From 5f991c8afb5f8224da5ef1f763d37d99c92dda4c Mon Sep 17 00:00:00 2001 From: fahadshamiinsta Date: Thu, 11 Jan 2024 13:20:39 +1100 Subject: [PATCH 01/11] fixed conflicts Signed-off-by: fahadshamiinsta --- CHANGELOG.md | 1 + .../GoogleApplicationDefaultCredentials.java | 29 +++++ .../gcs/GoogleCloudStorageService.java | 19 ++- .../gcs/GoogleCloudStorageServiceTests.java | 112 ++++++++++++++---- 4 files changed, 132 insertions(+), 29 deletions(-) create mode 100644 plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleApplicationDefaultCredentials.java diff --git a/CHANGELOG.md b/CHANGELOG.md index 0b256473dec6f..d27ed747a790d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -58,6 +58,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Add task completion count in search backpressure stats API ([#10028](https://github.com/opensearch-project/OpenSearch/pull/10028/)) - Deprecate CamelCase `PathHierarchy` tokenizer name in favor to lowercase `path_hierarchy` ([#10894](https://github.com/opensearch-project/OpenSearch/pull/10894)) - Switched to more reliable OpenSearch Lucene snapshot location([#11728](https://github.com/opensearch-project/OpenSearch/pull/11728)) +- Added support for Google Application Default Credentials in repository-gcs ([#8394](https://github.com/opensearch-project/OpenSearch/pull/8394)) ### Deprecated diff --git a/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleApplicationDefaultCredentials.java b/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleApplicationDefaultCredentials.java new file mode 100644 index 0000000000000..9c123aad1f91e --- /dev/null +++ b/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleApplicationDefaultCredentials.java @@ -0,0 +1,29 @@ +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + */ + +package org.opensearch.repositories.gcs; + +import com.google.auth.oauth2.GoogleCredentials; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +import java.io.IOException; + +public class GoogleApplicationDefaultCredentials { + private static final Logger logger = LogManager.getLogger(GoogleApplicationDefaultCredentials.class); + + public GoogleCredentials get() { + GoogleCredentials credentials = null; + try { + credentials = SocketAccess.doPrivilegedIOException(GoogleCredentials::getApplicationDefault); + } catch (IOException e) { + logger.error("Failed to retrieve \"Application Default Credentials\"",e); + } + return credentials; + } +} diff --git a/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleCloudStorageService.java b/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleCloudStorageService.java index c9ebb3acaf3e5..cec0d04ebb7cd 100644 --- a/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleCloudStorageService.java +++ b/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleCloudStorageService.java @@ -36,6 +36,7 @@ import com.google.api.client.http.HttpRequestInitializer; import com.google.api.client.http.HttpTransport; import com.google.api.client.http.javanet.NetHttpTransport; +import com.google.auth.oauth2.GoogleCredentials; import com.google.auth.oauth2.ServiceAccountCredentials; import com.google.cloud.ServiceOptions; import com.google.cloud.http.HttpTransportOptions; @@ -70,6 +71,15 @@ public class GoogleCloudStorageService { */ private volatile Map clientCache = emptyMap(); + final private GoogleApplicationDefaultCredentials googleApplicationDefaultCredentials; + + public GoogleCloudStorageService() { + this.googleApplicationDefaultCredentials = new GoogleApplicationDefaultCredentials(); + } + + public GoogleCloudStorageService(GoogleApplicationDefaultCredentials googleApplicationDefaultCredentials) { + this.googleApplicationDefaultCredentials = googleApplicationDefaultCredentials; + } /** * Refreshes the client settings and clears the client cache. Subsequent calls to * {@code GoogleCloudStorageService#client} will return new clients constructed @@ -213,10 +223,11 @@ StorageOptions createStorageOptions( storageOptionsBuilder.setProjectId(clientSettings.getProjectId()); } if (clientSettings.getCredential() == null) { - logger.warn( - "\"Application Default Credentials\" are not supported out of the box." - + " Additional file system permissions have to be granted to the plugin." - ); + logger.info("\"Application Default Credentials\" will be in use"); + final GoogleCredentials credentials = googleApplicationDefaultCredentials.get(); + if (credentials != null) { + storageOptionsBuilder.setCredentials(credentials); + } } else { ServiceAccountCredentials serviceAccountCredentials = clientSettings.getCredential(); // override token server URI diff --git a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java index a531555debefb..447e2dfc979e0 100644 --- a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java +++ b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java @@ -33,8 +33,12 @@ package org.opensearch.repositories.gcs; import com.google.auth.Credentials; +import com.google.auth.oauth2.GoogleCredentials; import com.google.cloud.http.HttpTransportOptions; import com.google.cloud.storage.Storage; +import com.google.cloud.storage.StorageOptions; +import org.hamcrest.MatcherAssert; +import org.mockito.Mockito; import org.opensearch.common.settings.MockSecureSettings; import org.opensearch.common.settings.Setting; import org.opensearch.common.settings.Settings; @@ -44,6 +48,10 @@ import org.opensearch.test.OpenSearchTestCase; import org.hamcrest.Matchers; +import java.io.IOException; +import java.net.Proxy; +import java.net.URI; +import java.net.URISyntaxException; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.util.Base64; @@ -56,16 +64,17 @@ public class GoogleCloudStorageServiceTests extends OpenSearchTestCase { + final TimeValue connectTimeValue = TimeValue.timeValueNanos(randomIntBetween(0, 2000000)); + final TimeValue readTimeValue = TimeValue.timeValueNanos(randomIntBetween(0, 2000000)); + final String applicationName = randomAlphaOfLength(randomIntBetween(1, 10)).toLowerCase(Locale.ROOT); + final String endpoint = randomFrom("http://", "https://") + + randomFrom("www.opensearch.org", "www.googleapis.com", "localhost/api", "google.com/oauth") + + ":" + + randomIntBetween(1, 65535); + final String projectIdName = randomAlphaOfLength(randomIntBetween(1, 10)).toLowerCase(Locale.ROOT); + public void testClientInitializer() throws Exception { final String clientName = randomAlphaOfLength(randomIntBetween(1, 10)).toLowerCase(Locale.ROOT); - final TimeValue connectTimeValue = TimeValue.timeValueNanos(randomIntBetween(0, 2000000)); - final TimeValue readTimeValue = TimeValue.timeValueNanos(randomIntBetween(0, 2000000)); - final String applicationName = randomAlphaOfLength(randomIntBetween(1, 10)).toLowerCase(Locale.ROOT); - final String endpoint = randomFrom("http://", "https://") - + randomFrom("www.opensearch.org", "www.googleapis.com", "localhost/api", "google.com/oauth") - + ":" - + randomIntBetween(1, 65535); - final String projectIdName = randomAlphaOfLength(randomIntBetween(1, 10)).toLowerCase(Locale.ROOT); final Settings settings = Settings.builder() .put( GoogleCloudStorageClientSettings.CONNECT_TIMEOUT_SETTING.getConcreteSettingForNamespace(clientName).getKey(), @@ -82,31 +91,35 @@ public void testClientInitializer() throws Exception { .put(GoogleCloudStorageClientSettings.ENDPOINT_SETTING.getConcreteSettingForNamespace(clientName).getKey(), endpoint) .put(GoogleCloudStorageClientSettings.PROJECT_ID_SETTING.getConcreteSettingForNamespace(clientName).getKey(), projectIdName) .build(); - final GoogleCloudStorageService service = new GoogleCloudStorageService(); + GoogleCredentials mockGoogleCredentials = Mockito.mock(GoogleCredentials.class); + GoogleApplicationDefaultCredentials mockDefaultCredentials = Mockito.mock(GoogleApplicationDefaultCredentials.class); + Mockito.when(mockDefaultCredentials.get()).thenReturn(mockGoogleCredentials); + + final