Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add custom scopes for access tokens from the metadata service #633

Merged
merged 4 commits into from
Oct 29, 2020
Merged

feat: add custom scopes for access tokens from the metadata service #633

merged 4 commits into from
Oct 29, 2020

Conversation

davidwtbuxton
Copy link
Contributor

@davidwtbuxton davidwtbuxton commented Oct 25, 2020
edited
Loading

This works for App Engine, Cloud Run and Flex. On Compute Engine you
can request custom scopes, but they are ignored.

Part of #579

I will create a separate PR to update the user guide, which has been out-of-date for a while.

https://google-auth.readthedocs.io/en/latest/user-guide.html#compute-engine-container-engine-and-the-app-engine-flexible-environment

I've tested this on App Engine standard and Cloud Run, and using google.auth.default(scopes=..) works now. I tested on Compute Engine and requesting scopes has no effect, but does not raise an exception (which is expected).

@davidwtbuxton davidwtbuxton requested a review from a team as a code owner October 25, 2020 17:43
@google-cla google-cla bot added the cla: yes This human has signed the Contributor License Agreement. label Oct 25, 2020
@davidwtbuxton
feat: Add custom scopes for access tokens from the metadata service
175acb8 
This works for App Engine, Cloud Run and Flex. On Compute Engine you
can request custom scopes, but they are ignored.
@davidwtbuxton davidwtbuxton force-pushed the feature/579-compute-engine-creds branch from 0ab50e5 to 175acb8 Compare October 25, 2020 17:47
@davidwtbuxton davidwtbuxton mentioned this pull request Oct 26, 2020
Merged
@tseaver tseaver added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 26, 2020
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 26, 2020
tseaver
tseaver previously approved these changes Oct 26, 2020
View reviewed changes
@tseaver tseaver dismissed their stale review October 26, 2020 19:59

Failing unit tests.

@davidwtbuxton
Copy link
Contributor Author

Thanks for looking at this PR @tseaver

Tests are failing because of #632 , which impacts the head of master too. They would start passing again if pnuckowski/aioresponses#174 is accepted and a new release of aioresponses is published on PyPI.

@tseaver
Copy link
Contributor

tseaver commented Oct 27, 2020

PR #634 fixes the unit tests on `master. I've merged to see if this PR will then pass.

@busunkim96 busunkim96 added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 27, 2020
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 27, 2020
@silvolu
Copy link

silvolu commented Oct 28, 2020

Auth bits looks good. Nice to see you again @tseaver :)

@tseaver tseaver added automerge Merge the pull request once unit tests and other checks pass. kokoro:force-run Add this label to force Kokoro to re-run the tests. labels Oct 28, 2020
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 28, 2020
@tseaver tseaver changed the title feat: Add custom scopes for access tokens from the metadata service feat: add custom scopes for access tokens from the metadata service Oct 28, 2020
@gcf-merge-on-green
Copy link

Your PR has attempted to merge for 3 hours. Please check that all required checks have passed, you have an automerge label, and that all your reviewers have approved the PR

@gcf-merge-on-green
Copy link

Merge-on-green attempted to merge your PR for 6 hours, but it was not mergeable because either one of your required status checks failed, or one of your required reviews was not approved. Learn more about your required status checks here: https://help.github.com/en/github/administering-a-repository/enabling-required-status-checks. You can remove and reapply the label to re-run the bot.

1 similar comment
@gcf-merge-on-green
Copy link

Merge-on-green attempted to merge your PR for 6 hours, but it was not mergeable because either one of your required status checks failed, or one of your required reviews was not approved. Learn more about your required status checks here: https://help.github.com/en/github/administering-a-repository/enabling-required-status-checks. You can remove and reapply the label to re-run the bot.

@gcf-merge-on-green gcf-merge-on-green bot removed the automerge Merge the pull request once unit tests and other checks pass. label Oct 29, 2020
@tseaver tseaver added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 29, 2020
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 29, 2020
@busunkim96 busunkim96 added the automerge Merge the pull request once unit tests and other checks pass. label Oct 29, 2020
@tseaver tseaver merged commit 0323cf3 into googleapis:master Oct 29, 2020
@gcf-merge-on-green gcf-merge-on-green bot removed the automerge Merge the pull request once unit tests and other checks pass. label Oct 29, 2020
gcf-merge-on-green bot pushed a commit that referenced this pull request Oct 29, 2020
@release-please
chore: release 1.23.0 (#641)
bc92abb 
🤖 I have created a release \*beep\* \*boop\* 
---
## [1.23.0](https://www.github.com/googleapis/google-auth-library-python/compare/v1.22.1...v1.23.0) (2020-10-29)


### Features

* Add custom scopes for access tokens from the metadata service ([#633](https://www.github.com/googleapis/google-auth-library-python/issues/633)) ([0323cf3](https://www.github.com/googleapis/google-auth-library-python/commit/0323cf390b16e8483660ac88775e8ea4e7f7702d))


### Bug Fixes

* **deps:** Revert "fix: pin 'aoihttp < 3.7.0dev' ([#634](https://www.github.com/googleapis/google-auth-library-python/issues/634))" ([#632](https://www.github.com/googleapis/google-auth-library-python/issues/632)) ([#640](https://www.github.com/googleapis/google-auth-library-python/issues/640)) ([b790e65](https://www.github.com/googleapis/google-auth-library-python/commit/b790e6535cc37591b23866027a426cde312e07c1))
* pin 'aoihttp < 3.7.0dev' ([#634](https://www.github.com/googleapis/google-auth-library-python/issues/634)) ([05f9524](https://www.github.com/googleapis/google-auth-library-python/commit/05f95246fab928fe2f445781117eeac8088497fb))
* remove checks for ancient versions of Cryptography ([#596](https://www.github.com/googleapis/google-auth-library-python/issues/596)) ([6407258](https://www.github.com/googleapis/google-auth-library-python/commit/6407258956ec42e3b722418cb7f366e5ae9272ec)), closes [/github.com//issues/595#issuecomment-683903062](https://www.github.com/googleapis//github.com/googleapis/google-auth-library-python/issues/595/issues/issuecomment-683903062)
---


This PR was generated with [Release Please](https://github.com/googleapis/release-please).
@davidwtbuxton davidwtbuxton deleted the feature/579-compute-engine-creds branch October 30, 2020 07:10
@tseaver tseaver mentioned this pull request Nov 10, 2020
Closed
@dinvlad dinvlad mentioned this pull request Dec 18, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@busunkim96 busunkim96 busunkim96 approved these changes

@silvolu silvolu silvolu approved these changes

@tseaver tseaver tseaver left review comments

Assignees
No one assigned
Labels
cla: yes This human has signed the Contributor License Agreement.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@davidwtbuxton @tseaver @silvolu @busunkim96 @yoshi-kokoro