[Key Vault] Generate Secrets with TypeSpec (Azure#36901)

Author: mccoyp

sdk/keyvault/azure-keyvault-secrets/CHANGELOG.md

@@ -9,6 +9,7 @@
 ### Bugs Fixed
 
 ### Other Changes
+- Updated minimum `typing-extensions` version to 4.6.0
 
 ## 4.9.0 (2024-10-17)
 

sdk/keyvault/azure-keyvault-secrets/azure/keyvault/secrets/_client.py

@@ -63,7 +63,6 @@ def get_secret(self, name: str, version: Optional[str] = None, **kwargs: Any) ->
                 :dedent: 8
         """
         bundle = self._client.get_secret(
-            vault_base_url=self._vault_url,
             secret_name=name,
             secret_version=version or "",
             **kwargs
@@ -126,7 +125,6 @@ def set_secret(
         )
 
         bundle = self._client.set_secret(
-            vault_base_url=self.vault_url,
             secret_name=name,
             parameters=parameters,
             **kwargs
@@ -190,7 +188,6 @@ def update_secret_properties(
         )
 
         bundle = self._client.update_secret(
-            self.vault_url,
             name,
             secret_version=version or "",
             parameters=parameters,
@@ -217,7 +214,6 @@ def list_properties_of_secrets(self, **kwargs: Any) -> ItemPaged[SecretPropertie
 
         """
         return self._client.get_secrets(
-            self._vault_url,
             maxresults=kwargs.pop("max_page_size", None),
             cls=lambda objs: [SecretProperties._from_secret_item(x) for x in objs],
             **kwargs
@@ -244,7 +240,6 @@ def list_properties_of_secret_versions(self, name: str, **kwargs: Any) -> ItemPa
 
         """
         return self._client.get_secret_versions(
-            self._vault_url,
             name,
             maxresults=kwargs.pop("max_page_size", None),
             cls=lambda objs: [SecretProperties._from_secret_item(x) for x in objs],
@@ -272,7 +267,7 @@ def backup_secret(self, name: str, **kwargs: Any) -> bytes:
                 :dedent: 8
 
         """
-        backup_result = self._client.backup_secret(self.vault_url, name, **kwargs)
+        backup_result = self._client.backup_secret(name, **kwargs)
         return cast(bytes, backup_result.value)
 
     @distributed_trace
@@ -297,7 +292,6 @@ def restore_secret_backup(self, backup: bytes, **kwargs: Any) -> SecretPropertie
 
         """
         bundle = self._client.restore_secret(
-            self.vault_url,
             parameters=self._models.SecretRestoreParameters(secret_bundle_backup=backup),
             **kwargs
         )
@@ -336,7 +330,6 @@ def begin_delete_secret(self, name: str, **kwargs: Any) -> LROPoller[DeletedSecr
             polling_interval = 2
         # Ignore pyright warning about return type not being iterable because we use `cls` to return a tuple
         pipeline_response, deleted_secret_bundle = self._client.delete_secret(
-            vault_base_url=self.vault_url,
             secret_name=name,
             cls=lambda pipeline_response, deserialized, _: (pipeline_response, deserialized),
             **kwargs,
@@ -375,7 +368,7 @@ def get_deleted_secret(self, name: str, **kwargs: Any) -> DeletedSecret:
                 :dedent: 8
 
         """
-        bundle = self._client.get_deleted_secret(self.vault_url, name, **kwargs)
+        bundle = self._client.get_deleted_secret(name, **kwargs)
         return DeletedSecret._from_deleted_secret_bundle(bundle)
 
     @distributed_trace
@@ -397,7 +390,6 @@ def list_deleted_secrets(self, **kwargs: Any) -> ItemPaged[DeletedSecret]:
 
         """
         return self._client.get_deleted_secrets(
-            self._vault_url,
             maxresults=kwargs.pop("max_page_size", None),
             cls=lambda objs: [DeletedSecret._from_deleted_secret_item(x) for x in objs],
             **kwargs
@@ -428,7 +420,7 @@ def purge_deleted_secret(self, name: str, **kwargs: Any) -> None:
                 secret_client.purge_deleted_secret("secret-name")
 
         """
-        self._client.purge_deleted_secret(self.vault_url, name, **kwargs)
+        self._client.purge_deleted_secret(name, **kwargs)
 
