Manager" service. Now I want to access those secrets using the apps script to get their values and use them for further operations. The current steps I took are listed below:

1. Created a new script file in script.google.com
2. From Project Settings, I enabled ""Show "appsscript.json" manifest file in editor"
3. Inside the appsscript.json,  I added: 
   "oauthScopes": [
       "https://www.googleapis.com/auth/script.external_request",

       "https://www.googleapis.com/auth/cloud-platform"
     ]
4. Then in the code.gs, I grabbed my access token as ScriptApp.getOAuthToken();
5. Hitting the secrets get endpoint with baseURl as  "https://secretmanager.googleapis.com/v1/" throws an error.

The  current version of code I am using is listed below.  

/**

 * Use the Cloud Secret Manger API to interact with the pre-configured secrets.

 * @see { @link https://cloud.google.com/secret-manager/docs/reference/rest}

 */

function getCurrentSecrets() {

  let baseUrl, token, params, response;

  baseUrl = 'https://secretmanager.googleapis.com/v1/';

  token = ScriptApp.getOAuthToken();

  params = {

    "name" : "projects/my-project-id/secrets/my-secret-name"

  }

  

  response = UrlFetchApp.fetch(buildUrl_(baseUrl, params), {

    headers: {

      Authorization: 'Bearer ' + token

    }

  });

}

/**

 * Builds a complete URL from a base URL and a map of URL parameters.

 * @param {string} url The base URL.

 * @param {Object.<string, string>} params The URL parameters and values.

 * @return {string} The complete URL.

 * @private

 */

function buildUrl_(url, params) {

  var paramString = Object.keys(params).map(function(key) {

    return encodeURIComponent(key) + '=' + encodeURIComponent(params[key]);

  }).join('&');

  return url + (url.indexOf('?') >= 0 ? '&' : '?') + paramString;

}

But I keep getting the error: Exception: Request failed for https://secretmanager.googleapis.com returned code 404

I would really appreciate your help on this, as this is a time sensitive and I need to present the solution as soon as possible.  

**For reference please have a look at these resources: 
Apps Script OAuth 2.0

Secret Manager API V1

StackOverflow Question

[maarofi]

Greetings Fellow Members, 

I managed to solve the issue and will soon post my approach if anyone else in the future face same issue. But have to wrap a couple of other important things before I get back here. 

Wish you all best of your days at work 

[Bill Barrett]

maarofi,

Eagerly awaiting an update; working through a similar implementation myself!

[maarofi]

Hey Mr. Barrett, 

Sorry I was lost in some critical projects and didn't find time to leave my solution here. It's not that complicated and neither the perfect one but was a quick workaround in may case. You will need to have the GOOGLE COULD PROJECT NUMBER, THE SECRET KEY(NAME) and THE SECRET VERSION. 

If you are planning to retrieve all of them you can iterate over an array or dictionary that holds all secrets keys and versions. 

HERE IS AN ALTERNATE CODE PART: 

endpoint = `https://secretmanager.googleapis.com/v1/projects/${PROJECT_NUM}/secrets/${SECRET}/versions/${VERSION}:access`;

    // Google Cloud OAuth Token (Access Token) > Used to authenticate this script to access secret manager

    token = ScriptApp.getOAuthToken();

    // Hit the endpoint with valid authentication and response data headers, and grab the response

    response = UrlFetchApp.fetch(endpoint, {

      headers: {

        Authorization: 'Bearer ' + token,

        Accept: 'application/json',

      }

    });

THIS GOES INTO JSON FILE:

"oauthScopes": [

    "https://www.googleapis.com/auth/script.external_request",

    "https://www.googleapis.com/auth/cloud-platform"

  ]

I hope this helps, if not, leave a comment below and I will respond back. Happy Coding