Skip to content

Updated gcs client to use client.bucket instead of client.get_bucket method #1739

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
haritamar merged 2 commits into from
Nov 18, 2024
Merged

Updated gcs client to use client.bucket instead of client.get_bucket method #1739

haritamar merged 2 commits into from
Nov 18, 2024

Conversation

@jcarpenter12
Copy link
Contributor

@jcarpenter12 jcarpenter12 commented Nov 7, 2024
edited
Loading

This pull request has been added to update the client to use bucket method instead of the get_bucket method.

If the get_bucket method is used the account that makes the request must have storage.buckets.get access on the project itself which means that the account must have two roles applied to it in order for the IAM to work. This also means that the account must have more access than it technically needs to the project.

This stack overflow post outlines the issue

This was spotted when building and pushing elementary files through a CI pipeline. The get_bucket method can be used to check a bucket exists but as this is not something that is done within the elementary code, it doesn't make sense to use it. It should be on the user to make sure the bucket is available.

More details on this here

Switching to this method the account will only need storage.objectAdmin role on the bucket to write the files. Rather than having to use storage.objectAdmin and another role that has the storage.bucket.get permission.

I have not raised a bug for this as it is a one line change but happy to if required

@jcarpenter12 jcarpenter12 changed the title Updated gcs client to use new method Updated gcs client to use client.bucket instead of client.get_bucket method Nov 7, 2024
@haritamar haritamar merged commit d85644d into elementary-data:master Nov 18, 2024
@MikaKerman
Copy link
Contributor

MikaKerman commented Feb 18, 2025

Hi @jcarpenter12 !
Your contribution is included in the new release - 0.16.2. 🎉

hanalytics-data-service pushed a commit to hanalytics-data-service/hanalytics-elementary that referenced this pull request Apr 14, 2025
@jcarpenter12 @haritamar @hanalytics-data-service
Updated gcs client to use new method (elementary-data#1739)
7cc7fe1 
Co-authored-by: Itamar Hartstein <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@haritamar haritamar haritamar approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jcarpenter12 @MikaKerman @haritamar