def main():
"""Launches bq."""
project, account = bootstrapping.GetActiveProjectAndAccount()
adc_path = config.Paths().LegacyCredentialsAdcPath(account)
single_store_path = config.Paths().LegacyCredentialsSingleStorePath(
account)
gce_metadata = gce.Metadata()
if gce_metadata and account in gce_metadata.Accounts():
args = ['--use_gce_service_account']
elif os.path.isfile(adc_path):
args = [
'--application_default_credential_file', adc_path,
'--credential_file', single_store_path
]
else:
p12_key_path = config.Paths().LegacyCredentialsP12KeyPath(account)
if os.path.isfile(p12_key_path):
args = [
'--service_account', account,
'--service_account_credential_file', single_store_path,
'--service_account_private_key_file', p12_key_path
]
else:
args = [] # Don't have any credentials we can pass.
if project:
args += ['--project', project]
bootstrapping.ExecutePythonTool('platform/bq', 'bq.py', *args)
def main():
"""Launches gsutil."""
project, account = bootstrapping.GetActiveProjectAndAccount()
pass_credentials = (
properties.VALUES.core.pass_credentials_to_gsutil.GetBool()
and not properties.VALUES.auth.disable_credentials.GetBool())
if pass_credentials and account not in c_gce.Metadata().Accounts():
gsutil_path = config.Paths().LegacyCredentialsGSUtilPath(account)
# Allow gsutil to only check for the '1' string value, as is done
# with regard to the 'CLOUDSDK_WRAPPER' environment variable.
os.environ['CLOUDSDK_CORE_PASS_CREDENTIALS_TO_GSUTIL'] = '1'
boto_config = os.environ.get('BOTO_CONFIG', '')
boto_path = os.environ.get('BOTO_PATH', '')
# We construct a BOTO_PATH that tacks the refresh token config
# on the end.
if boto_config:
boto_path = os.pathsep.join([boto_config, gsutil_path])
elif boto_path:
boto_path = os.pathsep.join([boto_path, gsutil_path])
else:
path_parts = [
'/etc/boto.cfg',
os.path.expanduser(os.path.join('~', '.boto')), gsutil_path
]
boto_path = os.pathsep.join(path_parts)
if 'BOTO_CONFIG' in os.environ:
del os.environ['BOTO_CONFIG']
os.environ['BOTO_PATH'] = boto_path
# Tell gsutil whether gcloud analytics collection is enabled.
os.environ['GA_CID'] = metrics.GetCIDIfMetricsEnabled()
args = []
_MaybeAddBotoOption(args, 'GSUtil', 'default_project_id', project)
if pass_credentials and account in c_gce.Metadata().Accounts():
# Tell gsutil to look for GCE service accounts.
_MaybeAddBotoOption(args, 'GoogleCompute', 'service_account',
'default')
proxy_params = properties.VALUES.proxy
_MaybeAddBotoOption(args, 'Boto', 'proxy', proxy_params.address.Get())
_MaybeAddBotoOption(args, 'Boto', 'proxy_port', proxy_params.port.Get())
_MaybeAddBotoOption(args, 'Boto', 'proxy_user',
proxy_params.username.Get())
_MaybeAddBotoOption(args, 'Boto', 'proxy_pass',
proxy_params.password.Get())
disable_ssl = properties.VALUES.auth.disable_ssl_validation.GetBool()
_MaybeAddBotoOption(args, 'Boto', 'https_validate_certificates',
None if disable_ssl is None else not disable_ssl)
_MaybeAddBotoOption(args, 'Boto', 'ca_certificates_file',
properties.VALUES.core.custom_ca_certs_file.Get())
bootstrapping.ExecutePythonTool('platform/gsutil', 'gsutil', *args)
def main():
"""Launches bq."""
version = bootstrapping.ReadFileContents('platform/bq', 'VERSION')
bootstrapping.CommandStart('bq', version=version)
blocked_commands = {
'init': 'To authenticate, run gcloud auth.',
}
argv = bootstrapping.GetDecodedArgv()
bootstrapping.WarnAndExitOnBlockedCommand(argv, blocked_commands)
cmd_args = [arg for arg in argv[1:] if not arg.startswith('-')]
args = []
if cmd_args and cmd_args[0] not in ('version', 'help'):
