Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add mtls support #367

Merged
merged 9 commits into from
Feb 10, 2021
Merged

feat: add mtls support #367

merged 9 commits into from
Feb 10, 2021

Conversation

arithmetic1728
Copy link
Contributor

@arithmetic1728 arithmetic1728 commented Jan 27, 2021
edited
Loading

https://google.aip.dev/auth/4114
googlers see go/mtls-python-cloud-core-clients for more details.

Part of the mtls feature is implemented in googleapis/python-cloud-core#75, and will be released as version 1.16.0.

This PR adds the mtls feature to storage client lib. Note that:
(1) if the python-cloud-core version is < 1.16.0, this PR does nothing, it is backward compatible and won't break any current users.
(2) if the user sets GOOGLE_API_USE_CLIENT_CERTIFICATE env var to "true" to trigger mtls, then the PR checks python-cloud-core version. It throws an exception asking the user to bump the version, if the version < 1.16.0. So probably it is a good idea to release python-cloud-core 1.16.0 before merging this PR.
(3) the unit tests work for both python-cloud-core versions, so unit test shouldn't break after the upgrading in the future.
(4) for mtls testing (running internally), we need to skip a couple of system tests:

  • kms/pubsub tests: because the version used doesn't support mtls
  • any tests using service account credentials: because mtls only works with user credentials

@product-auto-label product-auto-label bot added the api: storage Issues related to the googleapis/python-storage API. label Jan 27, 2021
@google-cla google-cla bot added the cla: yes This human has signed the Contributor License Agreement. label Jan 27, 2021
@arithmetic1728 arithmetic1728 changed the title [WIP] feat: add mtls support feat: add mtls support Jan 29, 2021
@arithmetic1728 arithmetic1728 marked this pull request as ready for review January 31, 2021 12:50
@arithmetic1728 arithmetic1728 requested review from a team, tswast, busunkim96 and frankyn January 31, 2021 12:50
@frankyn frankyn requested a review from andrewsg February 8, 2021 20:03
andrewsg
andrewsg requested changes Feb 9, 2021
View reviewed changes
google/cloud/storage/_http.py Show resolved Hide resolved
google/cloud/storage/_http.py Show resolved Hide resolved
google/cloud/storage/_http.py Outdated Show resolved Hide resolved
google/cloud/storage/blob.py Outdated Show resolved Hide resolved
frankyn
frankyn requested changes Feb 9, 2021
View reviewed changes
google/cloud/storage/_http.py Outdated Show resolved Hide resolved
tests/unit/test__http.py Show resolved Hide resolved
tests/system/test_system.py Show resolved Hide resolved
tests/system/test_system.py Show resolved Hide resolved
@arithmetic1728 arithmetic1728 requested a review from a team as a code owner February 9, 2021 23:38
frankyn
frankyn requested changes Feb 10, 2021
View reviewed changes
google/cloud/storage/blob.py Outdated Show resolved Hide resolved
tests/system/test_system.py Show resolved Hide resolved
tests/system/test_system.py Show resolved Hide resolved
@arithmetic1728 arithmetic1728 merged commit d35ab35 into master Feb 10, 2021
@arithmetic1728 arithmetic1728 deleted the for_mtls branch February 10, 2021 19:01
cojenco pushed a commit to cojenco/python-storage that referenced this pull request Oct 13, 2021
@arithmetic1728 @cojenco
feat: add mtls support (googleapis#367)
5c334d8 
* feat: add mtls support

* update

* update

* update

* update

* update
cojenco pushed a commit to cojenco/python-storage that referenced this pull request Oct 13, 2021
@arithmetic1728 @cojenco
feat: add mtls support (googleapis#367)
1e76cbe 
* feat: add mtls support

* update

* update

* update

* update

* update
@release-please release-please bot mentioned this pull request Jan 12, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@frankyn frankyn frankyn approved these changes

@andrewsg andrewsg andrewsg approved these changes

@tswast tswast Awaiting requested review from tswast

@busunkim96 busunkim96 Awaiting requested review from busunkim96

Assignees
No one assigned
Labels
api: storage Issues related to the googleapis/python-storage API. cla: yes This human has signed the Contributor License Agreement.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@arithmetic1728 @andrewsg @frankyn