def main(): """Launches gsutil.""" project, account = bootstrapping.GetActiveProjectAndAccount() pass_credentials = ( properties.VALUES.core.pass_credentials_to_gsutil.GetBool() and not properties.VALUES.auth.disable_credentials.GetBool()) if pass_credentials and account not in c_gce.Metadata().Accounts(): gsutil_path = config.Paths().LegacyCredentialsGSUtilPath(account) # Allow gsutil to only check for the '1' string value, as is done # with regard to the 'CLOUDSDK_WRAPPER' environment variable. os.environ['CLOUDSDK_CORE_PASS_CREDENTIALS_TO_GSUTIL'] = '1' boto_config = os.environ.get('BOTO_CONFIG', '') boto_path = os.environ.get('BOTO_PATH', '') # We construct a BOTO_PATH that tacks the refresh token config # on the end. if boto_config: boto_path = os.pathsep.join([boto_config, gsutil_path]) elif boto_path: boto_path = os.pathsep.join([boto_path, gsutil_path]) else: path_parts = [ '/etc/boto.cfg', os.path.expanduser(os.path.join('~', '.boto')), gsutil_path ] boto_path = os.pathsep.join(path_parts) if 'BOTO_CONFIG' in os.environ: del os.environ['BOTO_CONFIG'] os.environ['BOTO_PATH'] = boto_path # Tell gsutil whether gcloud analytics collection is enabled. os.environ['GA_CID'] = metrics.GetCIDIfMetricsEnabled() args = [] _MaybeAddBotoOption(args, 'GSUtil', 'default_project_id', project) if pass_credentials and account in c_gce.Metadata().Accounts(): # Tell gsutil to look for GCE service accounts. _MaybeAddBotoOption(args, 'GoogleCompute', 'service_account', 'default') proxy_params = properties.VALUES.proxy _MaybeAddBotoOption(args, 'Boto', 'proxy', proxy_params.address.Get()) _MaybeAddBotoOption(args, 'Boto', 'proxy_port', proxy_params.port.Get()) _MaybeAddBotoOption(args, 'Boto', 'proxy_user', proxy_params.username.Get()) _MaybeAddBotoOption(args, 'Boto', 'proxy_pass', proxy_params.password.Get()) disable_ssl = properties.VALUES.auth.disable_ssl_validation.GetBool() _MaybeAddBotoOption(args, 'Boto', 'https_validate_certificates', None if disable_ssl is None else not disable_ssl) _MaybeAddBotoOption(args, 'Boto', 'ca_certificates_file', properties.VALUES.core.custom_ca_certs_file.Get()) bootstrapping.ExecutePythonTool('platform/gsutil', 'gsutil', *args)
def main(): """Launches bq.""" project, account = bootstrapping.GetActiveProjectAndAccount() adc_path = config.Paths().LegacyCredentialsAdcPath(account) single_store_path = config.Paths().LegacyCredentialsSingleStorePath( account) gce_metadata = gce.Metadata() if gce_metadata and account in gce_metadata.Accounts(): args = ['--use_gce_service_account'] elif os.path.isfile(adc_path): args = [ '--application_default_credential_file', adc_path, '--credential_file', single_store_path ] else: p12_key_path = config.Paths().LegacyCredentialsP12KeyPath(account) if os.path.isfile(p12_key_path): args = [ '--service_account', account, '--service_account_credential_file', single_store_path, '--service_account_private_key_file', p12_key_path ] else: args = [] # Don't have any credentials we can pass. if project: args += ['--project', project] bootstrapping.ExecutePythonTool('platform/bq', 'bq.py', *args)
def main(): """Launches bq.""" version = bootstrapping.ReadFileContents('platform/bq', 'VERSION') bootstrapping.CommandStart('bq', version=version) blocked_commands = { 'init': 'To authenticate, run gcloud auth.', } argv = bootstrapping.GetDecodedArgv() bootstrapping.WarnAndExitOnBlockedCommand(argv, blocked_commands) cmd_args = [arg for arg in argv[1:] if not arg.startswith('-')] args = [] if cmd_args and cmd_args[0] not in ('version', 'help'): # Check for credentials only if they are needed. store.Load() # Checks if there are active credentials project, account = bootstrapping.GetActiveProjectAndAccount() adc_path = config.Paths().LegacyCredentialsAdcPath(account) single_store_path = config.Paths().LegacyCredentialsBqPath(account) gce_metadata = gce.Metadata() if gce_metadata and account in gce_metadata.Accounts(): args = ['--use_gce_service_account'] elif os.path.isfile(adc_path): args = ['--application_default_credential_file', adc_path, '--credential_file', single_store_path] else: p12_key_path = config.Paths().LegacyCredentialsP12KeyPath(account) if os.path.isfile(p12_key_path): args = ['--service_account', account, '--service_account_credential_file', single_store_path, '--service_account_private_key_file', p12_key_path] else: # Don't have any credentials we can pass. raise store.NoCredentialsForAccountException(account) use_client_cert = ( os.getenv('GOOGLE_API_USE_CLIENT_CERTIFICATE', 'false').upper() == 'TRUE') if use_client_cert: args.append('--mtls') _MaybeAddOption(args, 'project_id', project) bootstrapping.CheckUpdates('bq') proxy_params = properties.VALUES.proxy _MaybeAddOption(args, 'proxy_address', proxy_params.address.Get()) _MaybeAddOption(args, 'proxy_port', proxy_params.port.Get()) _MaybeAddOption(args, 'proxy_username', proxy_params.username.Get()) _MaybeAddOption(args, 'proxy_password', proxy_params.password.Get()) _MaybeAddOption(args, 'disable_ssl_validation', properties.VALUES.auth.disable_ssl_validation.GetBool()) _MaybeAddOption(args, 'ca_certificates_file', properties.VALUES.core.custom_ca_certs_file .Get()) bootstrapping.ExecutePythonTool( 'platform/bq', 'bq.py', *args)
def main(): """Launches bq.""" version = bootstrapping.GetFileContents('platform/bq', 'VERSION') bootstrapping.CommandStart('bq', version=version) blacklist = { 'init': 'To authenticate, run gcloud auth.', } bootstrapping.CheckForBlacklistedCommand(sys.argv, blacklist, warn=True, die=True) cmd_args = [arg for arg in sys.argv[1:] if not arg.startswith('-')] args = [] if cmd_args and cmd_args[0] not in ('version', 'help'): # Check for credentials only if they are needed. store.Load() # Checks if there are active credentials project, account = bootstrapping.GetActiveProjectAndAccount() adc_path = config.Paths().LegacyCredentialsAdcPath(account) single_store_path = config.Paths().LegacyCredentialsBqPath(account) gce_metadata = gce.Metadata() if gce_metadata and account in gce_metadata.Accounts(): args = ['--use_gce_service_account'] elif os.path.isfile(adc_path): args = [ '--application_default_credential_file', adc_path, '--credential_file', single_store_path ] else: p12_key_path = config.Paths().LegacyCredentialsP12KeyPath(account) if os.path.isfile(p12_key_path): args = [ '--service_account', account, '--service_account_credential_file', single_store_path, '--service_account_private_key_file', p12_key_path ] else: # Don't have any credentials we can pass. raise store.NoCredentialsForAccountException(account) _MaybeAddOption(args, 'project', project) bootstrapping.CheckUpdates('bq') proxy_params = properties.VALUES.proxy _MaybeAddOption(args, 'proxy_address', proxy_params.address.Get()) _MaybeAddOption(args, 'proxy_port', proxy_params.port.Get()) _MaybeAddOption(args, 'proxy_username', proxy_params.username.Get()) _MaybeAddOption(args, 'proxy_password', proxy_params.password.Get()) _MaybeAddOption(args, 'disable_ssl_validation', properties.VALUES.auth.disable_ssl_validation.GetBool()) _MaybeAddOption(args, 'ca_certificates_file', properties.VALUES.core.custom_ca_certs_file.Get()) bootstrapping.ExecutePythonTool('platform/bq', 'bq.py', *args)
def main(): """Launches bq.""" project, account = bootstrapping.GetActiveProjectAndAccount() json_path = config.Paths().LegacyCredentialsJSONPath(account) gce_metadata = gce.Metadata() if gce_metadata and account in gce_metadata.Accounts(): args = ['--use_gce_service_account'] else: args = ['--credential_file', json_path] if project: args += ['--project', project] bootstrapping.ExecutePythonTool('platform/bq', 'bq.py', *args)