GoogleCloudStorageService service = new GoogleCloudStorageService(mockDefaultCredentials); service.refreshAndClearCache(GoogleCloudStorageClientSettings.load(settings)); GoogleCloudStorageOperationsStats statsCollector = new GoogleCloudStorageOperationsStats("bucket"); final IllegalArgumentException e = expectThrows( IllegalArgumentException.class, () -> service.client("another_client", "repo", statsCollector) ); - assertThat(e.getMessage(), Matchers.startsWith("Unknown client name")); + MatcherAssert.assertThat(e.getMessage(), Matchers.startsWith("Unknown client name")); assertSettingDeprecationsAndWarnings( new Setting[] { GoogleCloudStorageClientSettings.APPLICATION_NAME_SETTING.getConcreteSettingForNamespace(clientName) } ); final Storage storage = service.client(clientName, "repo", statsCollector); - assertThat(storage.getOptions().getApplicationName(), Matchers.containsString(applicationName)); - assertThat(storage.getOptions().getHost(), Matchers.is(endpoint)); - assertThat(storage.getOptions().getProjectId(), Matchers.is(projectIdName)); - assertThat(storage.getOptions().getTransportOptions(), Matchers.instanceOf(HttpTransportOptions.class)); - assertThat( + MatcherAssert.assertThat(storage.getOptions().getApplicationName(), Matchers.containsString(applicationName)); + MatcherAssert.assertThat(storage.getOptions().getHost(), Matchers.is(endpoint)); + MatcherAssert.assertThat(storage.getOptions().getProjectId(), Matchers.is(projectIdName)); + MatcherAssert.assertThat(storage.getOptions().getTransportOptions(), Matchers.instanceOf(HttpTransportOptions.class)); + MatcherAssert.assertThat( ((HttpTransportOptions) storage.getOptions().getTransportOptions()).getConnectTimeout(), Matchers.is((int) connectTimeValue.millis()) ); - assertThat( + MatcherAssert.assertThat( ((HttpTransportOptions) storage.getOptions().getTransportOptions()).getReadTimeout(), Matchers.is((int) readTimeValue.millis()) ); - assertThat(storage.getOptions().getCredentials(), Matchers.nullValue(Credentials.class)); + MatcherAssert.assertThat(storage.getOptions().getCredentials(), Matchers.instanceOf(Credentials.class)); } public void testReinitClientSettings() throws Exception { @@ -122,33 +135,33 @@ public void testReinitClientSettings() throws Exception { final GoogleCloudStorageService storageService = plugin.storageService; GoogleCloudStorageOperationsStats statsCollector = new GoogleCloudStorageOperationsStats("bucket"); final Storage client11 = storageService.client("gcs1", "repo1", statsCollector); - assertThat(client11.getOptions().getProjectId(), equalTo("project_gcs11")); + MatcherAssert.assertThat(client11.getOptions().getProjectId(), equalTo("project_gcs11")); final Storage client12 = storageService.client("gcs2", "repo2", statsCollector); - assertThat(client12.getOptions().getProjectId(), equalTo("project_gcs12")); + MatcherAssert.assertThat(client12.getOptions().getProjectId(), equalTo("project_gcs12")); // client 3 is missing final IllegalArgumentException e1 = expectThrows( IllegalArgumentException.class, () -> storageService.client("gcs3", "repo3", statsCollector) ); - assertThat(e1.getMessage(), containsString("Unknown client name [gcs3].")); + MatcherAssert.assertThat(e1.getMessage(), containsString("Unknown client name [gcs3].")); // update client settings plugin.reload(settings2); // old client 1 not changed - assertThat(client11.getOptions().getProjectId(), equalTo("project_gcs11")); + MatcherAssert.assertThat(client11.getOptions().getProjectId(), equalTo("project_gcs11")); // new client 1 is changed final Storage client21 = storageService.client("gcs1", "repo1", statsCollector); - assertThat(client21.getOptions().getProjectId(), equalTo("project_gcs21")); + MatcherAssert.assertThat(client21.getOptions().getProjectId(), equalTo("project_gcs21")); // old client 2 not changed - assertThat(client12.getOptions().getProjectId(), equalTo("project_gcs12")); + MatcherAssert.assertThat(client12.getOptions().getProjectId(), equalTo("project_gcs12")); // new client2 is gone final IllegalArgumentException e2 = expectThrows( IllegalArgumentException.class, () -> storageService.client("gcs2", "repo2", statsCollector) ); - assertThat(e2.getMessage(), containsString("Unknown client name [gcs2].")); + MatcherAssert.assertThat(e2.getMessage(), containsString("Unknown client name [gcs2].")); // client 3 emerged final Storage client23 = storageService.client("gcs3", "repo3", statsCollector); - assertThat(client23.getOptions().getProjectId(), equalTo("project_gcs23")); + MatcherAssert.assertThat(client23.getOptions().getProjectId(), equalTo("project_gcs23")); } } @@ -193,4 +206,53 @@ public void testToTimeout() { assertEquals(-1, GoogleCloudStorageService.toTimeout(TimeValue.ZERO).intValue()); assertEquals(0, GoogleCloudStorageService.toTimeout(TimeValue.MINUS_ONE).intValue()); } + + /* + The following method test the Google Application Default Credential instead of + using service account file. + Considered use of Junit Mocking due to static method GoogleCredentials.getApplicationDefault + and avoiding environment variables to set which later use GCE. + */ + public void testApplicationDefaultCredential() throws Exception { + GoogleCloudStorageClientSettings settings = getGCSClientSettingsWithoutCredentials(); + GoogleCredentials mockGoogleCredentials = Mockito.mock(GoogleCredentials.class); + HttpTransportOptions mockHttpTransportOptions = Mockito.mock(HttpTransportOptions.class); + GoogleApplicationDefaultCredentials mockDefaultCredentials = Mockito.mock(GoogleApplicationDefaultCredentials.class); + Mockito.when(mockDefaultCredentials.get()).thenReturn(mockGoogleCredentials); + + GoogleCloudStorageService service = new GoogleCloudStorageService(mockDefaultCredentials); + StorageOptions storageOptions = service.createStorageOptions(settings,mockHttpTransportOptions); + assertNotNull(storageOptions); + assertEquals(storageOptions.getCredentials().toString(),mockGoogleCredentials.toString()); + } + + /** + * The application default credential throws exception when there are no + * Environment Variables provided or Google Compute Engine is not running + * @throws Exception + */ + public void applicationDefaultCredentialThrowsErrorWhenNotAvailable() throws Exception { + GoogleCloudStorageClientSettings settings = getGCSClientSettingsWithoutCredentials(); + HttpTransportOptions mockHttpTransportOptions = Mockito.mock(HttpTransportOptions.class); + GoogleCloudStorageService service = new GoogleCloudStorageService(); + StorageOptions storageOptions = service.createStorageOptions(settings,mockHttpTransportOptions); + + Exception exception = assertThrows(IOException.class, GoogleCredentials::getApplicationDefault); + assertNotNull(storageOptions); + assertNull(storageOptions.getCredentials()); + MatcherAssert.assertThat(exception.getMessage(),containsString("The Application Default Credentials are not available")); + } + + private GoogleCloudStorageClientSettings getGCSClientSettingsWithoutCredentials() throws URISyntaxException { + return new GoogleCloudStorageClientSettings( + null, + endpoint, + projectIdName, + connectTimeValue, + readTimeValue, + applicationName, + new URI(""), + new ProxySettings(Proxy.Type.DIRECT, null, 0, null, null)); + } + } From 6fb32effd5a05bd3814ef6092d72dc30026d4f88 Mon Sep 17 00:00:00 2001 From: fahadshamiinsta Date: Thu, 11 Jan 2024 16:43:05 +1100 Subject: [PATCH 02/11] applying spotless Java check Signed-off-by: fahadshamiinsta --- .../gcs/GoogleApplicationDefaultCredentials.java | 2 +- .../gcs/GoogleCloudStorageService.java | 1 + .../gcs/GoogleCloudStorageServiceTests.java | 16 +++++++++------- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleApplicationDefaultCredentials.java b/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleApplicationDefaultCredentials.java index 9c123aad1f91e..6c7a9ed041492 100644 --- a/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleApplicationDefaultCredentials.java +++ b/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleApplicationDefaultCredentials.java @@ -22,7 +22,7 @@ public GoogleCredentials get() { try { credentials = SocketAccess.doPrivilegedIOException(GoogleCredentials::getApplicationDefault); } catch (IOException e) { - logger.error("Failed to retrieve \"Application Default Credentials\"",e); + logger.error("Failed to retrieve \"Application Default Credentials\"", e); } return credentials; } diff --git a/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleCloudStorageService.java b/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleCloudStorageService.java index cec0d04ebb7cd..83a4146c99b99 100644 --- a/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleCloudStorageService.java +++ b/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleCloudStorageService.java @@ -80,6 +80,7 @@ public GoogleCloudStorageService() { public GoogleCloudStorageService(GoogleApplicationDefaultCredentials googleApplicationDefaultCredentials) { this.googleApplicationDefaultCredentials = googleApplicationDefaultCredentials; } + /** * Refreshes the client settings and clears the client cache. Subsequent calls to * {@code GoogleCloudStorageService#client} will return new clients constructed diff --git a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java index 447e2dfc979e0..db958cd4dcb04 100644 --- a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java +++ b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java @@ -37,8 +37,6 @@ import com.google.cloud.http.HttpTransportOptions; import com.google.cloud.storage.Storage; import com.google.cloud.storage.StorageOptions; -import org.hamcrest.MatcherAssert; -import org.mockito.Mockito; import org.opensearch.common.settings.MockSecureSettings; import org.opensearch.common.settings.Setting; import org.opensearch.common.settings.Settings; @@ -46,6 +44,7 @@ import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.test.OpenSearchTestCase; +import org.hamcrest.MatcherAssert; import org.hamcrest.Matchers; import java.io.IOException; @@ -58,6 +57,8 @@ import java.util.Locale; import java.util.UUID; +import org.mockito.Mockito; + import static org.opensearch.common.xcontent.XContentFactory.jsonBuilder; import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.equalTo; @@ -221,9 +222,9 @@ public void testApplicationDefaultCredential() throws Exception { Mockito.when(mockDefaultCredentials.get()).thenReturn(mockGoogleCredentials); GoogleCloudStorageService service = new GoogleCloudStorageService(mockDefaultCredentials); - StorageOptions storageOptions = service.createStorageOptions(settings,mockHttpTransportOptions); + StorageOptions storageOptions = service.createStorageOptions(settings, mockHttpTransportOptions); assertNotNull(storageOptions); - assertEquals(storageOptions.getCredentials().toString(),mockGoogleCredentials.toString()); + assertEquals(storageOptions.getCredentials().toString(), mockGoogleCredentials.toString()); } /** @@ -235,12 +236,12 @@ public void applicationDefaultCredentialThrowsErrorWhenNotAvailable() throws Exc GoogleCloudStorageClientSettings settings = getGCSClientSettingsWithoutCredentials(); HttpTransportOptions mockHttpTransportOptions = Mockito.mock(HttpTransportOptions.class); GoogleCloudStorageService service = new GoogleCloudStorageService(); - StorageOptions storageOptions = service.createStorageOptions(settings,mockHttpTransportOptions); + StorageOptions storageOptions = service.createStorageOptions(settings, mockHttpTransportOptions); Exception exception = assertThrows(IOException.class, GoogleCredentials::getApplicationDefault); assertNotNull(storageOptions); assertNull(storageOptions.getCredentials()); - MatcherAssert.assertThat(exception.getMessage(),containsString("The