gcpkms/mock_kms_server_test.go

// Copyright 2019 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

// Code originally generated by gapic-generator.
// Ref: https://github.com/googleapis/google-cloud-go/blob/4fe86a327f97ada275ce1744459129df38f9c95b/kms/apiv1/mock_test.go

package gcpkms

import (
	"context"
	"fmt"
	"io"
	"strings"

	"cloud.google.com/go/kms/apiv1/kmspb"
	"google.golang.org/genproto/googleapis/rpc/status"
	"google.golang.org/grpc/metadata"
	"google.golang.org/protobuf/proto"
	"google.golang.org/protobuf/types/known/anypb"
)

var _ = io.EOF
var _ = anypb.New
var _ status.Status

type mockKeyManagementServer struct {
	// Embed for forward compatibility.
	// Tests will keep working if more methods are added
	// in the future.
	kmspb.KeyManagementServiceServer

	reqs []proto.Message

	// If set, all calls return this error.
	err error

	// responses to return if err == nil
	resps []proto.Message
}

func (s *mockKeyManagementServer) ListKeyRings(ctx context.Context, req *kmspb.ListKeyRingsRequest) (*kmspb.ListKeyRingsResponse, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.ListKeyRingsResponse), nil
}

func (s *mockKeyManagementServer) ListCryptoKeys(ctx context.Context, req *kmspb.ListCryptoKeysRequest) (*kmspb.ListCryptoKeysResponse, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.ListCryptoKeysResponse), nil
}

func (s *mockKeyManagementServer) ListCryptoKeyVersions(ctx context.Context, req *kmspb.ListCryptoKeyVersionsRequest) (*kmspb.ListCryptoKeyVersionsResponse, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.ListCryptoKeyVersionsResponse), nil
}

func (s *mockKeyManagementServer) ListImportJobs(ctx context.Context, req *kmspb.ListImportJobsRequest) (*kmspb.ListImportJobsResponse, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.ListImportJobsResponse), nil
}

func (s *mockKeyManagementServer) GetKeyRing(ctx context.Context, req *kmspb.GetKeyRingRequest) (*kmspb.KeyRing, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.KeyRing), nil
}

func (s *mockKeyManagementServer) GetCryptoKey(ctx context.Context, req *kmspb.GetCryptoKeyRequest) (*kmspb.CryptoKey, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.CryptoKey), nil
}

func (s *mockKeyManagementServer) GetCryptoKeyVersion(ctx context.Context, req *kmspb.GetCryptoKeyVersionRequest) (*kmspb.CryptoKeyVersion, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.CryptoKeyVersion), nil
}

func (s *mockKeyManagementServer) GetPublicKey(ctx context.Context, req *kmspb.GetPublicKeyRequest) (*kmspb.PublicKey, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.PublicKey), nil
}

func (s *mockKeyManagementServer) GetImportJob(ctx context.Context, req *kmspb.GetImportJobRequest) (*kmspb.ImportJob, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.ImportJob), nil
}

func (s *mockKeyManagementServer) CreateKeyRing(ctx context.Context, req *kmspb.CreateKeyRingRequest) (*kmspb.KeyRing, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.KeyRing), nil
}

func (s *mockKeyManagementServer) CreateCryptoKey(ctx context.Context, req *kmspb.CreateCryptoKeyRequest) (*kmspb.CryptoKey, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.CryptoKey), nil
}

func (s *mockKeyManagementServer) CreateCryptoKeyVersion(ctx context.Context, req *kmspb.CreateCryptoKeyVersionRequest) (*kmspb.CryptoKeyVersion, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.CryptoKeyVersion), nil
}

func (s *mockKeyManagementServer) ImportCryptoKeyVersion(ctx context.Context, req *kmspb.ImportCryptoKeyVersionRequest) (*kmspb.CryptoKeyVersion, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.CryptoKeyVersion), nil
}

func (s *mockKeyManagementServer) CreateImportJob(ctx context.Context, req *kmspb.CreateImportJobRequest) (*kmspb.ImportJob, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.ImportJob), nil
}

func (s *mockKeyManagementServer) UpdateCryptoKey(ctx context.Context, req *kmspb.UpdateCryptoKeyRequest) (*kmspb.CryptoKey, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.CryptoKey), nil
}

func (s *mockKeyManagementServer) UpdateCryptoKeyVersion(ctx context.Context, req *kmspb.UpdateCryptoKeyVersionRequest) (*kmspb.CryptoKeyVersion, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.CryptoKeyVersion), nil
}

