def __init__(self, project_id: str, service_account_name: Optional[str] = None, service_account_key_file: Optional[str] = None) -> None: """Initialize new instance of BigQueryUtils. Args: project_id: GCP project id. service_account_name: The service account name. service_account_key_file: File containing service account key. If both service_account_name and service_account_key_file are not passed the default credential will be used.There are following ways to create service accounts - 1) Use `build_service_client` method from `cloud_auth` module. 2) Use `gcloud` command line utility as documented here - https://cloud.google.com/iam/docs/creating-managing-service-account-keys """ if service_account_name: credentials = cloud_auth.impersonate_service_account( service_account_name) elif service_account_key_file: credentials = cloud_auth.get_credentials(service_account_key_file) else: logging.info( 'Neither Service account key file nor service account ' 'name was provided, so using default credentials.') credentials = cloud_auth.get_default_credentials() self.project_id = project_id self.client = bigquery.Client(project=project_id, credentials=credentials)
def __init__(self, project_id: str, location: str = _LOCATION, service_account_name: Optional[str] = None, service_account_key_file: Optional[str] = None, version: str = _VERSION) -> None: """Initialise new instance of CloudComposerUtils. Args: project_id: GCP project id. location: Optional. Region under which the Composer environment needs to be managed. It defaults to 'us-central1'. Allowed values - https://cloud.google.com/compute/docs/regions-zones/. service_account_name: The service account name. service_account_key_file: Optional. File containing service account key. version: The version of the service. It defaults to 'v1beta1'. """ if service_account_name: self.client = cloud_auth.build_impersonated_client( _CLIENT_NAME, service_account_name, version) else: if service_account_key_file: credentials = cloud_auth.get_credentials( service_account_key_file) else: logging.info( 'Neither service account key file nor service account ' 'name was provided, so using default credentials.') credentials = cloud_auth.get_default_credentials() self.client = cloud_auth.build_service_client( _CLIENT_NAME, credentials) self.project_id = project_id self.location = location
def __init__(self, project_id: str, service_account_name: Optional[str] = None, service_account_key_file: Optional[str] = None, version: str = _VERSION) -> None: """Initialise new instance of CloudApiUtils. Args: project_id: GCP project id. service_account_name: The service account name. service_account_key_file: Optional. File containing service account key. version: The version of the service usage service. It defaults to 'v1beta1'. """ if service_account_name: self.client = cloud_auth.build_impersonated_client( 'serviceusage', service_account_name, version) else: if service_account_key_file: credentials = cloud_auth.get_credentials( service_account_key_file) else: logging.info( 'Neither service account key file nor service account ' 'name was provided, so using default credentials.') credentials = cloud_auth.get_default_credentials() self.client = cloud_auth.build_service_client( 'serviceusage', credentials) self.project_id = project_id
def test_get_credentials_for_service_account( self, mock_from_service_account_file, mock_is_file): mock_is_file.return_value = True mock_from_service_account_file.return_value = self.mock_credentials credentials = cloud_auth.get_credentials('/tmp/key.json') self.mock_auth_default.assert_not_called() self.assertEqual(self.mock_credentials, credentials)
def __init__(self, project_id: str, service_account_key_file: Optional[str] = None) -> None: """Initialize new instance of CloudStorageUtils. Args: project_id: GCP project id. service_account_key_file: File containing service account key. If not passed the default credential will be used. There are following ways to create service accounts - 1) Use `build_service_client` method from `cloud_auth` module. 2) Use `gcloud` command line utility as documented here - https://cloud.google.com/iam/docs/creating-managing-service-account-keys """ credentials = cloud_auth.get_credentials(service_account_key_file) self.client = storage.Client(project=project_id, credentials=credentials)
def __init__(self, project_id: str, service_account_info: Mapping[str, str] = None, service_account_name: Optional[str] = None, service_account_key_file: Optional[str] = None) -> None: """Initialize new instance of CloudStorageUtils. Args: project_id: GCP project id. service_account_info: Mapping containing the service account info, such as the example below: { 'type': 'service_account', 'project_id': '[PROJECT_ID]', 'private_key_id': '[PRIVATE_KEY_ID]', 'private_key': '[PRIVATE_KEY]', 'client_email': '[CLIENT_EMAIL]', 'client_id': '[CLIENT_ID]', 'auth_uri': 'https://accounts.google.com/o/oauth2/auth', 'token_uri': 'https://accounts.google.com/o/oauth2/token', 'auth_provider_x509_cert_url': 'https://www.googleapis.com/oauth2/v1/certs', 'client_x509_cert_url': '[CERTIFICATE_URL]' } service_account_name: The service account name. service_account_key_file: File containing service account key. """ if service_account_name: credentials = cloud_auth.impersonate_service_account( service_account_name) elif service_account_key_file: credentials = cloud_auth.get_credentials(service_account_key_file) elif service_account_info: credentials = cloud_auth.get_credentials_from_info( service_account_info) else: logging.info( 'Neither Service account key file nor service account ' 'name was provided, so using default credentials.') credentials = cloud_auth.get_default_credentials() self.client = storage.Client(project=project_id, credentials=credentials)
def __init__(self, project_id: str, location: str = _LOCATION, service_account_name: Optional[str] = None, service_account_key_file: Optional[str] = None, version: str = _VERSION): """Initializes new instance of CloudSchedulerUtils. Args: project_id: GCP project id. location: Optional. Region under which the Cloud Scheduler needs to be managed. It defaults to 'us-central1'. Allowed values - https://cloud.google.com/compute/docs/regions-zones/. service_account_name: The service account name. service_account_key_file: Optional. File containing service account key. If not passed the default credential will be used. There are following ways to create service accounts: 1. Use `build_service_client` method from `cloud_auth` module. 2. Use `gcloud` command line utility as documented here - https://cloud.google.com/iam/docs/creating-managing-service-account-keys version: The version of the service. It defaults to 'v1beta1'. Raises: ValueError: If neither service_account_key_file or service_account_name were provided. """ if not service_account_key_file and not service_account_name: raise ValueError( 'Service account key file or service account name is not provided. ' 'Provide either path to service account key file or name of the ' 'service account.') if service_account_key_file: credentials = cloud_auth.get_credentials(service_account_key_file) self._client = cloud_auth.build_service_client( _CLIENT_NAME, credentials) else: self._client = cloud_auth.build_impersonated_client( _CLIENT_NAME, service_account_name, version) self._parent = f'projects/{project_id}/locations/{location}'
def test_get_credentials_throws_error_given_no_default_credentials(self): self.mock_auth_default.side_effect = ( auth.exceptions.DefaultCredentialsError()) with self.assertRaises(cloud_auth.Error): cloud_auth.get_credentials()
def test_default_credentials_are_used_when_key_file_is_not_given( self, mock_from_service_account_file): cloud_auth.get_credentials() self.mock_auth_default.assert_called_once() mock_from_service_account_file.assert_not_called()
def test_exception_is_raised_when_service_account_key_file_is_not_found( self, mock_is_file): mock_is_file.return_value = False with self.assertRaises(FileNotFoundError): cloud_auth.get_credentials('/tmp/invalid_file')