Add gcp secretsmanager to discovery + enable secret init (#6635)

Author: LittleSalkin1806

providers/gcp/config/config.go

@@ -57,6 +57,7 @@ Examples with the GCP project configured:
 				resources.DiscoverCloudKMSKeyrings,
 				resources.DiscoverMemorystoreRedis,
 				resources.DiscoverMemorystoreRedisCluster,
+				resources.DiscoverSecretManager,
 			},
 			Flags: []plugin.Flag{
 				{

providers/gcp/connection/platform.go

@@ -126,6 +126,8 @@ func GetTitleForPlatformName(name string) string {
 		return "GCP Memorystore for Redis"
 	case "gcp-memorystore-rediscluster":
 		return "GCP Memorystore for Redis Cluster"
+	case "gcp-secretmanager-secret":
+		return "GCP Secret Manager Secret"
 	}
 	return "Google Cloud Platform"
 }
@@ -194,6 +196,13 @@ func ResourceTechnologyUrl(service, project, region, objectType, name string) []
 		default:
 			return []string{"gcp", project, "memorystore", region, "other"}
 		}
+	case "secretmanager":
+		switch objectType {
+		case "secret":
+			return []string{"gcp", project, "secretmanager", region, "secret"}
+		default:
+			return []string{"gcp", project, "secretmanager", region, "other"}
+		}
 	default:
 		return []string{"gcp", project, "other"}
 	}

providers/gcp/resources/discovery.go

@@ -47,6 +47,7 @@ const (
 	DiscoveryGkeClusters            = "gke-clusters"
 	DiscoveryComputeInstances       = "instances"
 	DiscoveryStorageBuckets         = "storage-buckets"
+	DiscoverSecretManager           = "secretmanager-secrets"
 )
 
 var All = []string{
@@ -78,6 +79,7 @@ var Auto = []string{
 	DiscoverMemorystoreRedis,
 	DiscoverMemorystoreRedisCluster,
 	DiscoveryComputeInstances,
+	DiscoverSecretManager,
 }
 
 var AllAPIResources = []string{
@@ -96,6 +98,7 @@ var AllAPIResources = []string{
 	DiscoverMemorystoreRedis,
 	DiscoverMemorystoreRedisCluster,
 	DiscoveryComputeInstances,
+	DiscoverSecretManager,
 }
 
 // List of all CloudSQL types, this will be used during discovery
@@ -813,6 +816,35 @@ func discoverProject(conn *connection.GcpConnection, gcpProject *mqlGcpProject,
 			})
 		}
 	}
+	if stringx.ContainsAnyOf(discoveryTargets, DiscoverSecretManager) {
+		secretmanagerService := gcpProject.GetSecretmanager()
+		if secretmanagerService.Error != nil {
+			return nil, secretmanagerService.Error
+		}
+		secrets := secretmanagerService.Data.GetSecrets()
+		if secrets.Error != nil {
+			return nil, secrets.Error
+		}
+		for i := range secrets.Data {
+			secret := secrets.Data[i].(*mqlGcpProjectSecretmanagerServiceSecret)
+			assetList = append(assetList, &inventory.Asset{
+				PlatformIds: []string{
+					connection.NewResourcePlatformID("secretmanager", gcpProject.Id.Data, "global", "secret", secret.Name.Data),
+				},
+				Name: secret.Name.Data,
+				Platform: &inventory.Platform{
+					Name:                  "gcp-secretmanager-secret",
+					Title:                 connection.GetTitleForPlatformName("gcp-secretmanager-secret"),
+					Runtime:               "gcp",
+					Kind:                  "gcp-object",
+					Family:                []string{"google"},
+					TechnologyUrlSegments: connection.ResourceTechnologyUrl("secretmanager", gcpProject.Id.Data, "global", "secret", secret.Name.Data),
+				},
+				Labels:      mapStrInterfaceToMapStrStr(secret.GetLabels().Data),
+				Connections: []*inventory.Config{conn.Conf.Clone(inventory.WithoutDiscovery(), inventory.WithParentConnectionId(conn.Conf.Id))},
+			})
+		}
+	}
 
 	return assetList, nil
 }

providers/gcp/resources/gcp.lr.go

@@ -166,6 +166,48 @@ func (g *mqlGcpProjectSecretmanagerServiceSecret) id() (string, error) {
 	return g.ResourcePath.Data, g.ResourcePath.Error
 }
 
+func initGcpProjectSecretmanagerServiceSecret(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error) {
+	// If we already have all the fields populated (e.g., from CreateResource in secrets()), just return.
+	if len(args) > 3 {
+		return args, nil, nil
+	}
+
+	// Resolve from asset identifier when accessed as a discovered asset
+	if len(args) == 0 {
+		if args == nil {
+			args = make(map[string]*llx.RawData)
+		}
+		if ids := getAssetIdentifier(runtime); ids != nil {
+			args["name"] = llx.StringData(ids.name)
+			args["projectId"] = llx.StringData(ids.project)
+		} else {
+			return nil, nil, errors.New("no asset identifier found")
+		}
+	}
+
+	obj, err := CreateResource(runtime, "gcp.project.secretmanagerService", map[string]*llx.RawData{
+		"projectId": args["projectId"],
+	})
+	if err != nil {
+		return nil, nil, err
+	}
+	svc := obj.(*mqlGcpProjectSecretmanagerService)
+	secrets := svc.GetSecrets()
+	if secrets.Error != nil {
+		return nil, nil, secrets.Error
+	}
+
+	nameVal := args["name"].Value.(string)
+	for _, s := range secrets.Data {
+		secret := s.(*mqlGcpProjectSecretmanagerServiceSecret)
+		if secret.Name.Data == nameVal {
+			return args, secret, nil
+		}
+	}
+
+	return nil, nil, fmt.Errorf("secret %q not found", nameVal)
+}
+
 func (g *mqlGcpProjectSecretmanagerServiceSecret) versions() ([]any, error) {
 	if g.ResourcePath.Error != nil {
 		return nil, g.ResourcePath.Error