func (s *mockKeyManagementServer) Encrypt(ctx context.Context, req *kmspb.EncryptRequest) (*kmspb.EncryptResponse, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.EncryptResponse), nil
}

func (s *mockKeyManagementServer) Decrypt(ctx context.Context, req *kmspb.DecryptRequest) (*kmspb.DecryptResponse, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.DecryptResponse), nil
}

func (s *mockKeyManagementServer) AsymmetricSign(ctx context.Context, req *kmspb.AsymmetricSignRequest) (*kmspb.AsymmetricSignResponse, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.AsymmetricSignResponse), nil
}

func (s *mockKeyManagementServer) AsymmetricDecrypt(ctx context.Context, req *kmspb.AsymmetricDecryptRequest) (*kmspb.AsymmetricDecryptResponse, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.AsymmetricDecryptResponse), nil
}

func (s *mockKeyManagementServer) UpdateCryptoKeyPrimaryVersion(ctx context.Context, req *kmspb.UpdateCryptoKeyPrimaryVersionRequest) (*kmspb.CryptoKey, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.CryptoKey), nil
}

func (s *mockKeyManagementServer) DestroyCryptoKeyVersion(ctx context.Context, req *kmspb.DestroyCryptoKeyVersionRequest) (*kmspb.CryptoKeyVersion, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.CryptoKeyVersion), nil
}

func (s *mockKeyManagementServer) RestoreCryptoKeyVersion(ctx context.Context, req *kmspb.RestoreCryptoKeyVersionRequest) (*kmspb.CryptoKeyVersion, error) {
	md, _ := metadata.FromIncomingContext(ctx)
	if xg := md["x-goog-api-client"]; len(xg) == 0 || !strings.Contains(xg[0], "gl-go/") {
		return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)
	}
	s.reqs = append(s.reqs, req)
	if s.err != nil {
		return nil, s.err
	}
	return s.resps[0].(*kmspb.CryptoKeyVersion), nil
}
gcpkms: update SDK to latest, add tests, tidy This updates the GCP KMS client to latest, adds more extensive test coverage, and general tidying of bits of code. The improvements are based on a fork of the key source in the Flux project's kustomize-controller, built due to SOPS' limitation around credential management without relying on runtime environment variables. - Updates the deprecated `google.golang.org/api/cloudkms/v1` to `cloud.google.com/go/kms/apiv1`. - It introduces a `CredentialJSON` type which holds a Service Account credential file, and can be applied to the `MasterKey`. When applied, the provided credentials are used in the GCP KMS service client configuration, instead of relying on `GOOGLE_CREDENTIALS`, or the default client environment variables. This is most useful when working with SOPS as an SDK, in combination with e.g. a local key service server implementation. - Test coverage. The forked version of this has compatability (and integration) tests to ensure it works with current SOPS: - https://github.com/fluxcd/kustomize-controller/blob/cbb0fc9df5da12a54cf998392dbd80d28522def5/internal/sops/gcpkms/keysource_integration_test.go#L39 - https://github.com/fluxcd/kustomize-controller/blob/cbb0fc9df5da12a54cf998392dbd80d28522def5/internal/sops/gcpkms/keysource_integration_test.go#L59 Co-authored-by: Somtochi Onyekwere <somtochi@weave.works> Signed-off-by: Hidde Beydals <hello@hidde.co> 2022-06-07 15:47:10 +02:00			`// Copyright 2019 Google LLC`
			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// https://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

			`// Code originally generated by gapic-generator.`
			`// Ref: https://github.com/googleapis/google-cloud-go/blob/4fe86a327f97ada275ce1744459129df38f9c95b/kms/apiv1/mock_test.go`

