Add configuration for Google credentials Update libraries to allow use of GoogleCredentials. Change-Id: Ic243b0a950955bae891210e30cb8975768b6743b

commit: c007a8d390628c99ed7bf6102809a5333419b969 [log] [tgz]
author: Wendy Wang <[email protected]> Tue Jul 11 11:08:03 2023 +0200
committer: Wendy Wang <[email protected]> Mon Sep 04 13:56:12 2023 +0200
tree: a60aa8dc9dcd79015b0ecd6e1bbe65981a61111f
parent: 0bba8a72685f85d943eaef9e76899c6616117187 [diff]
diff --git a/BUILD b/BUILD
index 6ae07a1..5b434d5 100644
--- a/BUILD
+++ b/BUILD

@@ -30,8 +30,6 @@
         "@gax-httpjson//jar",
         "@gax//jar",
         "@global-refdb//jar",
-        "@google-api-client-json//jar",
-        "@google-api-client//jar",
         "@google-api-common//jar",
         "@google-auth-library-credentials//jar",
         "@google-auth-library-oauth2-http//jar",
@@ -39,8 +37,11 @@
         "@google-cloud-core//jar",
         "@google-cloud-spanner//jar",
         "@google-cloud-storage//jar",
+        "@google-code-gson//jar",
         "@google-http-client-gson//jar",
+        "@google-http-client-jackson//jar",
         "@google-http-client//jar",
+        "@google-oauth-client-jetty//jar",
         "@grpc-alts//jar",
         "@grpc-api//jar",
         "@grpc-auth//jar",
@@ -123,5 +124,6 @@
         "@google-cloud-spanner//jar",
         "@testcontainer-localstack//jar",
         "@testcontainers//jar",
+        "@google-auth-library-oauth2-http//jar",
     ],
 )

diff --git a/README.md b/README.md
index 54136ee..4c77967 100644
--- a/README.md
+++ b/README.md

@@ -55,4 +55,8 @@
 ## Configuration options
 
 Configuration details can be found in the
-[spanner-refdb config documentation](src/main/resources/Documentation/config.md).
\ No newline at end of file
+[spanner-refdb config documentation](src/main/resources/Documentation/config.md).
+
+When not used with the emulator, the plugin requires the path to credentials in
+the config to authenticate with google. To create the key see the
+[official documentation](https://cloud.google.com/iam/docs/keys-create-delete).
\ No newline at end of file

diff --git a/external_plugin_deps.bzl b/external_plugin_deps.bzl
index bf9d40d..b4dba16 100644
--- a/external_plugin_deps.bzl
+++ b/external_plugin_deps.bzl

@@ -7,7 +7,7 @@
 PROTOBUF_JAVA_VER = "3.21.12"
 OPENCENSUS_VER = "0.31.1"
 OPENCENSUS_PROTO_VER = "0.2.0"
-GOOGLE_HTTP_CLIENT_VER = "1.43.1"
+GOOGLE_HTTP_CLIENT_VER = "1.43.3"
 CLOUD_CORE_VER = "2.12.0"
 GOOGLE_COMMON_PROTOS_VERS = "2.14.2"
 
