primal/athens
1
0
Fork 0
mirror of https://github.com/gomods/athens synced 2026-02-03 12:10:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

storage/gcp: allow json key to be used for GCS access (#1088)

Browse Source
This commit is contained in:
Marwan Sulaiman
2019-02-25 16:59:00 -05:00
committed by Aaron Schlesinger
parent 12ce2a6499
commit a27ef13b71
4 changed files with 24 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
config.dev.toml
+10
View File
@@ -182,6 +182,16 @@ SingleFlightType = "memory"
# Env override: ATHENS_STORAGE_GCP_BUCKET # Env override: ATHENS_STORAGE_GCP_BUCKET
Bucket = "MY_GCP_BUCKET" Bucket = "MY_GCP_BUCKET"
# JSONKey allows Athens to be run outside of GCP
# but still be able to access GCS. If you are
# running Athens inside GCP, you will most
# likely not need this as GCP figures out
# internal authentication between products for you.
# Pro tip: if you are pasting this as a JSON inside a string,
# make sure you escape "\n" by making it "\\n".
# Env override: ATHENS_STORAGE_GCP_JSON_KEY
JSONKey = "SERVICE_ACCOUNT_KEY"
[Storage.Minio] [Storage.Minio]
# Endpoint for Minio storage # Endpoint for Minio storage
# Env override: ATHENS_MINIO_ENDPOINT # Env override: ATHENS_MINIO_ENDPOINT
go.mod
+1 -1
View File
@@ -40,7 +40,7 @@ require (
go.opencensus.io v0.17.0 go.opencensus.io v0.17.0
golang.org/x/crypto v0.0.0-20181029103014-dab2b1051b5d // indirect golang.org/x/crypto v0.0.0-20181029103014-dab2b1051b5d // indirect
golang.org/x/net v0.0.0-20181029044818-c44066c5c816 // indirect golang.org/x/net v0.0.0-20181029044818-c44066c5c816 // indirect
golang.org/x/oauth2 v0.0.0-20180620175406-ef147856a6dd // indirect golang.org/x/oauth2 v0.0.0-20180620175406-ef147856a6dd
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f
golang.org/x/sys v0.0.0-20181031143558-9b800f95dbbc // indirect golang.org/x/sys v0.0.0-20181031143558-9b800f95dbbc // indirect
google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf
pkg/config/gcp.go
+1
View File
@@ -4,4 +4,5 @@ package config
type GCPConfig struct { type GCPConfig struct {
ProjectID string `envconfig:"GOOGLE_CLOUD_PROJECT"` ProjectID string `envconfig:"GOOGLE_CLOUD_PROJECT"`
Bucket string `validate:"required" envconfig:"ATHENS_STORAGE_GCP_BUCKET"` Bucket string `validate:"required" envconfig:"ATHENS_STORAGE_GCP_BUCKET"`
JSONKey string `envconfig:"ATHENS_STORAGE_GCP_JSON_KEY"`
} }
pkg/storage/gcp/gcp.go
+12 -1
View File
@@ -8,6 +8,8 @@ import (
"cloud.google.com/go/storage" "cloud.google.com/go/storage"
"github.com/gomods/athens/pkg/config" "github.com/gomods/athens/pkg/config"
"github.com/gomods/athens/pkg/errors" "github.com/gomods/athens/pkg/errors"
"golang.org/x/oauth2/google"
"google.golang.org/api/option"
) )
// Storage implements the (./pkg/storage).Backend interface // Storage implements the (./pkg/storage).Backend interface
@@ -26,7 +28,16 @@ type Storage struct {
// See https://cloud.google.com/docs/authentication/getting-started. // See https://cloud.google.com/docs/authentication/getting-started.
func New(ctx context.Context, gcpConf *config.GCPConfig, timeout time.Duration) (*Storage, error) { func New(ctx context.Context, gcpConf *config.GCPConfig, timeout time.Duration) (*Storage, error) {
const op errors.Op = "gcp.New" const op errors.Op = "gcp.New"
s, err := storage.NewClient(ctx)
opts := []option.ClientOption{}
if gcpConf.JSONKey != "" {
creds, err := google.CredentialsFromJSON(ctx, []byte(gcpConf.JSONKey), storage.ScopeReadWrite)
if err != nil {
return nil, errors.E(op, fmt.Errorf("could not get GCS credentials: %v", err))
}
opts = append(opts, option.WithCredentials(creds))
}
s, err := storage.NewClient(ctx, opts...)
if err != nil { if err != nil {
return nil, errors.E(op, fmt.Errorf("could not create new storage client: %s", err)) return nil, errors.E(op, fmt.Errorf("could not create new storage client: %s", err))
} }