			`package gcpkms`

			`import (`
			`"context"`
			`"fmt"`
			`"io"`
			`"strings"`

gcpkms: further deal with Google SDK deprecations xref: https://github.com/googleapis/google-cloud-go/blob/e535dc7c1d986c2ad6db3e8f5f2974935ee9ecda/migration.md Signed-off-by: Hidde Beydals <hidde@hhh.computer> 2023-08-17 00:40:21 +02:00			`"cloud.google.com/go/kms/apiv1/kmspb"`
gcpkms: update SDK to latest, add tests, tidy This updates the GCP KMS client to latest, adds more extensive test coverage, and general tidying of bits of code. The improvements are based on a fork of the key source in the Flux project's kustomize-controller, built due to SOPS' limitation around credential management without relying on runtime environment variables. - Updates the deprecated `google.golang.org/api/cloudkms/v1` to `cloud.google.com/go/kms/apiv1`. - It introduces a `CredentialJSON` type which holds a Service Account credential file, and can be applied to the `MasterKey`. When applied, the provided credentials are used in the GCP KMS service client configuration, instead of relying on `GOOGLE_CREDENTIALS`, or the default client environment variables. This is most useful when working with SOPS as an SDK, in combination with e.g. a local key service server implementation. - Test coverage. The forked version of this has compatability (and integration) tests to ensure it works with current SOPS: - https://github.com/fluxcd/kustomize-controller/blob/cbb0fc9df5da12a54cf998392dbd80d28522def5/internal/sops/gcpkms/keysource_integration_test.go#L39 - https://github.com/fluxcd/kustomize-controller/blob/cbb0fc9df5da12a54cf998392dbd80d28522def5/internal/sops/gcpkms/keysource_integration_test.go#L59 Co-authored-by: Somtochi Onyekwere <somtochi@weave.works> Signed-off-by: Hidde Beydals <hello@hidde.co> 2022-06-07 15:47:10 +02:00			`"google.golang.org/genproto/googleapis/rpc/status"`
			`"google.golang.org/grpc/metadata"`
gcpkms: further deal with Google SDK deprecations xref: https://github.com/googleapis/google-cloud-go/blob/e535dc7c1d986c2ad6db3e8f5f2974935ee9ecda/migration.md Signed-off-by: Hidde Beydals <hidde@hhh.computer> 2023-08-17 00:40:21 +02:00			`"google.golang.org/protobuf/proto"`
			`"google.golang.org/protobuf/types/known/anypb"`
gcpkms: update SDK to latest, add tests, tidy This updates the GCP KMS client to latest, adds more extensive test coverage, and general tidying of bits of code. The improvements are based on a fork of the key source in the Flux project's kustomize-controller, built due to SOPS' limitation around credential management without relying on runtime environment variables. - Updates the deprecated `google.golang.org/api/cloudkms/v1` to `cloud.google.com/go/kms/apiv1`. - It introduces a `CredentialJSON` type which holds a Service Account credential file, and can be applied to the `MasterKey`. When applied, the provided credentials are used in the GCP KMS service client configuration, instead of relying on `GOOGLE_CREDENTIALS`, or the default client environment variables. This is most useful when working with SOPS as an SDK, in combination with e.g. a local key service server implementation. - Test coverage. The forked version of this has compatability (and integration) tests to ensure it works with current SOPS: - https://github.com/fluxcd/kustomize-controller/blob/cbb0fc9df5da12a54cf998392dbd80d28522def5/internal/sops/gcpkms/keysource_integration_test.go#L39 - https://github.com/fluxcd/kustomize-controller/blob/cbb0fc9df5da12a54cf998392dbd80d28522def5/internal/sops/gcpkms/keysource_integration_test.go#L59 Co-authored-by: Somtochi Onyekwere <somtochi@weave.works> Signed-off-by: Hidde Beydals <hello@hidde.co> 2022-06-07 15:47:10 +02:00			`)`

			`var _ = io.EOF`
			`var _ = anypb.New`
			`var _ status.Status`

			`type mockKeyManagementServer struct {`
			`// Embed for forward compatibility.`
			`// Tests will keep working if more methods are added`
			`// in the future.`
			`kmspb.KeyManagementServiceServer`

			`reqs []proto.Message`

			`// If set, all calls return this error.`
			`err error`

			`// responses to return if err == nil`
			`resps []proto.Message`
			`}`

			`func (s mockKeyManagementServer) ListKeyRings(ctx context.Context, req kmspb.ListKeyRingsRequest) (*kmspb.ListKeyRingsResponse, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.ListKeyRingsResponse), nil`
			`}`

			`func (s mockKeyManagementServer) ListCryptoKeys(ctx context.Context, req kmspb.ListCryptoKeysRequest) (*kmspb.ListCryptoKeysResponse, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.ListCryptoKeysResponse), nil`
			`}`

			`func (s mockKeyManagementServer) ListCryptoKeyVersions(ctx context.Context, req kmspb.ListCryptoKeyVersionsRequest) (*kmspb.ListCryptoKeyVersionsResponse, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.ListCryptoKeyVersionsResponse), nil`
			`}`

			`func (s mockKeyManagementServer) ListImportJobs(ctx context.Context, req kmspb.ListImportJobsRequest) (*kmspb.ListImportJobsResponse, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.ListImportJobsResponse), nil`
			`}`

			`func (s mockKeyManagementServer) GetKeyRing(ctx context.Context, req kmspb.GetKeyRingRequest) (*kmspb.KeyRing, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.KeyRing), nil`
			`}`