Application Default Credentials are not available")); + MatcherAssert.assertThat(exception.getMessage(), containsString("The Application Default Credentials are not available")); } private GoogleCloudStorageClientSettings getGCSClientSettingsWithoutCredentials() throws URISyntaxException { @@ -252,7 +253,8 @@ private GoogleCloudStorageClientSettings getGCSClientSettingsWithoutCredentials( readTimeValue, applicationName, new URI(""), - new ProxySettings(Proxy.Type.DIRECT, null, 0, null, null)); + new ProxySettings(Proxy.Type.DIRECT, null, 0, null, null) + ); } } From 79dc8f005d600cf0d61e6eaf5be6e70a08efeb72 Mon Sep 17 00:00:00 2001 From: fahadshamiinsta Date: Fri, 12 Jan 2024 09:48:17 +1100 Subject: [PATCH 03/11] added a comment to test helper method Signed-off-by: fahadshamiinsta --- .../gcs/GoogleCloudStorageServiceTests.java | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java index db958cd4dcb04..bab10dd5c5061 100644 --- a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java +++ b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java @@ -208,11 +208,12 @@ public void testToTimeout() { assertEquals(0, GoogleCloudStorageService.toTimeout(TimeValue.MINUS_ONE).intValue()); } - /* - The following method test the Google Application Default Credential instead of - using service account file. - Considered use of Junit Mocking due to static method GoogleCredentials.getApplicationDefault - and avoiding environment variables to set which later use GCE. + /** + * The following method test the Google Application Default Credential instead of + * using service account file. + * Considered use of JUnit Mocking due to static method GoogleCredentials.getApplicationDefault + * and avoiding environment variables to set which later use GCE. + * @throws Exception */ public void testApplicationDefaultCredential() throws Exception { GoogleCloudStorageClientSettings settings = getGCSClientSettingsWithoutCredentials(); @@ -244,6 +245,11 @@ public void applicationDefaultCredentialThrowsErrorWhenNotAvailable() throws Exc MatcherAssert.assertThat(exception.getMessage(), containsString("The Application Default Credentials are not available")); } + /** + * This is a helper method to provide GCS Client settings without credentials + * @return + * @throws URISyntaxException + */ private GoogleCloudStorageClientSettings getGCSClientSettingsWithoutCredentials() throws URISyntaxException { return new GoogleCloudStorageClientSettings( null, From 7cf868ac8dee47a212c92bcd13df8bd8f33153ff Mon Sep 17 00:00:00 2001 From: fahadshamiinsta Date: Fri, 12 Jan 2024 10:42:42 +1100 Subject: [PATCH 04/11] added a comment to GoogleApplicationDefaultCredentials class with document reference Signed-off-by: fahadshamiinsta --- .../repositories/gcs/GoogleApplicationDefaultCredentials.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleApplicationDefaultCredentials.java b/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleApplicationDefaultCredentials.java index 6c7a9ed041492..5002ab9a2e704 100644 --- a/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleApplicationDefaultCredentials.java +++ b/plugins/repository-gcs/src/main/java/org/opensearch/repositories/gcs/GoogleApplicationDefaultCredentials.java @@ -14,6 +14,10 @@ import java.io.IOException; +/** + * This class facilitates to fetch Application Default Credentials + * see How Application Default Credentials works + */ public class GoogleApplicationDefaultCredentials { private static final Logger logger = LogManager.getLogger(GoogleApplicationDefaultCredentials.class); From a631c9c0f1826d633b9de6e886589bc8d661afc9 Mon Sep 17 00:00:00 2001 From: fahadshamiinsta Date: Fri, 12 Jan 2024 11:46:14 +1100 Subject: [PATCH 05/11] to rerun gradle checks Signed-off-by: fahadshamiinsta --- .../repositories/gcs/GoogleCloudStorageServiceTests.