# Check for credentials only if they are needed.
store.Load() # Checks if there are active credentials
project, account = bootstrapping.GetActiveProjectAndAccount()
adc_path = config.Paths().LegacyCredentialsAdcPath(account)
single_store_path = config.Paths().LegacyCredentialsBqPath(account)
gce_metadata = gce.Metadata()
if gce_metadata and account in gce_metadata.Accounts():
args = ['--use_gce_service_account']
elif os.path.isfile(adc_path):
args = ['--application_default_credential_file', adc_path,
'--credential_file', single_store_path]
else:
p12_key_path = config.Paths().LegacyCredentialsP12KeyPath(account)
if os.path.isfile(p12_key_path):
args = ['--service_account', account,
'--service_account_credential_file', single_store_path,
'--service_account_private_key_file', p12_key_path]
else:
# Don't have any credentials we can pass.
raise store.NoCredentialsForAccountException(account)
use_client_cert = (
os.getenv('GOOGLE_API_USE_CLIENT_CERTIFICATE',
'false').upper() == 'TRUE')
if use_client_cert:
args.append('--mtls')
_MaybeAddOption(args, 'project_id', project)
bootstrapping.CheckUpdates('bq')
proxy_params = properties.VALUES.proxy
_MaybeAddOption(args, 'proxy_address', proxy_params.address.Get())
_MaybeAddOption(args, 'proxy_port', proxy_params.port.Get())
_MaybeAddOption(args, 'proxy_username', proxy_params.username.Get())
_MaybeAddOption(args, 'proxy_password', proxy_params.password.Get())
_MaybeAddOption(args, 'disable_ssl_validation',
properties.VALUES.auth.disable_ssl_validation.GetBool())
_MaybeAddOption(args, 'ca_certificates_file',
properties.VALUES.core.custom_ca_certs_file .Get())
bootstrapping.ExecutePythonTool(
'platform/bq', 'bq.py', *args)
def main():
"""Launches bq."""
version = bootstrapping.GetFileContents('platform/bq', 'VERSION')
bootstrapping.CommandStart('bq', version=version)
blacklist = {
'init': 'To authenticate, run gcloud auth.',
}
bootstrapping.CheckForBlacklistedCommand(sys.argv,
blacklist,
warn=True,
die=True)
cmd_args = [arg for arg in sys.argv[1:] if not arg.startswith('-')]
args = []
if cmd_args and cmd_args[0] not in ('version', 'help'):
# Check for credentials only if they are needed.
store.Load() # Checks if there are active credentials
project, account = bootstrapping.GetActiveProjectAndAccount()
adc_path = config.Paths().LegacyCredentialsAdcPath(account)
single_store_path = config.Paths().LegacyCredentialsBqPath(account)
gce_metadata = gce.Metadata()
if gce_metadata and account in gce_metadata.Accounts():
args = ['--use_gce_service_account']
elif os.path.isfile(adc_path):
args = [
'--application_default_credential_file', adc_path,
'--credential_file', single_store_path
]
else:
p12_key_path = config.Paths().LegacyCredentialsP12KeyPath(account)
if os.path.isfile(p12_key_path):
args = [
'--service_account', account,
'--service_account_credential_file', single_store_path,
'--service_account_private_key_file', p12_key_path
]
else:
# Don't have any credentials we can pass.
raise store.NoCredentialsForAccountException(account)
_MaybeAddOption(args, 'project', project)
bootstrapping.CheckUpdates('bq')
proxy_params = properties.VALUES.proxy
_MaybeAddOption(args, 'proxy_address', proxy_params.address.Get())
_MaybeAddOption(args, 'proxy_port', proxy_params.port.Get())
_MaybeAddOption(args, 'proxy_username', proxy_params.username.Get())
_MaybeAddOption(args, 'proxy_password', proxy_params.password.Get())
_MaybeAddOption(args, 'disable_ssl_validation',
properties.VALUES.auth.disable_ssl_validation.GetBool())
_MaybeAddOption(args, 'ca_certificates_file',
properties.VALUES.core.custom_ca_certs_file.Get())
bootstrapping.ExecutePythonTool('platform/bq', 'bq.py', *args)
def main():
"""Launches bq."""
project, account = bootstrapping.GetActiveProjectAndAccount()
json_path = config.Paths().LegacyCredentialsJSONPath(account)
gce_metadata = gce.Metadata()
if gce_metadata and account in gce_metadata.Accounts():
args = ['--use_gce_service_account']
else:
args = ['--credential_file', json_path]
if project:
args += ['--project', project]
bootstrapping.ExecutePythonTool('platform/bq', 'bq.py', *args)
def main():
"""Launches gsutil."""