			`func (s mockKeyManagementServer) GetCryptoKey(ctx context.Context, req kmspb.GetCryptoKeyRequest) (*kmspb.CryptoKey, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.CryptoKey), nil`
			`}`

			`func (s mockKeyManagementServer) GetCryptoKeyVersion(ctx context.Context, req kmspb.GetCryptoKeyVersionRequest) (*kmspb.CryptoKeyVersion, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.CryptoKeyVersion), nil`
			`}`

			`func (s mockKeyManagementServer) GetPublicKey(ctx context.Context, req kmspb.GetPublicKeyRequest) (*kmspb.PublicKey, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.PublicKey), nil`
			`}`

			`func (s mockKeyManagementServer) GetImportJob(ctx context.Context, req kmspb.GetImportJobRequest) (*kmspb.ImportJob, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.ImportJob), nil`
			`}`

			`func (s mockKeyManagementServer) CreateKeyRing(ctx context.Context, req kmspb.CreateKeyRingRequest) (*kmspb.KeyRing, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.KeyRing), nil`
			`}`

			`func (s mockKeyManagementServer) CreateCryptoKey(ctx context.Context, req kmspb.CreateCryptoKeyRequest) (*kmspb.CryptoKey, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.CryptoKey), nil`
			`}`

			`func (s mockKeyManagementServer) CreateCryptoKeyVersion(ctx context.Context, req kmspb.CreateCryptoKeyVersionRequest) (*kmspb.CryptoKeyVersion, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.CryptoKeyVersion), nil`
			`}`

			`func (s mockKeyManagementServer) ImportCryptoKeyVersion(ctx context.Context, req kmspb.ImportCryptoKeyVersionRequest) (*kmspb.CryptoKeyVersion, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.CryptoKeyVersion), nil`
			`}`

			`func (s mockKeyManagementServer) CreateImportJob(ctx context.Context, req kmspb.CreateImportJobRequest) (*kmspb.ImportJob, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.ImportJob), nil`
			`}`

			`func (s mockKeyManagementServer) UpdateCryptoKey(ctx context.Context, req kmspb.UpdateCryptoKeyRequest) (*kmspb.CryptoKey, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.CryptoKey), nil`
			`}`

			`func (s mockKeyManagementServer) UpdateCryptoKeyVersion(ctx context.Context, req kmspb.UpdateCryptoKeyVersionRequest) (*kmspb.CryptoKeyVersion, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.CryptoKeyVersion), nil`
			`}`

			`func (s mockKeyManagementServer) Encrypt(ctx context.Context, req kmspb.EncryptRequest) (*kmspb.EncryptResponse, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.EncryptResponse), nil`
			`}`

			`func (s mockKeyManagementServer) Decrypt(ctx context.Context, req kmspb.DecryptRequest) (*kmspb.DecryptResponse, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.DecryptResponse), nil`
			`}`

			`func (s mockKeyManagementServer) AsymmetricSign(ctx context.Context, req kmspb.AsymmetricSignRequest) (*kmspb.AsymmetricSignResponse, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.AsymmetricSignResponse), nil`
			`}`

			`func (s mockKeyManagementServer) AsymmetricDecrypt(ctx context.Context, req kmspb.AsymmetricDecryptRequest) (*kmspb.AsymmetricDecryptResponse, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.AsymmetricDecryptResponse), nil`
			`}`

			`func (s mockKeyManagementServer) UpdateCryptoKeyPrimaryVersion(ctx context.Context, req kmspb.UpdateCryptoKeyPrimaryVersionRequest) (*kmspb.CryptoKey, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.CryptoKey), nil`
			`}`

			`func (s mockKeyManagementServer) DestroyCryptoKeyVersion(ctx context.Context, req kmspb.DestroyCryptoKeyVersionRequest) (*kmspb.CryptoKeyVersion, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.CryptoKeyVersion), nil`
			`}`

			`func (s mockKeyManagementServer) RestoreCryptoKeyVersion(ctx context.Context, req kmspb.RestoreCryptoKeyVersionRequest) (*kmspb.CryptoKeyVersion, error) {`
			`md, _ := metadata.FromIncomingContext(ctx)`
			`if xg := md["x-goog-api-client"]; len(xg) == 0 \|\| !strings.Contains(xg[0], "gl-go/") {`
			`return nil, fmt.Errorf("x-goog-api-client = %v, expected gl-go key", xg)`
			`}`
			`s.reqs = append(s.reqs, req)`
			`if s.err != nil {`
			`return nil, s.err`
			`}`
			`return s.resps[0].(*kmspb.CryptoKeyVersion), nil`
			`}`