[Vertex AI] Avoid silent default to 'us-central1' for GOOGLE_CLOUD_LOCATION to support restricted environments #7899
Description
Describe the bug
Hi Marimo Team! 👋
First off, thanks for building such a great tool. We are currently integrating Marimo into our enterprise environment using Vertex AI and stumbled upon a "silent failure" scenario regarding the region configuration.
The Context We utilize ADC (Application Default Credentials) for authentication. In many enterprise Google Cloud setups (like ours), there are strict Organization Policies that restrict resource usage to specific regions (e.g., europe-west3 only) for compliance and data residency reasons.
The Issue We noticed that in marimo/_ai/llm/providers.py, the Vertex AI provider defaults the location to us-central1 if the environment variable is missing:
Python
Current behavior
location = os.getenv("GOOGLE_CLOUD_LOCATION", "us-central1")
Because we didn't explicitly set the env var (expecting either a failure or a dynamic lookup), the code silently defaulted to us-central1. Consequence: The API calls were blocked by our Cloud Organization Policy ("Resource Location Restriction"), resulting in a generic error in the UI. It took us a moment to realize the requests were being routed to the US by default, rather than failing during initialization.
Suggestion In the spirit of The Zen of Python — "Explicit is better than implicit" 😉 — we believe it would be safer to force the user to define their location rather than assuming a default that might be inaccessible.
We suggest one of the following approaches:
Fail Fast (Preferred): Remove the default value. If GOOGLE_CLOUD_LOCATION is not set, raise a clear ValueError or ConfigurationError immediately. This tells the user: "Hey, we need to know where your Vertex AI resources live."
Warning: If you want to keep the default for convenience, perhaps log a warning: "No location configured. Defaulting to 'us-central1'. This may fail if your project has region restrictions."
This change would prevent "silent" auth/permission bugs in restricted environments and make the configuration requirements clearer.
Thanks for considering this! 🚀
Will you submit a PR?
- Yes
Environment
{
"marimo": "0.19.4",
"editable": false,
"location": "/home/appuser/venv/lib/python3.13/site-packages/marimo",
"OS": "Linux",
"OS Version": "5.15.0-1101-azure",
"Processor": "",
"Python Version": "3.13.5",
"Locale": "en_US",
"Binaries": {
"Browser": "--",
"Node": "--"
},
"Dependencies": {
"click": "8.3.0",
"docutils": "0.22.3",
"itsdangerous": "2.2.0",
"jedi": "0.19.2",
"markdown": "3.10",
"narwhals": "2.10.2",
"packaging": "25.0",
"psutil": "7.1.3",
"pygments": "2.19.2",
"pymdown-extensions": "10.16.1",
"pyyaml": "6.0.3",
"starlette": "0.50.0",
"tomlkit": "0.13.3",
"typing-extensions": "4.15.0",
"uvicorn": "0.38.0",
"websockets": "15.0.1"
},
"Optional Dependencies": {
"altair": "6.0.0",
"duckdb": "1.4.3",
"loro": "1.8.2",
"mcp": "1.25.0",
"openai": "2.15.0",
"pandas": "2.3.3",
"polars": "1.37.0",
"pyarrow": "22.0.0",
"python-lsp-ruff": "2.3.0",
"python-lsp-server": "1.14.0",
"ruff": "0.14.11",
"sqlglot": "28.5.0",
"vegafusion": "2.0.3"
},
"Experimental Flags": {}
}
Code to reproduce
No response