def ValidateBucketForCertificateAuthority(bucket_name): """Validates that a user-specified bucket can be used with a Private CA. Args: bucket_name: The name of the GCS bucket to validate. Returns: A BucketReference wrapping the given bucket name. Raises: InvalidArgumentException: when the given bucket can't be used with a CA. """ messages = storage_util.GetMessages() client = storage_api.StorageClient(messages=messages) try: bucket = client.GetBucket( bucket_name, messages.StorageBucketsGetRequest.ProjectionValueValuesEnum.full) if not _BucketAllowsPublicObjectReads(bucket): # Show a warning but don't fail, since this could be intentional. log.warning( 'The specified bucket does not publicly expose new objects by ' 'default, so some clients may not be able to access the CA ' 'certificate or CRLs. For more details, see ' 'https://cloud.google.com/storage/docs/access-control/making-data-public' ) return storage_util.BucketReference(bucket_name) except storage_api.BucketNotFoundError: raise exceptions.InvalidArgumentException( 'gcs-bucket', 'The given bucket does not exist.')
def SetUp(self): self.ca_ref = GetCertificateAuthorityRef(self._CA_NAME) self.messages = storage_util.GetMessages() self.client = api_mock.Client(client_class=apis.GetClientClass( 'storage', 'v1'), real_client=storage_util.GetClient()) self.client.Mock() self.addCleanup(self.client.Unmock)
def CreateBucketForCertificateAuthority(ca_ref): """Creates a GCS bucket for use by the given Certificate Authority.""" client = storage_util.GetClient() messages = storage_util.GetMessages() location = ca_ref.Parent().Name() project = ca_ref.Parent().Parent().Name() bucket_name = _BUCKET_NAMING_PATTERN.format(uuid=uuid.uuid4()) client.buckets.Insert( messages.StorageBucketsInsertRequest(project=project, bucket=messages.Bucket( name=bucket_name, location=location))) return storage_util.BucketReference(bucket_name)
def CreateBucketForCertificateAuthority(ca_ref): """Creates a GCS bucket for use by the given Certificate Authority.""" client = storage_util.GetClient() messages = storage_util.GetMessages() location = ca_ref.Parent().Name() project = ca_ref.Parent().Parent().Name() bucket_name = _BUCKET_NAMING_PATTERN.format(uuid=uuid.uuid4()) labels = messages.Bucket.LabelsValue(additionalProperties=[ messages.Bucket.LabelsValue.AdditionalProperty( key='certificate_authority_id', value=ca_ref.RelativeName()) ]) client.buckets.Insert( messages.StorageBucketsInsertRequest( project=project, bucket=messages.Bucket( name=bucket_name, location=location, labels=labels))) return storage_util.BucketReference(bucket_name)
def CreateBucketForCertificateAuthority(ca_ref): """Creates a GCS bucket for use by the given Certificate Authority.""" client = storage_util.GetClient() messages = storage_util.GetMessages() location = ca_ref.Parent().Name() project = ca_ref.Parent().Parent().Name() bucket_name = _BUCKET_NAMING_PATTERN.format(uuid=uuid.uuid4()) client.buckets.Insert( messages.StorageBucketsInsertRequest( project=project, predefinedDefaultObjectAcl=messages.StorageBucketsInsertRequest. PredefinedDefaultObjectAclValueValuesEnum.publicRead, bucket=messages.Bucket( name=bucket_name, location=location, versioning=messages.Bucket.VersioningValue(enabled=True)))) return storage_util.BucketReference(bucket_name)
def testCreate_LocalPath(self, module_name): """Tests an error from an invalid combination of flags.""" self._ExpectCreate( deployment_uri='gs://bucket/{}/'.format(self._SHA256_SUM)) self._ExpectOperationPolling() self.Touch(self.temp_path, 'file', contents='file contents') object_ = storage_util.GetMessages().Object(bucket='bucket', name=self._SHA256_SUM + '/file') copy_file_mock = self.StartObjectPatch(storage_api.StorageClient, 'CopyFileToGCS') copy_file_mock.return_value = object_ self.Run('{} versions create versionId --model modelId ' '--staging-bucket gs://bucket/ ' '--origin '.format(module_name) + self.temp_path) copy_file_mock.assert_called_once_with( os.path.join(self.temp_path, 'file'), storage_util.ObjectReference.FromUrl( 'gs://bucket/' + self._SHA256_SUM + '/file'))
def __init__(self, client=None, messages=None): self.client = client or storage_util.GetClient() self.messages = messages or storage_util.GetMessages()