-
Notifications
You must be signed in to change notification settings - Fork 481
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Port Google Cloud classes to the new structure #156
Conversation
final class GoogleBucketStore implements BucketStore { | ||
private static final String APP_CREDENTIAL_BUCKET_PREFIX = "app-data-"; | ||
|
||
private Storage storage; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
both of these member vars can be final
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
whoops, thanks. I need @seehamrun's linter!
throws GoogleCredentialException { | ||
validateUsingGoogle(context); | ||
|
||
String env = context.getConfiguration("environment", "LOCAL"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
TODO to make a parameter?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
public @interface ProjectId {} | ||
|
||
@Override | ||
protected void configure() {} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need requireBinding(ExtensionContext.class)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done, didn't see an open source Module dependency test to catch this next time
validateUsingGoogle(context); | ||
|
||
String env = context.getConfiguration("environment", "LOCAL"); | ||
if (env.equals("LOCAL")) { // Running locally |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LOCAL should be a constant
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
// This is a crude check to make sure we are only pointing to test projects when running | ||
// locally and connecting to GCP | ||
Preconditions.checkArgument( | ||
projectId.endsWith("-local") || projectId.endsWith("-test") || projectId.endsWith("-qa"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
project id conventions could be put in a constant or enum with explanation of the suffices.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
+ " be a local/test project since it doesn't end in -local, -test, or -qa."); | ||
} else { // Assume running on GCP | ||
// TODO: Check whether we are actually running on GCP once we find out how | ||
String credsLocation = System.getenv("GOOGLE_APPLICATION_CREDENTIALS"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
constant for GOOGLE_APPLICATION_CREDENTIALS
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
} else { // Assume running on GCP | ||
// TODO: Check whether we are actually running on GCP once we find out how | ||
String credsLocation = System.getenv("GOOGLE_APPLICATION_CREDENTIALS"); | ||
if (!credsLocation.startsWith("/var/secrets/")) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could make a constant for /var/secrets, maybe something like KUBERNETES_SECRETS_PATH with documentation or link
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
validateUsingGoogle(context); | ||
String projectId; | ||
try { | ||
projectId = System.getenv("GOOGLE_PROJECT_ID"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
GOOGLE_PROJECT_ID could be in a constant or enum
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
* Google cloud? | ||
*/ | ||
private void validateUsingGoogle(ExtensionContext context) { | ||
if (!context.getConfiguration("cloud", "").equals("GOOGLE")) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"cloud" should probably come from a global flag name and/or constant or enum.
"GOOGLE" should be a constant in this class
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the comments, much more readable now!
final class GoogleBucketStore implements BucketStore { | ||
private static final String APP_CREDENTIAL_BUCKET_PREFIX = "app-data-"; | ||
|
||
private Storage storage; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
whoops, thanks. I need @seehamrun's linter!
throws GoogleCredentialException { | ||
validateUsingGoogle(context); | ||
|
||
String env = context.getConfiguration("environment", "LOCAL"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
// This is a crude check to make sure we are only pointing to test projects when running | ||
// locally and connecting to GCP | ||
Preconditions.checkArgument( | ||
projectId.endsWith("-local") || projectId.endsWith("-test") || projectId.endsWith("-qa"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
validateUsingGoogle(context); | ||
|
||
String env = context.getConfiguration("environment", "LOCAL"); | ||
if (env.equals("LOCAL")) { // Running locally |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
public @interface ProjectId {} | ||
|
||
@Override | ||
protected void configure() {} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done, didn't see an open source Module dependency test to catch this next time
+ " be a local/test project since it doesn't end in -local, -test, or -qa."); | ||
} else { // Assume running on GCP | ||
// TODO: Check whether we are actually running on GCP once we find out how | ||
String credsLocation = System.getenv("GOOGLE_APPLICATION_CREDENTIALS"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
} else { // Assume running on GCP | ||
// TODO: Check whether we are actually running on GCP once we find out how | ||
String credsLocation = System.getenv("GOOGLE_APPLICATION_CREDENTIALS"); | ||
if (!credsLocation.startsWith("/var/secrets/")) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
validateUsingGoogle(context); | ||
String projectId; | ||
try { | ||
projectId = System.getenv("GOOGLE_PROJECT_ID"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
* Google cloud? | ||
*/ | ||
private void validateUsingGoogle(ExtensionContext context) { | ||
if (!context.getConfiguration("cloud", "").equals("GOOGLE")) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a few comments
@@ -22,4 +22,9 @@ dependencies { | |||
compile("com.google.cloud:google-cloud-storage:${googleDatastoreVersion}") | |||
compile("com.google.cloud:google-cloud-datastore:${googleDatastoreVersion}") | |||
compile("com.google.inject:guice:${guiceVersion}") | |||
|
|||
testCompile("org.mockito:mockito-all:${mockitoVersion}") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe we can rearrange in alpha order.
compile("com.google.cloud:google-cloud-storage:${googleDatastoreVersion}") | ||
compile("com.google.cloud:google-cloud-datastore:${googleDatastoreVersion}") | ||
compile("com.google.inject:guice:${guiceVersion}") | ||
|
||
testCompile("org.mockito:mockito-all:${mockitoVersion}") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe we can list these in alpha order?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
// The path where Kubernetes stores Secrets. | ||
private static final String KUBERNETES_SECRETS_PATH_ROOT = "/var/secrets/"; | ||
|
||
@VisibleForTesting enum Environment { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since we already have a concept of environment, do we want to call this Realm? Or SubEnvironment? Or something else?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I only saw the definition in Core which I figured we would deprecate. Is there another one yet? I have not rebased your changes yet as to not mess up the code review, but I don't see another Environment in github code search. I will put a TODO for now.
private static final String SECRETS_CRYPTO_KEY_FMT_STRING = "projects/%s/locations/global/" | ||
+ "keyRings/portability_secrets/cryptoKeys/portability_secrets_key"; | ||
|
||
private CloudKMS cloudKMS; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these can be final
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks, I just checked I'm not missing any more, sorry about that
|
||
@Inject | ||
GoogleCryptoKeyManagementSystem(@ProjectId String projectId) throws GoogleCredentialException { | ||
HttpTransport transport = new NetHttpTransport(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Make transport injectable or add a TODO to do so
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done, did same with Json factory
ee388bf
to
292fd91
Compare
for #126