Setsecret updates to new version if already exists

pkg/provider/gcp/secretmanager/fake/fake.go

@@ -107,7 +107,8 @@ func (mc *MockSMClient) DefaultAccessSecretVersion(wantedVersionName string) {
 			return nil, fmt.Errorf("access req has wrong version name: got %v want %v", req.Name, wantedVersionName)
 		}
 		return &secretmanagerpb.AccessSecretVersionResponse{
-			Name: req.Name,
+			Name:    req.Name,
+			Payload: &secretmanagerpb.SecretPayload{Data: []byte("bar")},
 		}, nil
 	}
 }

pkg/provider/gcp/secretmanager/secretsmanager.go

@@ -237,33 +237,40 @@ func (sm *ProviderGCP) SetSecret(ctx context.Context, payload []byte, remoteRef
 		},
 	}
 
-	secret, err := sm.SecretManagerClient.CreateSecret(ctx, createSecretReq)
+	gcpSecret, err := sm.GetSecret(ctx, esv1beta1.ExternalSecretDataRemoteRef{
+		Key: remoteRef.GetRemoteKey(),
+	})
+
+	gErr, ok := err.(*googleapi.Error)
+
+	if err != nil && ok && gErr.Code == 404 {
+		_, err := sm.SecretManagerClient.CreateSecret(ctx, createSecretReq)
+		if err != nil {
+			return err
+		}
+	}
 
-	if err != nil && err.(*googleapi.Error).Code != 409 { //nolint
+	if err != nil {
 		return err
 	}
 
+	if string(payload) == string(gcpSecret) {
+		return nil
+	}
+
 	addSecretVersionReq := &secretmanagerpb.AddSecretVersionRequest{
-		Parent: secret.Name,
+		Parent: fmt.Sprintf("projects/%s/secrets/%s", sm.projectID, remoteRef.GetRemoteKey()),
 		Payload: &secretmanagerpb.SecretPayload{
 			Data: payload,
 		},
 	}
 
-	version, err := sm.SecretManagerClient.AddSecretVersion(ctx, addSecretVersionReq)
+	_, err = sm.SecretManagerClient.AddSecretVersion(ctx, addSecretVersionReq)
 
 	if err != nil {
 		return err
 	}
 
-	accessRequest := secretmanagerpb.AccessSecretVersionRequest{
-		Name: version.Name,
-	}
-
-	if _, err := sm.SecretManagerClient.AccessSecretVersion(ctx, &accessRequest); err != nil {
-		return err
-	}
-
 	return nil
 }
 
@@ -322,10 +329,6 @@ func (sm *ProviderGCP) findByName(ctx context.Context, ref esv1beta1.ExternalSec
 	return utils.ConvertKeys(ref.ConversionStrategy, secretMap)
 }
 
-// func (sm *ProviderGCP) OverwriteSecret(ctx context.Context, ref esv1beta1.ExternalSecretFind) (map[string][]byte, error) {
-
-// }
-
 func (sm *ProviderGCP) getData(ctx context.Context, key string) ([]byte, error) {
 	dataRef := esv1beta1.ExternalSecretDataRemoteRef{
 		Key: key,

pkg/provider/gcp/secretmanager/secretsmanager_test.go

@@ -194,7 +194,7 @@ func TestSecretManagerSetSecret(t *testing.T) {
 
 	wantedSecretParent := fmt.Sprintf("projects/%s", projectID)
 	wantedVersionParent := fmt.Sprintf("%s/%s", wantedSecretParent, key)
-	wantedVersion := "latest"
+	wantedVersion := "projects/default/secrets/foo/versions/latest"
 
 	p := ProviderGCP{
 		SecretManagerClient: &secretManagerClient,