@@ -138,24 +138,24 @@
         artifact = "io.grpc:grpc-core:" + GRPC_VER,
     )
     maven_jar(
-        name = "grpc-context",
-        sha1 = "70aa77c3e715b6f22a42c466eb2f48031bc468fb",
-        artifact = "io.grpc:grpc-context:" + GRPC_VER,
-    )
-    maven_jar(
         name = "gax-httpjson",
         sha1 = "2aad7ab9500a4188f8d0967244c21ce6a023cd80",
         artifact = "com.google.api:gax-httpjson:0.108.2",
     )
     maven_jar(
+        name = "grpc-context",
+        sha1 = "70aa77c3e715b6f22a42c466eb2f48031bc468fb",
+        artifact = "io.grpc:grpc-context:" + GRPC_VER,
+    )
+    maven_jar(
         name = "gax-grpc",
-        sha1 = "f72d1ac348b29ed121e0166d875e8d22db7c3a7a",
-        artifact = "com.google.api:gax-grpc:2.23.3",
+        sha1 = "70a13c321fb0042b40fd363e92fcc02f669416c0",
+        artifact = "com.google.api:gax-grpc:2.32.0",
     )
     maven_jar(
         name = "gax",
-        sha1 = "34442411d1ae36c61508189c4d198ef69dbde4ab",
-        artifact = "com.google.api:gax:2.23.3",
+        sha1 = "522bf3c2a738847b9719eac8ce572be0f84da40a",
+        artifact = "com.google.api:gax:2.32.0",
     )
     maven_jar(
         name = "grpc-gcp",
@@ -208,6 +208,11 @@
         sha1 = "10e53fd4d987e37190432e896bdaa62e8ea2c628",
     )
     maven_jar(
+        name = "google-api-client-gson",
+        artifact = "com.google.api-client:google-api-client-gson:2.2.0",
+        sha1 = "319d792c7df5164ba33f5741b642071915d8c046",
+    )
+    maven_jar(
         name = "google-api-common",
         artifact = "com.google.api:api-common:2.6.3",
         sha1 = "b47c8a2c25005b94c4c43884e0a78bf965de17d8",
@@ -220,12 +225,27 @@
     maven_jar(
         name = "google-http-client",
         artifact = "com.google.http-client:google-http-client:" + GOOGLE_HTTP_CLIENT_VER,
-        sha1 = "2ef9413e65319ac448534b424522a2c48087d884",
+        sha1 = "a758b82e55a2f5f681e289c5ed384d3dbda6f3cd",
+    )
+    maven_jar(
+        name = "google-http-client-jackson",
+        artifact = "com.google.http-client:google-http-client-jackson2:" + GOOGLE_HTTP_CLIENT_VER,
+        sha1 = "689da86469d19a01c726c8c24477b95c8a834bbe",
+    )
+    maven_jar(
+        name = "google-code-gson",
+        artifact = "com.google.code.gson:gson:2.8.9",
+        sha1 = "8a432c1d6825781e21a02db2e2c33c5fde2833b9",
     )
     maven_jar(
         name = "google-http-client-gson",
         artifact = "com.google.http-client:google-http-client-gson:" + GOOGLE_HTTP_CLIENT_VER,
-        sha1 = "06f000784f9813ee33f976e42822d98ffacf3dbd",
+        sha1 = "252e267acf720ef6333488740a696a1d5e204639",
+    )
+    maven_jar(
+        name = "google-api-client-jackson",
+        artifact = "com.google.api-client:google-api-client-jackson2:2.2.0",
+        sha1 = "a521bfbdc0cbca4796eb8cb1b7fd5bc4b9c4e7dd",
     )
     maven_jar(
         name = "google-api-client-util",
@@ -233,16 +253,16 @@
         sha1 = "5613058f449666061dbab2f824fb72b9de441b4d",
     )
     maven_jar(
-        name = "google-api-client-gson",
-        artifact = "com.google.api-client:google-api-client-gson:2.2.0",
-        sha1 = "319d792c7df5164ba33f5741b642071915d8c046",
-    )
-    maven_jar(
         name = "google-api-client-json",
         artifact = "com.google.api.client:google-api-client-json:1.2.3-alpha",
         sha1 = "96fc0eb531f79ca3d1cbb347e91b61df5743f051",
     )
     maven_jar(
+        name = "google-oauth-client-jetty",
+        artifact = "com.google.oauth-client:google-oauth-client-jetty:1.34.1",
+        sha1 = "a6aff2c1be148bac622e5048e20f536f71b3380d",
+    )
+    maven_jar(
         name = "google-cloud-core-grpc",
         artifact = "com.google.cloud:google-cloud-core-grpc:" + CLOUD_CORE_VER,
         sha1 = "14fba1b12a8069aeb1bcd60006c76496ff766f6a",

diff --git a/src/main/java/com/googlesource/gerrit/plugins/spannerrefdb/Configuration.java b/src/main/java/com/googlesource/gerrit/plugins/spannerrefdb/Configuration.java
index e6653a3..960d358 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/spannerrefdb/Configuration.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/spannerrefdb/Configuration.java

@@ -14,17 +14,23 @@
 
 package com.googlesource.gerrit.plugins.spannerrefdb;
 
+import com.google.auth.oauth2.GoogleCredentials;
 import com.google.cloud.spanner.DatabaseId;
 import com.google.cloud.spanner.SpannerOptions;
 import com.google.common.base.Strings;
+import com.google.common.flogger.FluentLogger;
 import com.google.gerrit.extensions.annotations.PluginName;
 import com.google.gerrit.server.config.PluginConfigFactory;
 import com.google.inject.Inject;
 import com.google.inject.Singleton;
+import java.io.FileInputStream;
+import java.io.IOException;
 import org.eclipse.jgit.lib.Config;
 
 @Singleton
 class Configuration {
+  private static final FluentLogger logger = FluentLogger.forEnclosingClass();
+
   public static final String DATABASE_KEY = "database";
   public static final String INSTANCE_KEY = "instance";
   public static final String SECTION = "ref-database";
@@ -34,11 +40,22 @@
   private SpannerOptions options;
 
