Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add mtls support #367

Merged
merged 9 commits into from Feb 10, 2021
Merged

feat: add mtls support #367

merged 9 commits into from Feb 10, 2021

Conversation

@arithmetic1728
Copy link
Contributor

@arithmetic1728 arithmetic1728 commented Jan 27, 2021

https://google.aip.dev/auth/4114
googlers see go/mtls-python-cloud-core-clients for more details.

Part of the mtls feature is implemented in googleapis/python-cloud-core#75, and will be released as version 1.16.0.

This PR adds the mtls feature to storage client lib. Note that:
(1) if the python-cloud-core version is < 1.16.0, this PR does nothing, it is backward compatible and won't break any current users.
(2) if the user sets GOOGLE_API_USE_CLIENT_CERTIFICATE env var to "true" to trigger mtls, then the PR checks python-cloud-core version. It throws an exception asking the user to bump the version, if the version < 1.16.0. So probably it is a good idea to release python-cloud-core 1.16.0 before merging this PR.
(3) the unit tests work for both python-cloud-core versions, so unit test shouldn't break after the upgrading in the future.
(4) for mtls testing (running internally), we need to skip a couple of system tests:

  • kms/pubsub tests: because the version used doesn't support mtls
  • any tests using service account credentials: because mtls only works with user credentials
@google-cla google-cla bot added the cla: yes label Jan 27, 2021
@arithmetic1728 arithmetic1728 changed the title [WIP] feat: add mtls support feat: add mtls support Jan 29, 2021
@arithmetic1728 arithmetic1728 marked this pull request as ready for review Jan 31, 2021
@frankyn frankyn requested a review from andrewsg Feb 8, 2021
google/cloud/storage/_http.py Show resolved Hide resolved
google/cloud/storage/_http.py Show resolved Hide resolved
google/cloud/storage/_http.py Outdated Show resolved Hide resolved
google/cloud/storage/blob.py Outdated Show resolved Hide resolved
google/cloud/storage/_http.py Outdated Show resolved Hide resolved
tests/unit/test__http.py Show resolved Hide resolved
tests/system/test_system.py Show resolved Hide resolved
tests/system/test_system.py Show resolved Hide resolved
@arithmetic1728 arithmetic1728 requested a review from as a code owner Feb 9, 2021
google/cloud/storage/blob.py Outdated Show resolved Hide resolved
tests/system/test_system.py Show resolved Hide resolved
tests/system/test_system.py Show resolved Hide resolved
@arithmetic1728 arithmetic1728 merged commit d35ab35 into master Feb 10, 2021
5 checks passed
@arithmetic1728 arithmetic1728 deleted the for_mtls branch Feb 10, 2021
cojenco added a commit to cojenco/python-storage that referenced this issue Oct 13, 2021
* feat: add mtls support

* update

* update

* update

* update

* update
cojenco added a commit to cojenco/python-storage that referenced this issue Oct 13, 2021
* feat: add mtls support

* update

* update

* update

* update

* update
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants