Skip to content

Commit

Permalink
Merge branch 'main' into renovate/googleapis-java-cloud-bom-digest
Browse files Browse the repository at this point in the history
  • Loading branch information
zhumin8 authored Oct 3, 2024
2 parents a81f3c7 + 6d85864 commit 3467e64
Show file tree
Hide file tree
Showing 31 changed files with 772 additions and 139 deletions.
2 changes: 1 addition & 1 deletion .cloudbuild/graalvm/cloudbuild-test-a-downstream-kms.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
timeout: 7200s # 2 hours
substitutions:
_SHARED_DEPENDENCIES_VERSION: '3.30.1-SNAPSHOT' # {x-version-update:google-cloud-shared-dependencies:current}
_JAVA_SHARED_CONFIG_VERSION: '1.11.2'
_JAVA_SHARED_CONFIG_VERSION: '1.11.3'
options:
machineType: 'E2_HIGHCPU_8'
steps:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
timeout: 7200s # 2 hours
substitutions:
_SHARED_DEPENDENCIES_VERSION: '3.30.1-SNAPSHOT' # {x-version-update:google-cloud-shared-dependencies:current}
_JAVA_SHARED_CONFIG_VERSION: '1.11.2'
_JAVA_SHARED_CONFIG_VERSION: '1.11.3'
options:
machineType: 'E2_HIGHCPU_8'
steps:
Expand Down
2 changes: 1 addition & 1 deletion .cloudbuild/graalvm/cloudbuild-test-a.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
timeout: 7200s # 2 hours
substitutions:
_SHARED_DEPENDENCIES_VERSION: '3.36.2-SNAPSHOT' # {x-version-update:google-cloud-shared-dependencies:current}
_JAVA_SHARED_CONFIG_VERSION: '1.11.2'
_JAVA_SHARED_CONFIG_VERSION: '1.11.3'
options:
machineType: 'E2_HIGHCPU_8'
steps:
Expand Down
2 changes: 1 addition & 1 deletion .cloudbuild/graalvm/cloudbuild-test-b-downstream-kms.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
timeout: 7200s # 2 hours
substitutions:
_SHARED_DEPENDENCIES_VERSION: '3.30.1-SNAPSHOT' # {x-version-update:google-cloud-shared-dependencies:current}
_JAVA_SHARED_CONFIG_VERSION: '1.11.2'
_JAVA_SHARED_CONFIG_VERSION: '1.11.3'
options:
machineType: 'E2_HIGHCPU_8'
steps:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
timeout: 7200s # 2 hours
substitutions:
_SHARED_DEPENDENCIES_VERSION: '3.30.1-SNAPSHOT' # {x-version-update:google-cloud-shared-dependencies:current}
_JAVA_SHARED_CONFIG_VERSION: '1.11.2'
_JAVA_SHARED_CONFIG_VERSION: '1.11.3'
options:
machineType: 'E2_HIGHCPU_8'
steps:
Expand Down
2 changes: 1 addition & 1 deletion .cloudbuild/graalvm/cloudbuild-test-b.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
timeout: 7200s # 2 hours
substitutions:
_SHARED_DEPENDENCIES_VERSION: '3.36.2-SNAPSHOT' # {x-version-update:google-cloud-shared-dependencies:current}
_JAVA_SHARED_CONFIG_VERSION: '1.11.2'
_JAVA_SHARED_CONFIG_VERSION: '1.11.3'
options:
machineType: 'E2_HIGHCPU_8'
steps:
Expand Down
2 changes: 1 addition & 1 deletion .cloudbuild/graalvm/cloudbuild.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
timeout: 7200s # 2 hours
substitutions:
_SHARED_DEPENDENCIES_VERSION: '3.36.2-SNAPSHOT' # {x-version-update:google-cloud-shared-dependencies:current}
_JAVA_SHARED_CONFIG_VERSION: '1.11.2'
_JAVA_SHARED_CONFIG_VERSION: '1.11.3'
steps:
# GraalVM A build
- name: gcr.io/cloud-builders/docker
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ SHELL [ "/bin/bash", "-c" ]

ARG OWLBOT_CLI_COMMITTISH=ac84fa5c423a0069bbce3d2d869c9730c8fdf550
ARG PROTOC_VERSION=25.5
ARG GRPC_VERSION=1.68.0
ARG GRPC_VERSION=1.67.1
ENV HOME=/home
ENV OS_ARCHITECTURE="linux-x86_64"

Expand Down
8 changes: 4 additions & 4 deletions gapic-generator-java-pom-parent/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
<parent>
<groupId>com.google.cloud</groupId>
<artifactId>google-cloud-shared-config</artifactId>
<version>1.11.2</version>
<version>1.11.3</version>
<relativePath/>
</parent>

Expand All @@ -26,15 +26,15 @@
<!-- External dependencies, especially gRPC and Protobuf version, should be
consistent across modules in this repository -->
<javax.annotation-api.version>1.3.2</javax.annotation-api.version>
<grpc.version>1.68.0</grpc.version>
<google.auth.version>1.27.0</google.auth.version>
<grpc.version>1.67.1</grpc.version>
<google.auth.version>1.28.0</google.auth.version>
<google.http-client.version>1.45.0</google.http-client.version>
<gson.version>2.11.0</gson.version>
<guava.version>33.3.1-jre</guava.version>
<protobuf.version>3.25.5</protobuf.version>
<opentelemetry.version>1.42.1</opentelemetry.version>
<maven.compiler.release>8</maven.compiler.release>
<errorprone.version>2.32.0</errorprone.version>
<errorprone.version>2.33.0</errorprone.version>
<j2objc-annotations.version>3.0.0</j2objc-annotations.version>
<threetenbp.version>1.7.0</threetenbp.version>
<junit.version>5.11.1</junit.version>
Expand Down
4 changes: 2 additions & 2 deletions gax-java/dependencies.properties
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,8 @@ version.io_grpc=1.66.0
# 2) Replace all characters which are neither alphabetic nor digits with the underscore ('_') character
maven.com_google_api_grpc_proto_google_common_protos=com.google.api.grpc:proto-google-common-protos:2.45.0
maven.com_google_api_grpc_grpc_google_common_protos=com.google.api.grpc:grpc-google-common-protos:2.45.0
maven.com_google_auth_google_auth_library_oauth2_http=com.google.auth:google-auth-library-oauth2-http:1.27.0
maven.com_google_auth_google_auth_library_credentials=com.google.auth:google-auth-library-credentials:1.27.0
maven.com_google_auth_google_auth_library_oauth2_http=com.google.auth:google-auth-library-oauth2-http:1.28.0
maven.com_google_auth_google_auth_library_credentials=com.google.auth:google-auth-library-credentials:1.28.0
maven.io_opentelemetry_opentelemetry_api=io.opentelemetry:opentelemetry-api:1.42.1
maven.io_opencensus_opencensus_api=io.opencensus:opencensus-api:0.31.1
maven.io_opencensus_opencensus_contrib_grpc_metrics=io.opencensus:opencensus-contrib-grpc-metrics:0.31.1
Expand Down
2 changes: 1 addition & 1 deletion gax-java/gax-bom/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
<parent>
<groupId>com.google.cloud</groupId>
<artifactId>google-cloud-shared-config</artifactId>
<version>1.11.2</version>
<version>1.11.3</version>
<relativePath/>
</parent>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@
import com.google.api.gax.rpc.TransportChannelProvider;
import com.google.api.gax.rpc.internal.EnvironmentProvider;
import com.google.api.gax.rpc.mtls.MtlsProvider;
import com.google.auth.ApiKeyCredentials;
import com.google.auth.Credentials;
import com.google.auth.oauth2.ComputeEngineCredentials;
import com.google.common.annotations.VisibleForTesting;
Expand All @@ -63,6 +64,8 @@
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.Executor;
import java.util.concurrent.ScheduledExecutorService;
Expand Down Expand Up @@ -123,6 +126,7 @@ public final class InstantiatingGrpcChannelProvider implements TransportChannelP
@Nullable private final Boolean allowNonDefaultServiceAccount;
@VisibleForTesting final ImmutableMap<String, ?> directPathServiceConfig;
@Nullable private final MtlsProvider mtlsProvider;
@VisibleForTesting final Map<String, String> headersWithDuplicatesRemoved = new HashMap<>();

@Nullable
private final ApiFunction<ManagedChannelBuilder, ManagedChannelBuilder> channelConfigurator;
Expand Down Expand Up @@ -408,7 +412,8 @@ ChannelCredentials createMtlsChannelCredentials() throws IOException, GeneralSec

private ManagedChannel createSingleChannel() throws IOException {
GrpcHeaderInterceptor headerInterceptor =
new GrpcHeaderInterceptor(headerProvider.getHeaders());
new GrpcHeaderInterceptor(headersWithDuplicatesRemoved);

