Make SecretManagerkeyring the only allowed keyring (#2636)

Remove the support for custom keyrings. There is no pressing use case,
and can be error-prone.

Author: weiminyu

core/src/main/java/google/registry/beam/common/RegistryPipelineComponent.java

@@ -20,6 +20,7 @@
 import google.registry.config.CredentialModule;
 import google.registry.config.RegistryConfig.Config;
 import google.registry.config.RegistryConfig.ConfigModule;
+import google.registry.keyring.KeyringModule;
 import google.registry.persistence.PersistenceModule;
 import google.registry.persistence.PersistenceModule.BeamJpaTm;
 import google.registry.persistence.PersistenceModule.BeamReadOnlyReplicaJpaTm;
@@ -36,6 +37,7 @@
     modules = {
       ConfigModule.class,
       CredentialModule.class,
+      KeyringModule.class,
       PersistenceModule.class,
       SecretManagerModule.class,
       UtilsModule.class

core/src/main/java/google/registry/config/RegistryConfigSettings.java

@@ -215,6 +215,7 @@ public static class Misc {
   }
 
   /** Configuration for keyrings (used to store secrets outside of source). */
+  // TODO(b/388835696): remove section after updating config files.
   public static class Keyring {
     public String activeKeyring;
   }

core/src/main/java/google/registry/keyring/KeyringModule.java

@@ -14,31 +14,22 @@
 
 package google.registry.keyring;
 
-import static com.google.common.base.Preconditions.checkState;
-
+import dagger.Binds;
 import dagger.Module;
 import dagger.Provides;
 import google.registry.config.RegistryConfig.Config;
 import google.registry.keyring.api.Keyring;
-import java.util.Map;
+import google.registry.keyring.secretmanager.SecretManagerKeyring;
 import java.util.Optional;
 import javax.inject.Singleton;
 
 /** Dagger module for {@link Keyring} */
 @Module
-public final class KeyringModule {
+public abstract class KeyringModule {
 
-  @Provides
+  @Binds
   @Singleton
-  public static Keyring provideKeyring(
-      Map<String, Keyring> keyrings, @Config("activeKeyring") String activeKeyring) {
-    checkState(
-        keyrings.containsKey(activeKeyring),
-        "Invalid Keyring %s is configured; valid choices are %s",
-        activeKeyring,
-        keyrings.keySet());
-    return keyrings.get(activeKeyring);
-  }
+  public abstract Keyring provideKeyring(SecretManagerKeyring keyring);
 
   @Provides
   @Config("cloudSqlInstanceConnectionName")