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java index bab10dd5c5061..7e26e36afadec 100644 --- a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java +++ b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java @@ -229,8 +229,8 @@ public void testApplicationDefaultCredential() throws Exception { } /** - * The application default credential throws exception when there are no - * Environment Variables provided or Google Compute Engine is not running + * The application default credential throws exception when there are + * no Environment Variables provided or Google Compute Engine is not running * @throws Exception */ public void applicationDefaultCredentialThrowsErrorWhenNotAvailable() throws Exception { From 956a09e4da58e2cb72e2234de907755009f2e1f0 Mon Sep 17 00:00:00 2001 From: fahadshamiinsta Date: Fri, 12 Jan 2024 12:59:00 +1100 Subject: [PATCH 06/11] increasing coverage by adding another test Signed-off-by: fahadshamiinsta --- .../gcs/GoogleCloudStorageServiceTests.java | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java index 7e26e36afadec..ac499fa6856af 100644 --- a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java +++ b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java @@ -245,6 +245,19 @@ public void applicationDefaultCredentialThrowsErrorWhenNotAvailable() throws Exc MatcherAssert.assertThat(exception.getMessage(), containsString("The Application Default Credentials are not available")); } + /** + * The application default credential throws exception when it is + * used without GoogleCloudStorageService + * @throws Exception + */ + public void googleApplicationDefaultCredentialsThrowsExceptionWithoutGoogleCloudStorageService() throws Exception { + GoogleApplicationDefaultCredentials googleApplicationDefaultCredentials = new GoogleApplicationDefaultCredentials(); + GoogleCredentials credentials = googleApplicationDefaultCredentials.get(); + assertNull(credentials); + Exception exception = assertThrows(IOException.class, GoogleCredentials::getApplicationDefault); + MatcherAssert.assertThat(exception.getMessage(), containsString("The Application Default Credentials are not available")); + } + /** * This is a helper method to provide GCS Client settings without credentials * @return From 4273081923acf7e46f64420745803f1cc7f46077 Mon Sep 17 00:00:00 2001 From: fahadshamiinsta Date: Fri, 12 Jan 2024 16:22:36 +1100 Subject: [PATCH 07/11] test name change Signed-off-by: fahadshamiinsta --- .../repositories/gcs/GoogleCloudStorageServiceTests.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java index ac499fa6856af..96e20c2bb3651 100644 --- a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java +++ b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java @@ -233,7 +233,7 @@ public void testApplicationDefaultCredential() throws Exception { * no Environment Variables provided or Google Compute Engine is not running * @throws Exception */ - public void applicationDefaultCredentialThrowsErrorWhenNotAvailable() throws Exception { + public void testApplicationDefaultCredentialWhenNoSettingProvided() throws Exception { GoogleCloudStorageClientSettings settings = getGCSClientSettingsWithoutCredentials(); HttpTransportOptions mockHttpTransportOptions = Mockito.mock(HttpTransportOptions.class); GoogleCloudStorageService service = new GoogleCloudStorageService(); @@ -250,7 +250,7 @@ public void applicationDefaultCredentialThrowsErrorWhenNotAvailable() throws Exc * used without GoogleCloudStorageService * @throws Exception */ - public void googleApplicationDefaultCredentialsThrowsExceptionWithoutGoogleCloudStorageService() throws Exception { + public void testDefaultCredentialsThrowsExceptionWithoutGCStorageService() throws Exception { GoogleApplicationDefaultCredentials googleApplicationDefaultCredentials = new GoogleApplicationDefaultCredentials(); GoogleCredentials credentials = googleApplicationDefaultCredentials.get(); assertNull(credentials); From 897e272c97331d2b55bc9e83fefc39f2366f511e Mon Sep 17 00:00:00 2001 From: fahadshamiinsta Date: Fri, 12 Jan 2024 18:49:36 +1100 Subject: [PATCH 08/11] rerun ci Signed-off-by: fahadshamiinsta --- .../repositories/gcs/GoogleCloudStorageServiceTests.