     @distributed_trace
     def begin_recover_deleted_secret(self, name: str, **kwargs: Any) -> LROPoller[SecretProperties]:
@@ -465,7 +457,6 @@ def begin_recover_deleted_secret(self, name: str, **kwargs: Any) -> LROPoller[Se
             polling_interval = 2
         # Ignore pyright warning about return type not being iterable because we use `cls` to return a tuple
         pipeline_response, recovered_secret_bundle = self._client.recover_deleted_secret(
-            vault_base_url=self.vault_url,
             secret_name=name,
             cls=lambda pipeline_response, deserialized, _: (pipeline_response, deserialized),
             **kwargs,

sdk/keyvault/azure-keyvault-secrets/azure/keyvault/secrets/_generated/__init__.py

@@ -2,22 +2,31 @@
 # --------------------------------------------------------------------------
 # Copyright (c) Microsoft Corporation. All rights reserved.
 # Licensed under the MIT License. See License.txt in the project root for license information.
-# Code generated by Microsoft (R) AutoRest Code Generator.
+# Code generated by Microsoft (R) Python Code Generator.
 # Changes may cause incorrect behavior and will be lost if the code is regenerated.
 # --------------------------------------------------------------------------
+# pylint: disable=wrong-import-position
 
-from ._client import KeyVaultClient
+from typing import TYPE_CHECKING
+
+if TYPE_CHECKING:
+    from ._patch import *  # pylint: disable=unused-wildcard-import
+
+from ._client import KeyVaultClient  # type: ignore
+from ._version import VERSION
+
+__version__ = VERSION
 
 try:
     from ._patch import __all__ as _patch_all
-    from ._patch import *  # pylint: disable=unused-wildcard-import
+    from ._patch import *
 except ImportError:
     _patch_all = []
 from ._patch import patch_sdk as _patch_sdk
 
 __all__ = [
     "KeyVaultClient",
 ]
-__all__.extend([p for p in _patch_all if p not in __all__])
+__all__.extend([p for p in _patch_all if p not in __all__])  # pyright: ignore
 
 _patch_sdk()

sdk/keyvault/azure-keyvault-secrets/azure/keyvault/secrets/_generated/_client.py

@@ -2,35 +2,42 @@
 # --------------------------------------------------------------------------
 # Copyright (c) Microsoft Corporation. All rights reserved.
 # Licensed under the MIT License. See License.txt in the project root for license information.
-# Code generated by Microsoft (R) AutoRest Code Generator.
+# Code generated by Microsoft (R) Python Code Generator.
 # Changes may cause incorrect behavior and will be lost if the code is regenerated.
 # --------------------------------------------------------------------------
 
 from copy import deepcopy
-from typing import Any
+from typing import Any, TYPE_CHECKING
+from typing_extensions import Self
 
 from azure.core import PipelineClient
 from azure.core.pipeline import policies
 from azure.core.rest import HttpRequest, HttpResponse
 
-from . import models as _models
 from ._configuration import KeyVaultClientConfiguration
 from ._operations import KeyVaultClientOperationsMixin
 from ._serialization import Deserializer, Serializer
 
+if TYPE_CHECKING:
+    from azure.core.credentials import TokenCredential
 
-class KeyVaultClient(KeyVaultClientOperationsMixin):  # pylint: disable=client-accepts-api-version-keyword
+
+class KeyVaultClient(KeyVaultClientOperationsMixin):
     """The key vault client performs cryptographic key operations and vault operations against the Key
     Vault service.
 
-    :keyword api_version: Api Version. Default value is "7.5". Note that overriding this default
-     value may result in unsupported behavior.
+    :param vault_base_url: Required.
+    :type vault_base_url: str
+    :param credential: Credential used to authenticate requests to the service. Required.
+    :type credential: ~azure.core.credentials.TokenCredential
+    :keyword api_version: The API version to use for this operation. Default value is
+     "7.6-preview.2". Note that overriding this default value may result in unsupported behavior.
     :paramtype api_version: str
     """
 
-    def __init__(self, **kwargs: Any) -> None:  # pylint: disable=missing-client-constructor-parameter-credential
+    def __init__(self, vault_base_url: str, credential: "TokenCredential", **kwargs: Any) -> None:
         _endpoint = "{vaultBaseUrl}"
-        self._config = KeyVaultClientConfiguration(**kwargs)
+        self._config = KeyVaultClientConfiguration(vault_base_url=vault_base_url, credential=credential, **kwargs)
         _policies = kwargs.pop("policies", None)
         if _policies is None:
             _policies = [
@@ -50,10 +57,8 @@ def __init__(self, **kwargs: Any) -> None:  # pylint: disable=missing-client-con
             ]
         self._client: PipelineClient = PipelineClient(base_url=_endpoint, policies=_policies, **kwargs)
 