def main(): """Launches gsutil.""" project, account = bootstrapping.GetActiveProjectAndAccount() pass_credentials = properties.VALUES.core.pass_credentials_to_gsutil.GetBool( ) if pass_credentials and account not in c_gce.Metadata().Accounts(): gsutil_path = config.Paths().LegacyCredentialsGSUtilPath(account) boto_config = os.environ.get('BOTO_CONFIG', '') boto_path = os.environ.get('BOTO_PATH', '') # We construct a BOTO_PATH that tacks the refresh token config # on the end. if boto_config: boto_path = os.pathsep.join([boto_config, gsutil_path]) elif boto_path: boto_path = os.pathsep.join([boto_path, gsutil_path]) else: path_parts = [ '/etc/boto.cfg', os.path.expanduser(os.path.join('~', '.boto')), gsutil_path ] boto_path = os.pathsep.join(path_parts) if 'BOTO_CONFIG' in os.environ: del os.environ['BOTO_CONFIG'] os.environ['BOTO_PATH'] = boto_path # Tell gsutil whether gcloud analytics collection is enabled. os.environ['GA_CID'] = metrics.GetCIDIfMetricsEnabled() args = [] if project: args.extend(['-o', 'GSUtil:default_project_id=%s' % project]) if pass_credentials and account in c_gce.Metadata().Accounts(): # Tell gsutil to look for GCE service accounts. args.extend(['-o', 'GoogleCompute:service_account=default']) bootstrapping.ExecutePythonTool('platform/gsutil', 'gsutil', *args)
def main(): """Launches gcutil.""" args = [] project, account = bootstrapping.GetActiveProjectAndAccount() if account: if account in c_gce.Metadata().Accounts(): args += ['--auth_service_account', account] else: ms_path = config.Paths().LegacyCredentialsMultistorePath(account) args += ['--credentials_file', ms_path] args += ['--auth_service_account='] if project: args += ['--project', project] args.append('--nocheck_for_new_version') bootstrapping.ExecutePythonTool('platform/gcutil', 'gcutil', *args)
def main(): """Launches gsutil.""" project, account = bootstrapping.GetActiveProjectAndAccount() if account not in c_gce.Metadata().Accounts(): gsutil_path = config.Paths().LegacyCredentialsGSUtilPath(account) boto_config = os.environ.get('BOTO_CONFIG', None) boto_path = os.environ.get('BOTO_PATH', None) # We construct a BOTO_PATH that tacks the refresh token config # on the end. if boto_config: boto_path = ':'.join([boto_config, gsutil_path]) elif boto_path: # this is ':' for windows as well, hardcoded into the boto source. boto_path = ':'.join([boto_path, gsutil_path]) else: path_parts = [ '/etc/boto.cfg', os.path.expanduser(os.path.join('~', '.boto')), gsutil_path ] boto_path = ':'.join(path_parts) if 'BOTO_CONFIG' in os.environ: del os.environ['BOTO_CONFIG'] os.environ['BOTO_PATH'] = boto_path args = [] if project: args.extend(['-o', 'GSUtil:default_project_id=%s' % project]) if account in c_gce.Metadata().Accounts(): # Tell gsutil to look for GCE service accounts. args.extend(['-o', 'GoogleCompute:service_account=default']) bootstrapping.ExecutePythonTool('platform/gsutil', 'gsutil', *args)
def main(): """Launches bq.""" project, account = bootstrapping.GetActiveProjectAndAccount() adc_path = config.Paths().LegacyCredentialsAdcPath(account) single_store_path = config.Paths().LegacyCredentialsBqPath(account) gce_metadata = gce.Metadata() if gce_metadata and account in gce_metadata.Accounts(): args = ['--use_gce_service_account'] elif os.path.isfile(adc_path): args = [ '--application_default_credential_file', adc_path, '--credential_file', single_store_path ] else: p12_key_path = config.Paths().LegacyCredentialsP12KeyPath(account) if os.path.isfile(p12_key_path): args = [ '--service_account', account, '--service_account_credential_file', single_store_path, '--service_account_private_key_file', p12_key_path ] else: args = [] # Don't have any credentials we