project, account = bootstrapping.GetActiveProjectAndAccount()
pass_credentials = properties.VALUES.core.pass_credentials_to_gsutil.GetBool(
)
if pass_credentials and account not in c_gce.Metadata().Accounts():
gsutil_path = config.Paths().LegacyCredentialsGSUtilPath(account)
boto_config = os.environ.get('BOTO_CONFIG', '')
boto_path = os.environ.get('BOTO_PATH', '')
# We construct a BOTO_PATH that tacks the refresh token config
# on the end.
if boto_config:
boto_path = os.pathsep.join([boto_config, gsutil_path])
elif boto_path:
boto_path = os.pathsep.join([boto_path, gsutil_path])
else:
path_parts = [
'/etc/boto.cfg',
os.path.expanduser(os.path.join('~', '.boto')), gsutil_path
]
boto_path = os.pathsep.join(path_parts)
if 'BOTO_CONFIG' in os.environ:
del os.environ['BOTO_CONFIG']
os.environ['BOTO_PATH'] = boto_path
# Tell gsutil whether gcloud analytics collection is enabled.
os.environ['GA_CID'] = metrics.GetCIDIfMetricsEnabled()
args = []
if project:
args.extend(['-o', 'GSUtil:default_project_id=%s' % project])
if pass_credentials and account in c_gce.Metadata().Accounts():
# Tell gsutil to look for GCE service accounts.
args.extend(['-o', 'GoogleCompute:service_account=default'])
bootstrapping.ExecutePythonTool('platform/gsutil', 'gsutil', *args)
def main():
parser = argparse.ArgumentParser()
parser.add_argument('item')
args = parser.parse_args()
project, account = bootstrapping.GetActiveProjectAndAccount()
# pylint:disable=superfluous-parens
if args.item == 'multistore_path':
print(config.Paths().LegacyCredentialsMultistorePath(account))
elif args.item == 'json_path':
print(config.Paths().LegacyCredentialsJSONPath(account))
elif args.item == 'gae_java_path':
print(config.Paths().LegacyCredentialsGAEJavaPath(account))
elif args.item == 'project':
print(project)
else:
print('Valid keys are multistore_path, json_path, gae_java_path, or '
'project.')
sys.exit(1)
def main():
"""Launches gcutil."""
args = []
project, account = bootstrapping.GetActiveProjectAndAccount()
if account:
if account in c_gce.Metadata().Accounts():
args += ['--auth_service_account', account]
else:
ms_path = config.Paths().LegacyCredentialsMultistorePath(account)
args += ['--credentials_file', ms_path]
args += ['--auth_service_account=']
if project:
args += ['--project', project]
args.append('--nocheck_for_new_version')
bootstrapping.ExecutePythonTool('platform/gcutil', 'gcutil', *args)
def main():
"""Launches gsutil."""
project, account = bootstrapping.GetActiveProjectAndAccount()
if account not in c_gce.Metadata().Accounts():
gsutil_path = config.Paths().LegacyCredentialsGSUtilPath(account)
boto_config = os.environ.get('BOTO_CONFIG', None)
boto_path = os.environ.get('BOTO_PATH', None)
# We construct a BOTO_PATH that tacks the refresh token config
# on the end.
if boto_config:
boto_path = ':'.join([boto_config, gsutil_path])
elif boto_path:
# this is ':' for windows as well, hardcoded into the boto source.
boto_path = ':'.join([boto_path, gsutil_path])
else:
path_parts = [
'/etc/boto.cfg',
os.path.expanduser(os.path.join('~', '.boto')), gsutil_path
]
boto_path = ':'.join(path_parts)
if 'BOTO_CONFIG' in os.environ:
del os.environ['BOTO_CONFIG']
os.environ['BOTO_PATH'] = boto_path
args = []
if project:
args.extend(['-o', 'GSUtil:default_project_id=%s' % project])
if account in c_gce.Metadata().Accounts():
# Tell gsutil to look for GCE service accounts.
args.extend(['-o', 'GoogleCompute:service_account=default'])
bootstrapping.ExecutePythonTool('platform/gsutil', 'gsutil', *args)
def main():
"""Launches bq."""
project, account = bootstrapping.GetActiveProjectAndAccount()
adc_path = config.Paths().LegacyCredentialsAdcPath(account)
single_store_path = config.Paths().LegacyCredentialsBqPath(account)
gce_metadata = gce.Metadata()
if gce_metadata and account in gce_metadata.Accounts():
args = ['--use_gce_service_account']
elif os.path.isfile(adc_path):
args = [
'--application_default_credential_file', adc_path,
'--credential_file', single_store_path
]
else:
p12_key_path = config.Paths().LegacyCredentialsP12KeyPath(account)
if os.path.isfile(p12_key_path):
args = [
'--service_account', account,
'--service_account_credential_file', single_store_path,
'--service_account_private_key_file', p12_key_path
]
else:
args = [] # Don't have any credentials we can pass.