   @Inject
-  Configuration(PluginConfigFactory configFactory, @PluginName String pluginName) {
+  Configuration(PluginConfigFactory configFactory, @PluginName String pluginName)
+      throws IOException {
     Config cfg = configFactory.getGlobalPluginConfig(pluginName);
-    this.spannerInstance = getString(cfg, SECTION, SUBSECTION, INSTANCE_KEY, "test-instance");
+    this.spannerInstance = getString(cfg, SECTION, SUBSECTION, INSTANCE_KEY, "spanner-instance");
     this.spannerDatabase = getString(cfg, SECTION, SUBSECTION, DATABASE_KEY, "global-refdb");
-    this.options = SpannerOptions.newBuilder().build();
+    boolean useEmulator = cfg.getBoolean(SECTION, "useEmulator", false);
+    if (useEmulator) {
+      this.options = SpannerOptions.newBuilder().build();
+      logger.atInfo().log(
+          "Using local Spanner emulator for global-refdb; Spanner credentials will not be read.");
+    } else {
+      String credentialsPath = getString(cfg, SECTION, null, "credentialsPath", null);
+      GoogleCredentials credentials =
+          GoogleCredentials.fromStream(new FileInputStream(credentialsPath));
+      this.options = SpannerOptions.newBuilder().setCredentials(credentials).build();
+    }
   }
 
   final String getSpannerInstanceName() {

diff --git a/src/main/resources/Documentation/config.md b/src/main/resources/Documentation/config.md
index b9409e0..61feccf 100644
--- a/src/main/resources/Documentation/config.md
+++ b/src/main/resources/Documentation/config.md

@@ -1,21 +1,29 @@
 Configuration
 =========================
 
-The plugin can be configured as usual in the gerrit.config. All configuration
-is optional, if no values are provided these will be the defaults.
+The plugin can be configured as usual in the gerrit.config.
+The credentialsPath is required when not using the Spanner emulator.
 
 ```
-[plugin "spanner-refdb"]
-        gcpProject = test-project
-        spannerInstance = test-instance
-        spannerDatabase = global-refdb
+[ref-database "spanner"]
+        instance = spanner-instance
+        database = global-refdb
+        useEmulator = false
+        credentialsPath = /path/to/credentials.json
 ```
 
-`plugin.spanner-refdb.gcpProject`
-:   Optional. The name of the google cloud platform project.
-
-`plugin.spanner-refdb.spannerInstance`
+`ref-database.spanner.instance`
 :   Optional. The name of the spanner instance.
+`Default: spanner-instance.`
 
-`plugin.spanner-refdb.spannerDatabase`
-:   Optional. The name of the spanner database.
\ No newline at end of file
+`ref-database.spanner.database`
+:   Optional. The name of the spanner database.
+`Default: global-refdb.`
+
+`ref-database.spanner.useEmulator`
+:   Optional. Boolean, whether or not to use the [in-memory Cloud Spanner emulator](https://cloud.google.com/spanner/docs/emulator).
+`Default: false.`
+
+`ref-database.spanner.credentialsPath`
+:   Required when not using the emulator. The path to Google cloud credentials. 
+`Default: null.`
\ No newline at end of file

diff --git a/src/test/java/com/googlesource/gerrit/plugins/spannerrefdb/SpannerEmulatorContainer.java b/src/test/java/com/googlesource/gerrit/plugins/spannerrefdb/SpannerEmulatorContainer.java
index a331e2c..203da39 100644
--- a/src/test/java/com/googlesource/gerrit/plugins/spannerrefdb/SpannerEmulatorContainer.java
+++ b/src/test/java/com/googlesource/gerrit/plugins/spannerrefdb/SpannerEmulatorContainer.java

@@ -156,6 +156,7 @@
 
   private Configuration createEmulatorConfiguration() {
     Config refDbConfig = new Config();
+    refDbConfig.setBoolean(Configuration.SECTION, null, "useEmulator", true);
     refDbConfig.setString(SECTION, SUBSECTION, INSTANCE_KEY, SPANNER_INSTANCE_ID);
     refDbConfig.setString(SECTION, SUBSECTION, DATABASE_KEY, SPANNER_DATABASE_ID);
commit	c007a8d390628c99ed7bf6102809a5333419b969	[log] [tgz]
author	Wendy Wang <[email protected]>	Tue Jul 11 11:08:03 2023 +0200
committer	Wendy Wang <[email protected]>	Mon Sep 04 13:56:12 2023 +0200
tree	a60aa8dc9dcd79015b0ecd6e1bbe65981a61111f
parent	0bba8a72685f85d943eaef9e76899c6616117187 [diff]