GoogleCloudPlatform · dhavalbhensdadiya-crest · Jan 27, 2026 · Jan 29, 2026 · Jan 27, 2026 · Jan 29, 2026
@@ -0,0 +1,69 @@
+<?php
+/*
+ * Copyright 2026 Google LLC.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * For instructions on how to run the full sample:
+ *
+ * @see https://github.com/GoogleCloudPlatform/php-docs-samples/tree/main/secretmanager/README.md
+ */
+
+declare(strict_types=1);
+
+namespace Google\Cloud\Samples\SecretManager;
+
+// [START secretmanager_create_regional_secret_with_expiration]
+use Google\Cloud\SecretManager\V1\CreateSecretRequest;
+use Google\Cloud\SecretManager\V1\Secret;
+use Google\Cloud\SecretManager\V1\Client\SecretManagerServiceClient;
+use Google\Protobuf\Duration;
+
+/**
+ * Create a regional secret with expiration TTL.
+ *
+ * @param string $projectId Google Cloud project id (e.g. 'my-project')
+ * @param string $locationId Secret location (e.g. 'us-central1')
+ * @param string $secretId Id for the new secret (e.g. 'my-secret')
+ */
+function create_regional_secret_with_expiration(string $projectId, string $locationId, string $secretId): void
+{
+    // Create the Secret Manager Regional client.
+    $options = ['apiEndpoint' => "secretmanager.$locationId.rep.googleapis.com"];
+    $client = new SecretManagerServiceClient($options);
+
+    // Build the resource name of the parent project.
+    $parent = $client->locationName($projectId, $locationId);
+
+    $duration = new Duration();
+    $duration->setSeconds(3600); // 1 hour TTL in seconds
+
+    $secret = new Secret();
+    $secret->setTtl($duration);
+
+    // Build the request.
+    $request = CreateSecretRequest::build($parent, $secretId, $secret);
+
+    // Create the secret.
+    $newSecret = $client->createSecret($request);
+
+    // Print the new secret name.
+    printf('Created secret: %s%s', $newSecret->getName(), PHP_EOL);
+}
+// [END secretmanager_create_regional_secret_with_expiration]
+
+// The following 2 lines are only needed to execute the samples on the CLI
+require_once __DIR__ . '/../../testing/sample_helpers.php';
+\Google\Cloud\Samples\execute_sample(__FILE__, __NAMESPACE__, $argv);
@@ -0,0 +1,74 @@
+<?php
+/*
+ * Copyright 2026 Google LLC.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * For instructions on how to run the full sample:
+ *
+ * @see https://github.com/GoogleCloudPlatform/php-docs-samples/tree/main/secretmanager/README.md
+ */
+
+declare(strict_types=1);
+
+namespace Google\Cloud\Samples\SecretManager;
+
+// [START secretmanager_create_secret_with_expiration]
+use Google\Cloud\SecretManager\V1\CreateSecretRequest;
+use Google\Cloud\SecretManager\V1\Replication;
+use Google\Cloud\SecretManager\V1\Replication\Automatic;
+use Google\Cloud\SecretManager\V1\Secret;
+use Google\Cloud\SecretManager\V1\Client\SecretManagerServiceClient;
+use Google\Protobuf\Duration;
+
+/**
+ * Create a secret with expiration TTL.
+ * 
+ * @param string $projectId Your Google Cloud Project ID (e.g. 'my-project')
+ * @param string $secretId  Your secret ID (e.g. 'my-secret')
+ */
+function create_secret_with_expiration(string $projectId, string $secretId): void
+{
+    // Create the Secret Manager client.
+    $client = new SecretManagerServiceClient();
+
+    // Build the resource name of the parent project.
+    $parent = $client->projectName($projectId);
+
+    $secret = new Secret([
+        'replication' => new Replication([
+            'automatic' => new Automatic(),
+        ]),
+    ]);
+
+    $duration = new Duration();
+    $duration->setSeconds(3600); // 1 hour TTL in seconds
+
+    $secret->setTtl($duration);
+
+    // Build the request.
+    $request = CreateSecretRequest::build($parent, $secretId, $secret);
+
+    // Create the secret.
+    $newSecret = $client->createSecret($request);
+
+    // Print the new secret name.
+    printf('Created secret: %s%s', $newSecret->getName(), PHP_EOL);
+}
+// [END secretmanager_create_secret_with_expiration]
+
+// The following 2 lines are only needed to execute the samples on the CLI
+require_once __DIR__ . '/../../testing/sample_helpers.php';
+\Google\Cloud\Samples\execute_sample(__FILE__, __NAMESPACE__, $argv);
@@ -0,0 +1,74 @@
+<?php
+/*
+ * Copyright 2026 Google LLC.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * For instructions on how to run the full sample:
+ *
+ * @see https://github.com/GoogleCloudPlatform/php-docs-samples/tree/main/secretmanager/README.md
+ */
+
+declare(strict_types=1);
+
+namespace Google\Cloud\Samples\SecretManager;
+
+// [START secretmanager_delete_regional_secret_expiration]
+use Google\Cloud\SecretManager\V1\Secret;
+use Google\Cloud\SecretManager\V1\UpdateSecretRequest;
+use Google\Cloud\SecretManager\V1\Client\SecretManagerServiceClient;
+use Google\Protobuf\FieldMask;
+
+/**
+ * Delete the expiration TTL from a regional secret.
+ *
+ * @param string $projectId Google Cloud project id (e.g. 'my-project')
+ * @param string $locationId Secret location (e.g. 'us-central1')
+ * @param string $secretId  Secret id (e.g. 'my-secret')
+ */
+function delete_regional_secret_expiration(string $projectId, string $locationId, string $secretId): void
+{
+    // Create the Secret Manager client.