_MaybeAddOption(args, 'project', project)
proxy_params = properties.VALUES.proxy
_MaybeAddOption(args, 'proxy_address', proxy_params.address.Get())
_MaybeAddOption(args, 'proxy_port', proxy_params.port.Get())
_MaybeAddOption(args, 'proxy_username', proxy_params.username.Get())
_MaybeAddOption(args, 'proxy_password', proxy_params.password.Get())
_MaybeAddOption(args, 'disable_ssl_validation',
properties.VALUES.auth.disable_ssl_validation.GetBool())
_MaybeAddOption(args, 'ca_certificates_file',
properties.VALUES.core.custom_ca_certs_file.Get())
bootstrapping.ExecutePythonTool('platform/bq', 'bq.py', *args)
def main():
"""Launches gsutil."""
args = []
project, account = bootstrapping.GetActiveProjectAndAccount()
pass_credentials = (
properties.VALUES.core.pass_credentials_to_gsutil.GetBool() and
not properties.VALUES.auth.disable_credentials.GetBool())
_MaybeAddBotoOption(args, 'GSUtil', 'default_project_id', project)
if pass_credentials:
# Allow gsutil to only check for the '1' string value, as is done
# with regard to the 'CLOUDSDK_WRAPPER' environment variable.
encoding.SetEncodedValue(
os.environ, 'CLOUDSDK_CORE_PASS_CREDENTIALS_TO_GSUTIL', '1')
if account in c_gce.Metadata().Accounts():
# Tell gsutil that it should obtain credentials from the GCE metadata
# server for the instance's configured service account.
_MaybeAddBotoOption(args, 'GoogleCompute', 'service_account', 'default')
# For auth'n debugging purposes, allow gsutil to reason about whether the
# configured service account was set in a boto file or passed from here.
encoding.SetEncodedValue(
os.environ, 'CLOUDSDK_PASSED_GCE_SERVICE_ACCOUNT_TO_GSUTIL', '1')
else:
legacy_config_path = config.Paths().LegacyCredentialsGSUtilPath(account)
# We construct a BOTO_PATH that tacks the config containing our
# credentials options onto the end of the list of config paths. We ensure
# the other credential options are loaded first so that ours will take
# precedence and overwrite them.
boto_config = encoding.GetEncodedValue(os.environ, 'BOTO_CONFIG', '')
boto_path = encoding.GetEncodedValue(os.environ, 'BOTO_PATH', '')
if boto_config:
boto_path = os.pathsep.join([boto_config, legacy_config_path])
elif boto_path:
boto_path = os.pathsep.join([boto_path, legacy_config_path])
else:
path_parts = ['/etc/boto.cfg',
os.path.expanduser(os.path.join('~', '.boto')),
legacy_config_path]
boto_path = os.pathsep.join(path_parts)
encoding.SetEncodedValue(os.environ, 'BOTO_CONFIG', None)
encoding.SetEncodedValue(os.environ, 'BOTO_PATH', boto_path)
# Tell gsutil whether gcloud analytics collection is enabled.
encoding.SetEncodedValue(
os.environ, 'GA_CID', metrics.GetCIDIfMetricsEnabled())
# Set proxy settings. Note that if these proxy settings are configured in a
# boto config file, the options here will be loaded afterward, overriding
# them.
proxy_params = properties.VALUES.proxy
proxy_address = proxy_params.address.Get()
if proxy_address:
_MaybeAddBotoOption(args, 'Boto', 'proxy', proxy_address)
_MaybeAddBotoOption(args, 'Boto', 'proxy_port', proxy_params.port.Get())
_MaybeAddBotoOption(args, 'Boto', 'proxy_rdns', proxy_params.rdns.GetBool())
_MaybeAddBotoOption(args, 'Boto', 'proxy_user', proxy_params.username.Get())
_MaybeAddBotoOption(args, 'Boto', 'proxy_pass', proxy_params.password.Get())
# Set SSL-related settings.
disable_ssl = properties.VALUES.auth.disable_ssl_validation.GetBool()
_MaybeAddBotoOption(args, 'Boto', 'https_validate_certificates',
None if disable_ssl is None else not disable_ssl)
_MaybeAddBotoOption(args, 'Boto', 'ca_certificates_file',
properties.VALUES.core.custom_ca_certs_file.Get())
# Note that the original args to gsutil will be appended after the args we've
# supplied here.
bootstrapping.ExecutePythonTool('platform/gsutil', 'gsutil', *args)
