-
Notifications
You must be signed in to change notification settings - Fork 189
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use access token for the Authorisation #146
Use access token for the Authorisation #146
Conversation
Thanks for your pull request. It looks like this may be your first contribution to a Google open source project (if not, look below for help). Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please visit https://cla.developers.google.com/ to sign. Once you've signed (or fixed any issues), please reply here with What to do if you already signed the CLAIndividual signers
Corporate signers
ℹ️ Googlers: Go here for more info. |
@googlebot I signed it!
…On Tue, Mar 24, 2020 at 6:45 PM googlebot ***@***.***> wrote:
Thanks for your pull request. It looks like this may be your first
contribution to a Google open source project (if not, look below for help).
Before we can look at your pull request, you'll need to sign a Contributor
License Agreement (CLA).
📝 *Please visit https://cla.developers.google.com/
<https://cla.developers.google.com/> to sign.*
Once you've signed (or fixed any issues), please reply here with @googlebot
I signed it! and we'll verify it.
------------------------------
What to do if you already signed the CLA Individual signers
- It's possible we don't have your GitHub username or you're using a
different email address on your commit. Check your existing CLA data
<https://cla.developers.google.com/clas> and verify that your email is
set on your git commits
<https://help.github.com/articles/setting-your-email-in-git/>.
Corporate signers
- Your company has a Point of Contact who decides which employees are
authorized to participate. Ask your POC to be added to the group of
authorized contributors. If you don't know who your Point of Contact is,
direct the Google project maintainer to go/cla#troubleshoot (Public
version <https://opensource.google/docs/cla/#troubleshoot>).
- The email used to register you as an authorized contributor must be
the email used for the Git commit. Check your existing CLA data
<https://cla.developers.google.com/clas> and verify that your email is
set on your git commits
<https://help.github.com/articles/setting-your-email-in-git/>.
- The email used to register you as an authorized contributor must
also be attached to your GitHub account
<https://github.com/settings/emails>.
ℹ️ *Googlers: Go here
<https://goto.google.com/prinfo/https%3A%2F%2Fgithub.com%2FGoogleCloudDataproc%2Fspark-bigquery-connector%2Fpull%2F146>
for more info*.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#146 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADBQ6XXZJ6XDQF6D4K574ULRJCW75ANCNFSM4LSUMOHA>
.
|
CLAs look good, thanks! ℹ️ Googlers: Go here for more info. |
/gcbrun |
connector/src/main/scala/com/google/cloud/spark/bigquery/SparkBigQueryOptions.scala
Outdated
Show resolved
Hide resolved
connector/src/main/scala/com/google/cloud/spark/bigquery/SparkBigQueryOptions.scala
Outdated
Show resolved
Hide resolved
@@ -77,6 +79,8 @@ object SparkBigQueryOptions { | |||
val DefaultFormat: FormatOptions = FormatOptions.parquet() | |||
private val PermittedIntermediateFormats = Set(FormatOptions.orc(), FormatOptions.parquet()) | |||
|
|||
val GcsAccessTokenConfig = "spark.gcs.user.accessToken" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please change the name to gcpAccessToken
@davidrabinowitz can you please also reply to the comment above? |
I was hoping to get the initial AccessToken support ready as we plan to release the next version of the connector next week (March 30/31). In the long run, something along the points you have outlined sounds like a good plan. Some of the work I've started for implemented DataSource v2 will probably make it easier. I suggest that we merge this PR as is (just changing the option name), and let's open another issue where we can continue the discussion. |
/gcbrun |
Hey, are you planning on merging this feature and including in the the next release? I'd like to use it as well :) |
@davidrabinowitz I have addressed the comments and tested the changes on my end -
// Verify the user has the access
//set access token for the user who does not have read permission to the dataset
// Verify that this user does not have the access
// Give this user access via the GCP console and verify that the user is able to read the dataset
I have verified this for the writes as well. Anything else pending from my side? |
Hi @mayurdb Can you please do the follwoing:
I plan to release a new version next week, and I'd be happy to include this PR in it. |
/gcbrun |
@davidrabinowitz I have changed the conf name to I have also rebased the branch to master! |
@mayurdb Yes, I'd appreciate it if you can change it to just |
@davidrabinowitz done |
/gcbrun |
@davidrabinowitz just realized, spark ignores the confs which are not prefixed with |
With this change, the user can pass the access token to the spark with conf
spark.gcs.user.accessToken
and the same will be used for the authorization of the big-query resources.This change still does not support refreshing the access token on expiry which would become an issue for the long-running spark applications.
I am currently thinking of this approach to solve this -
Let me know if this sounds workable or if there is some simpler approach to do this.