Update SecretManagerSecret to include support for setting expiration and rotation policies

[tedelwartowski-bestbuy]

The GCP Secret Manager API supports the following which is not part of the SecretManagerSecret CRD:

• Expiration policy attached to the Secret. If specified the Secret and all SecretVersions will be automatically deleted at expiration.
• Rotation policy attached to the Secret.

Importance
This would be considered a pain-point as we are automating the creation of secrets and then have to manually update the secret to add a rotation notification or expiration.

[spew]

Hello @tedelwartowski-bestbuy thank you for your request. We are prioritizing this one internally and will have a future update.

[spew]

Hello @tedelwartowski-bestbuy we are looking into prioritizing this, if this is very important in the near future for you can you work with your GCP account manager to file an issue. This will help raise the priority on our side.

[gameformush]

What about adding pub-sub topics notification? Great feature but can't be enabled with CRD hence not really usable for automation :(

[jcanseco]

Hi @gameformush, we'll track that one too.

SecretManagerSecret is one of our Terraform-based resources, so I've deferred to the Terraform team to add support for the missing fields. It seems that they already had an existing request to add these fields from their users: hashicorp/terraform-provider-google#9195.

Once they add support, we'll be able to bring them over to Config Connector.

[jcanseco]

Hi @tedelwartowski-bestbuy and @gameformush, we just added support for the expire, rotation, topics, and ttl fields in SecretManagerSecret in KCC 1.56.0.