Destruye un secreto con una ETag

import (
	"context"
	"fmt"

	secretmanager "cloud.google.com/go/secretmanager/apiv1"
	"cloud.google.com/go/secretmanager/apiv1/secretmanagerpb"
)

// destroySecretVersionWithEtag destroys the given secret version, making the payload
// irrecoverable. Other secrets versions are unaffected.
func destroySecretVersionWithEtag(name, etag string) error {
	// name := "projects/my-project/secrets/my-secret/versions/5"
	// etag := `"123"`

	// Create the client.
	ctx := context.Background()
	client, err := secretmanager.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create secretmanager client: %w", err)
	}
	defer client.Close()

	// Build the request.
	req := &secretmanagerpb.DestroySecretVersionRequest{
		Name: name,
		Etag: etag,
	}

	// Call the API.
	if _, err := client.DestroySecretVersion(ctx, req); err != nil {
		return fmt.Errorf("failed to destroy secret version: %w", err)
	}
	return nil
}

import com.google.cloud.secretmanager.v1.DestroySecretVersionRequest;
import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
import com.google.cloud.secretmanager.v1.SecretVersion;
import com.google.cloud.secretmanager.v1.SecretVersionName;
import java.io.IOException;

public class DestroySecretVersionWithEtag {

  public static void destroySecretVersion() throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";
    String secretId = "your-secret-id";
    String versionId = "your-version-id";
    // Including the quotes is important.
    String etag = "\"1234\"";
    destroySecretVersion(projectId, secretId, versionId, etag);
  }

  // Destroy an existing secret version.
  public static void destroySecretVersion(
      String projectId, String secretId, String versionId, String etag)
      throws IOException {
    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the "close" method on the client to safely clean up any remaining background resources.
    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
      // Build the name from the version.
      SecretVersionName secretVersionName = SecretVersionName.of(projectId, secretId, versionId);

      // Build the request.
      DestroySecretVersionRequest request =
          DestroySecretVersionRequest.newBuilder()
              .setName(secretVersionName.toString())
              .setEtag(etag)
              .build();

      // Destroy the secret version.
      SecretVersion version = client.destroySecretVersion(request);
      System.out.printf("Destroyed secret version %s\n", version.getName());
    }
  }
}

def destroy_secret_version_with_etag(
    project_id: str, secret_id: str, version_id: str, etag: str
) -> secretmanager.DestroySecretVersionRequest:
    """
    Destroy the given secret version, making the payload irrecoverable. Other
    secrets versions are unaffected.
    """

    # Import the Secret Manager client library.
    from google.cloud import secretmanager
    from google.cloud.secretmanager_v1.types import service

    # Create the Secret Manager client.
    client = secretmanager.SecretManagerServiceClient()

    # Build the resource name of the secret version
    name = f"projects/{project_id}/secrets/{secret_id}/versions/{version_id}"

    # Build the request
    request = service.DestroySecretVersionRequest()
    request.name = name
    request.etag = etag

    # Destroy the secret version.
    response = client.destroy_secret_version(request=request)

    print(f"Destroyed secret version: {response.name}")