GrpcMetadataHandlerInterceptor metadataHandlerInterceptor =
new GrpcMetadataHandlerInterceptor();

Expand Down Expand Up @@ -496,6 +501,28 @@ private ManagedChannel createSingleChannel() throws IOException {
return managedChannel;
}

/* Remove provided headers that will also get set by {@link com.google.auth.ApiKeyCredentials}. They will be added as part of the grpc call when performing auth
* {@link io.grpc.auth.GoogleAuthLibraryCallCredentials#applyRequestMetadata}. GRPC does not dedup headers {@link https://github.com/grpc/grpc-java/blob/a140e1bb0cfa662bcdb7823d73320eb8d49046f1/api/src/main/java/io/grpc/Metadata.java#L504} so we must before initiating the call.
*
* Note: This is specific for ApiKeyCredentials as duplicate API key headers causes a failure on the back end. At this time we are not sure of the behavior for other credentials.
*/
private void removeApiKeyCredentialDuplicateHeaders() {
if (headerProvider != null) {
headersWithDuplicatesRemoved.putAll(headerProvider.getHeaders());
}
if (credentials != null && credentials instanceof ApiKeyCredentials) {
try {
Map<String, List<String>> credentialRequestMetatData = credentials.getRequestMetadata();
if (credentialRequestMetatData != null) {
headersWithDuplicatesRemoved.keySet().removeAll(credentialRequestMetatData.keySet());
}
} catch (IOException e) {
// unreachable, there is no scenario that getRequestMetatData for ApiKeyCredentials will
// throw an IOException
}
}
}

/**
* Marked as Internal Api and intended for internal use. DirectPath must be enabled via the
* settings and a few other configurations/settings must also be valid for the request to go
Expand Down Expand Up @@ -883,7 +910,10 @@ public Builder setDirectPathServiceConfig(Map<String, ?> serviceConfig) {
}

public InstantiatingGrpcChannelProvider build() {
return new InstantiatingGrpcChannelProvider(this);
InstantiatingGrpcChannelProvider instantiatingGrpcChannelProvider =
new InstantiatingGrpcChannelProvider(this);
instantiatingGrpcChannelProvider.removeApiKeyCredentialDuplicateHeaders();
return instantiatingGrpcChannelProvider;
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,17 +34,21 @@
import static com.google.common.base.Preconditions.checkArgument;
import static com.google.common.truth.Truth.assertThat;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;

import com.google.api.core.ApiFunction;
import com.google.api.gax.grpc.InstantiatingGrpcChannelProvider.Builder;
import com.google.api.gax.rpc.FixedHeaderProvider;
import com.google.api.gax.rpc.HeaderProvider;
import com.google.api.gax.rpc.TransportChannel;
import com.google.api.gax.rpc.TransportChannelProvider;
import com.google.api.gax.rpc.internal.EnvironmentProvider;
import com.google.api.gax.rpc.mtls.AbstractMtlsTransportChannelTest;
import com.google.api.gax.rpc.mtls.MtlsProvider;
import com.google.auth.ApiKeyCredentials;
import com.google.auth.Credentials;
import com.google.auth.http.AuthHttpConstants;
import com.google.auth.oauth2.CloudShellCredentials;
import com.google.auth.oauth2.ComputeEngineCredentials;
import com.google.common.collect.ImmutableList;
Expand Down Expand Up @@ -79,6 +83,8 @@

class InstantiatingGrpcChannelProviderTest extends AbstractMtlsTransportChannelTest {
private static final String DEFAULT_ENDPOINT = "test.googleapis.com:443";
private static final String API_KEY_HEADER_VALUE = "fake_api_key_2";
private static final String API_KEY_AUTH_HEADER_KEY = "x-goog-api-key";
private static String originalOSName;
private ComputeEngineCredentials computeEngineCredentials;

Expand Down Expand Up @@ -877,6 +883,103 @@ public void canUseDirectPath_nonGDUUniverseDomain() {
Truth.assertThat(provider.canUseDirectPath()).isFalse();
}

@Test
void providerInitializedWithNonConflictingHeaders_retainsHeaders() {
InstantiatingGrpcChannelProvider.Builder builder =
InstantiatingGrpcChannelProvider.newBuilder()
.setHeaderProvider(getHeaderProviderWithApiKeyHeader())
.setEndpoint("test.random.com:443");

