Port Google Cloud classes to the new structure #156
Conversation
| final class GoogleBucketStore implements BucketStore { | ||
| private static final String APP_CREDENTIAL_BUCKET_PREFIX = "app-data-"; | ||
|
|
||
| private Storage storage; |
There was a problem hiding this comment.
both of these member vars can be final
There was a problem hiding this comment.
whoops, thanks. I need @seehamrun's linter!
| throws GoogleCredentialException { | ||
| validateUsingGoogle(context); | ||
|
|
||
| String env = context.getConfiguration("environment", "LOCAL"); |
There was a problem hiding this comment.
TODO to make a parameter?
| public @interface ProjectId {} | ||
|
|
||
| @Override | ||
| protected void configure() {} |
There was a problem hiding this comment.
Do we need requireBinding(ExtensionContext.class)
There was a problem hiding this comment.
Done, didn't see an open source Module dependency test to catch this next time
| validateUsingGoogle(context); | ||
|
|
||
| String env = context.getConfiguration("environment", "LOCAL"); | ||
| if (env.equals("LOCAL")) { // Running locally |
There was a problem hiding this comment.
LOCAL should be a constant
| // This is a crude check to make sure we are only pointing to test projects when running | ||
| // locally and connecting to GCP | ||
| Preconditions.checkArgument( | ||
| projectId.endsWith("-local") || projectId.endsWith("-test") || projectId.endsWith("-qa"), |
There was a problem hiding this comment.
project id conventions could be put in a constant or enum with explanation of the suffices.
| + " be a local/test project since it doesn't end in -local, -test, or -qa."); | ||
| } else { // Assume running on GCP | ||
| // TODO: Check whether we are actually running on GCP once we find out how | ||
| String credsLocation = System.getenv("GOOGLE_APPLICATION_CREDENTIALS"); |
There was a problem hiding this comment.
constant for GOOGLE_APPLICATION_CREDENTIALS
| } else { // Assume running on GCP | ||
| // TODO: Check whether we are actually running on GCP once we find out how | ||
| String credsLocation = System.getenv("GOOGLE_APPLICATION_CREDENTIALS"); | ||
| if (!credsLocation.startsWith("/var/secrets/")) { |
There was a problem hiding this comment.
We could make a constant for /var/secrets, maybe something like KUBERNETES_SECRETS_PATH with documentation or link
| validateUsingGoogle(context); | ||
| String projectId; | ||
| try { | ||
| projectId = System.getenv("GOOGLE_PROJECT_ID"); |
There was a problem hiding this comment.
GOOGLE_PROJECT_ID could be in a constant or enum
| * Google cloud? | ||
| */ | ||
| private void validateUsingGoogle(ExtensionContext context) { | ||
| if (!context.getConfiguration("cloud", "").equals("GOOGLE")) { |
There was a problem hiding this comment.
"cloud" should probably come from a global flag name and/or constant or enum.
"GOOGLE" should be a constant in this class
| final class GoogleBucketStore implements BucketStore { | ||
| private static final String APP_CREDENTIAL_BUCKET_PREFIX = "app-data-"; | ||
|
|
||
| private Storage storage; |
There was a problem hiding this comment.
whoops, thanks. I need @seehamrun's linter!
| throws GoogleCredentialException { | ||
| validateUsingGoogle(context); | ||
|
|
||
| String env = context.getConfiguration("environment", "LOCAL"); |
| // This is a crude check to make sure we are only pointing to test projects when running | ||
| // locally and connecting to GCP | ||
| Preconditions.checkArgument( | ||
| projectId.endsWith("-local") || projectId.endsWith("-test") || projectId.endsWith("-qa"), |
| validateUsingGoogle(context); | ||
|
|
||
| String env = context.getConfiguration("environment", "LOCAL"); | ||
| if (env.equals("LOCAL")) { // Running locally |
| public @interface ProjectId {} | ||
|
|
||
| @Override | ||
| protected void configure() {} |
There was a problem hiding this comment.
Done, didn't see an open source Module dependency test to catch this next time
| + " be a local/test project since it doesn't end in -local, -test, or -qa."); | ||
| } else { // Assume running on GCP | ||
| // TODO: Check whether we are actually running on GCP once we find out how | ||
| String credsLocation = System.getenv("GOOGLE_APPLICATION_CREDENTIALS"); |
| } else { // Assume running on GCP | ||
| // TODO: Check whether we are actually running on GCP once we find out how | ||
| String credsLocation = System.getenv("GOOGLE_APPLICATION_CREDENTIALS"); | ||
| if (!credsLocation.startsWith("/var/secrets/")) { |
| validateUsingGoogle(context); | ||
| String projectId; | ||
| try { | ||
| projectId = System.getenv("GOOGLE_PROJECT_ID"); |
| * Google cloud? | ||
| */ | ||
| private void validateUsingGoogle(ExtensionContext context) { | ||
| if (!context.getConfiguration("cloud", "").equals("GOOGLE")) { |
| @@ -22,4 +22,9 @@ dependencies { | |||
| compile("com.google.cloud:google-cloud-storage:${googleDatastoreVersion}") | |||
| compile("com.google.cloud:google-cloud-datastore:${googleDatastoreVersion}") | |||
| compile("com.google.inject:guice:${guiceVersion}") | |||
|
|
|||
| testCompile("org.mockito:mockito-all:${mockitoVersion}") | |||
There was a problem hiding this comment.
Maybe we can rearrange in alpha order.
| compile("com.google.cloud:google-cloud-storage:${googleDatastoreVersion}") | ||
| compile("com.google.cloud:google-cloud-datastore:${googleDatastoreVersion}") | ||
| compile("com.google.inject:guice:${guiceVersion}") | ||
|
|
||
| testCompile("org.mockito:mockito-all:${mockitoVersion}") |
There was a problem hiding this comment.
Maybe we can list these in alpha order?
| // The path where Kubernetes stores Secrets. | ||
| private static final String KUBERNETES_SECRETS_PATH_ROOT = "/var/secrets/"; | ||
|
|
||
| @VisibleForTesting enum Environment { |
There was a problem hiding this comment.
Since we already have a concept of environment, do we want to call this Realm? Or SubEnvironment? Or something else?
There was a problem hiding this comment.
I only saw the definition in Core which I figured we would deprecate. Is there another one yet? I have not rebased your changes yet as to not mess up the code review, but I don't see another Environment in github code search. I will put a TODO for now.
| private static final String SECRETS_CRYPTO_KEY_FMT_STRING = "projects/%s/locations/global/" | ||
| + "keyRings/portability_secrets/cryptoKeys/portability_secrets_key"; | ||
|
|
||
| private CloudKMS cloudKMS; |
There was a problem hiding this comment.
thanks, I just checked I'm not missing any more, sorry about that
|
|
||
| @Inject | ||
| GoogleCryptoKeyManagementSystem(@ProjectId String projectId) throws GoogleCredentialException { | ||
| HttpTransport transport = new NetHttpTransport(); |
There was a problem hiding this comment.
Make transport injectable or add a TODO to do so
There was a problem hiding this comment.
Done, did same with Json factory
rtannenbaum
force-pushed
the
google-stores
branch
from
ee388bf
to
292fd91
Compare
for #126