+    $options = ['apiEndpoint' => "secretmanager.$locationId.rep.googleapis.com"];
+    $client = new SecretManagerServiceClient($options);
+
+    // Build the resource name of the secret.
+    $name = $client->projectLocationSecretName($projectId, $locationId, $secretId);
+
+    // Build the secret with only the name — leaving ttl unset clears it when used with an update mask.
+    $secret = new Secret([
+        'name' => $name,
+    ]);
+
+    // Set the field mask to clear the ttl field.
+    $fieldMask = new FieldMask();
+    $fieldMask->setPaths(['ttl']);
+
+    // Build the request.
+    $request = new UpdateSecretRequest();
+    $request->setSecret($secret);
+    $request->setUpdateMask($fieldMask);
+
+    // Update the secret.
+    $newSecret = $client->updateSecret($request);
+
+    // Print the new secret name.
+    printf('Updated secret: %s%s', $newSecret->getName(), PHP_EOL);
+}
+// [END secretmanager_delete_regional_secret_expiration]
+
+// The following 2 lines are only needed to execute the samples on the CLI
+require_once __DIR__ . '/../../testing/sample_helpers.php';
+\Google\Cloud\Samples\execute_sample(__FILE__, __NAMESPACE__, $argv);
@@ -0,0 +1,67 @@
+<?php
+/*
+ * Copyright 2026 Google LLC.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * For instructions on how to run the full sample:
+ *
+ * @see https://github.com/GoogleCloudPlatform/php-docs-samples/tree/main/secretmanager/README.md
+ */
+
+declare(strict_types=1);
+
+namespace Google\Cloud\Samples\SecretManager;
+
+// [START secretmanager_delete_regional_secret_using_etag]
+use Google\Cloud\SecretManager\V1\Client\SecretManagerServiceClient;
+use Google\Cloud\SecretManager\V1\GetSecretRequest;
+use Google\Cloud\SecretManager\V1\DeleteSecretRequest;
+
+/**
+ * Delete a regional secret using a stored etag (optimistic concurrency).
+ *
+ * @param string $projectId Your Google Cloud Project ID (e.g. 'my-project')
+ * @param string $locationId Secret location (e.g. 'us-central1')
+ * @param string $secretId  Your secret ID (e.g. 'my-secret')
+ */
+function delete_regional_secret_using_etag(string $projectId, string $locationId, string $secretId): void
+{
+    $options = ['apiEndpoint' => "secretmanager.$locationId.rep.googleapis.com"];
+    $client = new SecretManagerServiceClient($options);
+
+    $name = $client->projectLocationSecretName($projectId, $locationId, $secretId);
+
+    // Get the current secret to read the etag.
+    $getRequest = GetSecretRequest::build($name);
+    $current = $client->getSecret($getRequest);
+
+    $etag = $current->getEtag();
+
+    // Build the delete request with the etag.
+    $deleteRequest = (new DeleteSecretRequest())
+        ->setName($name)
+        ->setEtag($etag);
+
+    // Delete the secret.
+    $client->deleteSecret($deleteRequest);
+
+    printf('Deleted secret %s' . PHP_EOL, $secretId);
+}
+// [END secretmanager_delete_regional_secret_using_etag]
+
+// The following 2 lines are only needed to execute the samples on the CLI
+require_once __DIR__ . '/../../testing/sample_helpers.php';
+\Google\Cloud\Samples\execute_sample(__FILE__, __NAMESPACE__, $argv);
@@ -0,0 +1,72 @@
+<?php
+/*
+ * Copyright 2026 Google LLC.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * For instructions on how to run the full sample:
+ *
+ * @see https://github.com/GoogleCloudPlatform/php-docs-samples/tree/main/secretmanager/README.md
+ */
+
+declare(strict_types=1);
+
+namespace Google\Cloud\Samples\SecretManager;
+
+// [START secretmanager_delete_secret_expiration]
+use Google\Cloud\SecretManager\V1\Secret;
+use Google\Cloud\SecretManager\V1\Client\SecretManagerServiceClient;
+use Google\Cloud\SecretManager\V1\UpdateSecretRequest;
+use Google\Protobuf\FieldMask;
+
+/**
+ * Delete the TTL (expiration) from a secret.
+ *
+ * @param string $projectId Your Google Cloud Project ID (e.g. 'my-project')
+ * @param string $secretId  Your secret ID (e.g. 'my-secret')
+ */
+function delete_secret_expiration(string $projectId, string $secretId): void
+{
+    // Create the Secret Manager client.
+    $client = new SecretManagerServiceClient();
+
+    // Build the resource name of the secret.
+    $name = $client->secretName($projectId, $secretId);
+
+    // Build the secret with only the name — leaving ttl unset clears it when used with an update mask.
+    $secret = new Secret([
+        'name' => $name,
+    ]);
+
+    // Set the field mask to clear the ttl field.
+    $fieldMask = new FieldMask();
+    $fieldMask->setPaths(['ttl']);
+
+    // Build the request.
+    $request = new UpdateSecretRequest();
+    $request->setSecret($secret);
+    $request->setUpdateMask($fieldMask);
+
+    // Update the secret.
+    $newSecret = $client->updateSecret($request);
+
+    // Print the new secret name.
+    printf('Updated secret: %s%s', $newSecret->getName(), PHP_EOL);
+}
+// [END secretmanager_delete_secret_expiration]
+
+// The following 2 lines are only needed to execute the samples on the CLI
+require_once __DIR__ . '/../../testing/sample_helpers.php';
+\Google\Cloud\Samples\execute_sample(__FILE__, __NAMESPACE__, $argv);