InstantiatingGrpcChannelProvider provider = builder.build();

assertEquals(1, provider.headersWithDuplicatesRemoved.size());
assertEquals(
API_KEY_HEADER_VALUE, provider.headersWithDuplicatesRemoved.get(API_KEY_AUTH_HEADER_KEY));
}

@Test
void providersInitializedWithConflictingApiKeyCredentialHeaders_removesDuplicates() {
String correctApiKey = "fake_api_key";
ApiKeyCredentials apiKeyCredentials = ApiKeyCredentials.create(correctApiKey);
InstantiatingGrpcChannelProvider.Builder builder =
InstantiatingGrpcChannelProvider.newBuilder()
.setCredentials(apiKeyCredentials)
.setHeaderProvider(getHeaderProviderWithApiKeyHeader())
.setEndpoint("test.random.com:443");

InstantiatingGrpcChannelProvider provider = builder.build();

assertEquals(0, provider.headersWithDuplicatesRemoved.size());
assertNull(provider.headersWithDuplicatesRemoved.get(API_KEY_AUTH_HEADER_KEY));
}

@Test
void providersInitializedWithConflictingNonApiKeyCredentialHeaders_doesNotRemoveDuplicates() {
String authProvidedHeader = "Bearer token";
Map<String, String> header = new HashMap<>();
header.put(AuthHttpConstants.AUTHORIZATION, authProvidedHeader);
InstantiatingGrpcChannelProvider.Builder builder =
InstantiatingGrpcChannelProvider.newBuilder()
.setCredentials(computeEngineCredentials)
.setHeaderProvider(FixedHeaderProvider.create(header))
.setEndpoint("test.random.com:443");

InstantiatingGrpcChannelProvider provider = builder.build();

assertEquals(1, provider.headersWithDuplicatesRemoved.size());
assertEquals(
authProvidedHeader,
provider.headersWithDuplicatesRemoved.get(AuthHttpConstants.AUTHORIZATION));
}

@Test
void buildProvider_handlesNullHeaderProvider() {
InstantiatingGrpcChannelProvider.Builder builder =
InstantiatingGrpcChannelProvider.newBuilder().setEndpoint("test.random.com:443");

InstantiatingGrpcChannelProvider provider = builder.build();

assertEquals(0, provider.headersWithDuplicatesRemoved.size());
}

@Test
void buildProvider_handlesNullCredentialsMetadataRequest() throws IOException {
Credentials credentials = Mockito.mock(Credentials.class);
Mockito.when(credentials.getRequestMetadata()).thenReturn(null);
InstantiatingGrpcChannelProvider.Builder builder =
InstantiatingGrpcChannelProvider.newBuilder()
.setHeaderProvider(getHeaderProviderWithApiKeyHeader())
.setEndpoint("test.random.com:443");

InstantiatingGrpcChannelProvider provider = builder.build();

assertEquals(1, provider.headersWithDuplicatesRemoved.size());
assertEquals(
API_KEY_HEADER_VALUE, provider.headersWithDuplicatesRemoved.get(API_KEY_AUTH_HEADER_KEY));
}

@Test
void buildProvider_handlesErrorRetrievingCredentialsMetadataRequest() throws IOException {
Credentials credentials = Mockito.mock(Credentials.class);
Mockito.when(credentials.getRequestMetadata())
.thenThrow(new IOException("Error getting request metadata"));
InstantiatingGrpcChannelProvider.Builder builder =
InstantiatingGrpcChannelProvider.newBuilder()
.setHeaderProvider(getHeaderProviderWithApiKeyHeader())
.setEndpoint("test.random.com:443");
InstantiatingGrpcChannelProvider provider = builder.build();

assertEquals(1, provider.headersWithDuplicatesRemoved.size());
assertEquals(
API_KEY_HEADER_VALUE, provider.headersWithDuplicatesRemoved.get(API_KEY_AUTH_HEADER_KEY));
}

private FixedHeaderProvider getHeaderProviderWithApiKeyHeader() {
Map<String, String> header = new HashMap<>();
header.put(API_KEY_AUTH_HEADER_KEY, API_KEY_HEADER_VALUE);
return FixedHeaderProvider.create(header);
}

private static class FakeLogHandler extends Handler {

List<LogRecord> records = new ArrayList<>();
Expand Down
Loading

0 comments on commit 3467e64

Please sign in to comment.