-        client_models = {k: v for k, v in _models._models.__dict__.items() if isinstance(v, type)}
-        client_models.update({k: v for k, v in _models.__dict__.items() if isinstance(v, type)})
-        self._serialize = Serializer(client_models)
-        self._deserialize = Deserializer(client_models)
+        self._serialize = Serializer()
+        self._deserialize = Deserializer()
         self._serialize.client_side_validation = False
 
     def send_request(self, request: HttpRequest, *, stream: bool = False, **kwargs: Any) -> HttpResponse:
@@ -75,13 +80,19 @@ def send_request(self, request: HttpRequest, *, stream: bool = False, **kwargs:
         """
 
         request_copy = deepcopy(request)
-        request_copy.url = self._client.format_url(request_copy.url)
+        path_format_arguments = {
+            "vaultBaseUrl": self._serialize.url(
+                "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True
+            ),
+        }
+
+        request_copy.url = self._client.format_url(request_copy.url, **path_format_arguments)
         return self._client.send_request(request_copy, stream=stream, **kwargs)  # type: ignore
 
     def close(self) -> None:
         self._client.close()
 
-    def __enter__(self) -> "KeyVaultClient":
+    def __enter__(self) -> Self:
         self._client.__enter__()
         return self
 

sdk/keyvault/azure-keyvault-secrets/azure/keyvault/secrets/_generated/_configuration.py

@@ -2,15 +2,18 @@
 # --------------------------------------------------------------------------
 # Copyright (c) Microsoft Corporation. All rights reserved.
 # Licensed under the MIT License. See License.txt in the project root for license information.
-# Code generated by Microsoft (R) AutoRest Code Generator.
+# Code generated by Microsoft (R) Python Code Generator.
 # Changes may cause incorrect behavior and will be lost if the code is regenerated.
 # --------------------------------------------------------------------------
 
-from typing import Any
+from typing import Any, TYPE_CHECKING
 
 from azure.core.pipeline import policies
 
-VERSION = "unknown"
+from ._version import VERSION
+
+if TYPE_CHECKING:
+    from azure.core.credentials import TokenCredential
 
 
 class KeyVaultClientConfiguration:  # pylint: disable=too-many-instance-attributes
@@ -19,16 +22,28 @@ class KeyVaultClientConfiguration:  # pylint: disable=too-many-instance-attribut
     Note that all parameters used to create this instance are saved as instance
     attributes.
 
-    :keyword api_version: Api Version. Default value is "7.5". Note that overriding this default
-     value may result in unsupported behavior.
+    :param vault_base_url: Required.
+    :type vault_base_url: str
+    :param credential: Credential used to authenticate requests to the service. Required.
+    :type credential: ~azure.core.credentials.TokenCredential
+    :keyword api_version: The API version to use for this operation. Default value is
+     "7.6-preview.2". Note that overriding this default value may result in unsupported behavior.
     :paramtype api_version: str
     """
 
-    def __init__(self, **kwargs: Any) -> None:
-        api_version: str = kwargs.pop("api_version", "7.5")
+    def __init__(self, vault_base_url: str, credential: "TokenCredential", **kwargs: Any) -> None:
+        api_version: str = kwargs.pop("api_version", "7.6-preview.2")
+
+        if vault_base_url is None:
+            raise ValueError("Parameter 'vault_base_url' must not be None.")
+        if credential is None:
+            raise ValueError("Parameter 'credential' must not be None.")
 
+        self.vault_base_url = vault_base_url
+        self.credential = credential
         self.api_version = api_version
-        kwargs.setdefault("sdk_moniker", "keyvault/{}".format(VERSION))
+        self.credential_scopes = kwargs.pop("credential_scopes", ["https://vault.azure.net/.default"])
+        kwargs.setdefault("sdk_moniker", "keyvault-secrets/{}".format(VERSION))
         self.polling_interval = kwargs.get("polling_interval", 30)
         self._configure(**kwargs)
 
@@ -42,3 +57,7 @@ def _configure(self, **kwargs: Any) -> None:
         self.redirect_policy = kwargs.get("redirect_policy") or policies.RedirectPolicy(**kwargs)
         self.retry_policy = kwargs.get("retry_policy") or policies.RetryPolicy(**kwargs)
         self.authentication_policy = kwargs.get("authentication_policy")
+        if self.credential and not self.authentication_policy:
+            self.authentication_policy = policies.BearerTokenCredentialPolicy(
+                self.credential, *self.credential_scopes, **kwargs
+            )