can pass. _MaybeAddOption(args, 'project', project) proxy_params = properties.VALUES.proxy _MaybeAddOption(args, 'proxy_address', proxy_params.address.Get()) _MaybeAddOption(args, 'proxy_port', proxy_params.port.Get()) _MaybeAddOption(args, 'proxy_username', proxy_params.username.Get()) _MaybeAddOption(args, 'proxy_password', proxy_params.password.Get()) _MaybeAddOption(args, 'disable_ssl_validation', properties.VALUES.auth.disable_ssl_validation.GetBool()) _MaybeAddOption(args, 'ca_certificates_file', properties.VALUES.core.custom_ca_certs_file.Get()) bootstrapping.ExecutePythonTool('platform/bq', 'bq.py', *args)
def main(): """Launches gsutil.""" args = [] project, account = bootstrapping.GetActiveProjectAndAccount() pass_credentials = ( properties.VALUES.core.pass_credentials_to_gsutil.GetBool() and not properties.VALUES.auth.disable_credentials.GetBool()) _MaybeAddBotoOption(args, 'GSUtil', 'default_project_id', project) if pass_credentials: # Allow gsutil to only check for the '1' string value, as is done # with regard to the 'CLOUDSDK_WRAPPER' environment variable. encoding.SetEncodedValue( os.environ, 'CLOUDSDK_CORE_PASS_CREDENTIALS_TO_GSUTIL', '1') if account in c_gce.Metadata().Accounts(): # Tell gsutil that it should obtain credentials from the GCE metadata # server for the instance's configured service account. _MaybeAddBotoOption(args, 'GoogleCompute', 'service_account', 'default') # For auth'n debugging purposes, allow gsutil to reason about whether the # configured service account was set in a boto file or passed from here. encoding.SetEncodedValue( os.environ, 'CLOUDSDK_PASSED_GCE_SERVICE_ACCOUNT_TO_GSUTIL', '1') else: legacy_config_path = config.Paths().LegacyCredentialsGSUtilPath(account) # We construct a BOTO_PATH that tacks the config containing our # credentials options onto the end of the list of config paths. We ensure # the other credential options are loaded first so that ours will take # precedence and overwrite them. boto_config = encoding.GetEncodedValue(os.environ, 'BOTO_CONFIG', '') boto_path = encoding.GetEncodedValue(os.environ, 'BOTO_PATH', '') if boto_config: boto_path = os.pathsep.join([boto_config, legacy_config_path]) elif boto_path: boto_path = os.pathsep.join([boto_path, legacy_config_path]) else: path_parts = ['/etc/boto.cfg', os.path.expanduser(os.path.join('~', '.boto')), legacy_config_path] boto_path = os.pathsep.join(path_parts) encoding.SetEncodedValue(os.environ, 'BOTO_CONFIG', None) encoding.SetEncodedValue(os.environ, 'BOTO_PATH', boto_path) # Tell gsutil whether gcloud analytics collection is enabled. encoding.SetEncodedValue( os.environ, 'GA_CID', metrics.GetCIDIfMetricsEnabled()) # Set proxy settings. Note that if these proxy settings are configured in a # boto config file, the options here will be loaded afterward, overriding # them. proxy_params = properties.VALUES.proxy proxy_address = proxy_params.address.Get() if proxy_address: _MaybeAddBotoOption(args, 'Boto', 'proxy', proxy_address) _MaybeAddBotoOption(args, 'Boto', 'proxy_port', proxy_params.port.Get()) _MaybeAddBotoOption(args, 'Boto', 'proxy_rdns', proxy_params.rdns.GetBool()) _MaybeAddBotoOption(args, 'Boto', 'proxy_user', proxy_params.username.Get()) _MaybeAddBotoOption(args, 'Boto', 'proxy_pass', proxy_params.password.Get()) # Set SSL-related settings. disable_ssl = properties.VALUES.auth.disable_ssl_validation.GetBool() _MaybeAddBotoOption(args, 'Boto', 'https_validate_certificates', None if disable_ssl is None else not disable_ssl) _MaybeAddBotoOption(args, 'Boto', 'ca_certificates_file', properties.VALUES.core.custom_ca_certs_file.Get()) # Note that the original args to gsutil will be appended after the args we've # supplied here. bootstrapping.ExecutePythonTool('platform/gsutil', 'gsutil', *args)