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java index 96e20c2bb3651..dafde01d42ce8 100644 --- a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java +++ b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java @@ -248,9 +248,8 @@ public void testApplicationDefaultCredentialWhenNoSettingProvided() throws Excep /** * The application default credential throws exception when it is * used without GoogleCloudStorageService - * @throws Exception */ - public void testDefaultCredentialsThrowsExceptionWithoutGCStorageService() throws Exception { + public void testDefaultCredentialsThrowsExceptionWithoutGCStorageService() { GoogleApplicationDefaultCredentials googleApplicationDefaultCredentials = new GoogleApplicationDefaultCredentials(); GoogleCredentials credentials = googleApplicationDefaultCredentials.get(); assertNull(credentials); From a10ffa557878004da91d94689ce18e41971caec7 Mon Sep 17 00:00:00 2001 From: fahadshamiinsta Date: Sat, 13 Jan 2024 14:03:22 +1100 Subject: [PATCH 09/11] rerun ci Signed-off-by: fahadshamiinsta --- .../repositories/gcs/GoogleCloudStorageServiceTests.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java index dafde01d42ce8..6e9af5afab75e 100644 --- a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java +++ b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java @@ -233,7 +233,7 @@ public void testApplicationDefaultCredential() throws Exception { * no Environment Variables provided or Google Compute Engine is not running * @throws Exception */ - public void testApplicationDefaultCredentialWhenNoSettingProvided() throws Exception { + public void testApplicationDefaultCredentialsWhenNoSettingProvided() throws Exception { GoogleCloudStorageClientSettings settings = getGCSClientSettingsWithoutCredentials(); HttpTransportOptions mockHttpTransportOptions = Mockito.mock(HttpTransportOptions.class); GoogleCloudStorageService service = new GoogleCloudStorageService(); From 736b2f252fe432524ef7daf27bb73088d005bd90 Mon Sep 17 00:00:00 2001 From: fahadshamiinsta Date: Sat, 13 Jan 2024 16:29:00 +1100 Subject: [PATCH 10/11] force push to rerun ci Signed-off-by: fahadshamiinsta --- .../repositories/gcs/GoogleCloudStorageServiceTests.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java index 6e9af5afab75e..fb27b32bc5a77 100644 --- a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java +++ b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java @@ -246,7 +246,7 @@ public void testApplicationDefaultCredentialsWhenNoSettingProvided() throws Exce } /** - * The application default credential throws exception when it is + * The application default credential throws IOException when it is * used without GoogleCloudStorageService */ public void testDefaultCredentialsThrowsExceptionWithoutGCStorageService() { From ae2f83212583443c0ed62a67c63d3bf2f1eec08c Mon Sep 17 00:00:00 2001 From: fahadshamiinsta Date: Mon, 15 Jan 2024 09:44:15 +1100 Subject: [PATCH 11/11] pushing to trigger ci checks Signed-off-by: fahadshamiinsta --- .../repositories/gcs/GoogleCloudStorageServiceTests.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java index fb27b32bc5a77..58e412684ed5a 100644 --- a/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java +++ b/plugins/repository-gcs/src/test/java/org/opensearch/repositories/gcs/GoogleCloudStorageServiceTests.java @@ -259,7 +259,7 @@ public void testDefaultCredentialsThrowsExceptionWithoutGCStorageService() { /** * This is a helper method to provide GCS Client settings without credentials - * @return + * @return GoogleCloudStorageClientSettings * @throws URISyntaxException */ private GoogleCloudStorageClientSettings getGCSClientSettingsWithoutCredentials() throws URISyntaxException {