Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings
This repository was archived by the owner on Mar 2, 2026. It is now read-only.

Commit 403afb0

Browse filesBrowse files
daniel-sanchedaniel-sanche
authored
feat(gapic): support mTLS certificates when available (#1140)
Autogenerated gapic update Includes: - support for mTLS by default when the environment detects it - support for pipelines protos
1 parent d1c730d commit 403afb0
Copy full SHA for 403afb0

53 files changed

+2,740-493Lines changed: 2740 additions & 493 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
Dismiss banner
Expand file treeCollapse file tree
Open diff view settings
Collapse file

‎.librarian/state.yaml‎

Copy file name to clipboardExpand all lines: .librarian/state.yaml
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
image: us-central1-docker.pkg.dev/cloud-sdk-librarian-prod/images-prod/python-librarian-generator@sha256:ce48ed695c727f7e13efd1fd68f466a55a0d772c87b69158720cec39965bc8b2
1+
image: us-central1-docker.pkg.dev/cloud-sdk-librarian-prod/images-prod/python-librarian-generator@sha256:eec191fc4904c204cd717c79812cd66997b5559776483ee223f69c8f43e99224
22
libraries:
33
- id: google-cloud-firestore
44
version: 2.21.0
Collapse file

‎google/cloud/firestore_admin_v1/services/__init__.py‎

Copy file name to clipboardExpand all lines: google/cloud/firestore_admin_v1/services/__init__.py
+3Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,3 +13,6 @@
1313
# See the License for the specific language governing permissions and
1414
# limitations under the License.
1515
#
16+
17+
# DO NOT EDIT THIS FILE OUTSIDE OF `.librarian/generator-input`
18+
# The source of truth for this file is `.librarian/generator-input`
Collapse file

‎google/cloud/firestore_admin_v1/services/firestore_admin/__init__.py‎

Copy file name to clipboardExpand all lines: google/cloud/firestore_admin_v1/services/firestore_admin/__init__.py
+5-1Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,12 @@
1313
# See the License for the specific language governing permissions and
1414
# limitations under the License.
1515
#
16-
from .client import FirestoreAdminClient
16+
17+
# DO NOT EDIT THIS FILE OUTSIDE OF `.librarian/generator-input`
18+
# The source of truth for this file is `.librarian/generator-input`
19+
1720
from .async_client import FirestoreAdminAsyncClient
21+
from .client import FirestoreAdminClient
1822

1923
__all__ = (
2024
"FirestoreAdminClient",
Collapse file

‎google/cloud/firestore_admin_v1/services/firestore_admin/async_client.py‎

Copy file name to clipboardExpand all lines: google/cloud/firestore_admin_v1/services/firestore_admin/async_client.py
+18-13Lines changed: 18 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -13,12 +13,16 @@
1313
# See the License for the specific language governing permissions and
1414
# limitations under the License.
1515
#
16-
import logging as std_logging
16+
17+
# DO NOT EDIT THIS FILE OUTSIDE OF `.librarian/generator-input`
18+
# The source of truth for this file is `.librarian/generator-input`
19+
1720
from collections import OrderedDict
21+
import logging as std_logging
1822
import re
1923
from typing import (
20-
Dict,
2124
Callable,
25+
Dict,
2226
Mapping,
2327
MutableMapping,
2428
MutableSequence,
@@ -29,16 +33,15 @@
2933
Union,
3034
)
3135

32-
from google.cloud.firestore_admin_v1 import gapic_version as package_version
33-
34-
from google.api_core.client_options import ClientOptions
3536
from google.api_core import exceptions as core_exceptions
3637
from google.api_core import gapic_v1
3738
from google.api_core import retry_async as retries
39+
from google.api_core.client_options import ClientOptions
3840
from google.auth import credentials as ga_credentials # type: ignore
3941
from google.oauth2 import service_account # type: ignore
4042
import google.protobuf
4143

44+
from google.cloud.firestore_admin_v1 import gapic_version as package_version
4245

4346
try:
4447
OptionalRetry = Union[retries.AsyncRetry, gapic_v1.method._MethodDefault, None]
@@ -47,6 +50,13 @@
4750

4851
from google.api_core import operation as gac_operation # type: ignore
4952
from google.api_core import operation_async # type: ignore
53+
from google.cloud.location import locations_pb2 # type: ignore
54+
from google.longrunning import operations_pb2 # type: ignore
55+
from google.protobuf import duration_pb2 # type: ignore
56+
from google.protobuf import empty_pb2 # type: ignore
57+
from google.protobuf import field_mask_pb2 # type: ignore
58+
from google.protobuf import timestamp_pb2 # type: ignore
59+
5060
from google.cloud.firestore_admin_v1.services.firestore_admin import pagers
5161
from google.cloud.firestore_admin_v1.types import backup
5262
from google.cloud.firestore_admin_v1.types import database
@@ -60,15 +70,10 @@
6070
from google.cloud.firestore_admin_v1.types import schedule
6171
from google.cloud.firestore_admin_v1.types import user_creds
6272
from google.cloud.firestore_admin_v1.types import user_creds as gfa_user_creds
63-
from google.cloud.location import locations_pb2 # type: ignore
64-
from google.longrunning import operations_pb2 # type: ignore
65-
from google.protobuf import duration_pb2 # type: ignore
66-
from google.protobuf import empty_pb2 # type: ignore
67-
from google.protobuf import field_mask_pb2 # type: ignore
68-
from google.protobuf import timestamp_pb2 # type: ignore
69-
from .transports.base import FirestoreAdminTransport, DEFAULT_CLIENT_INFO
70-
from .transports.grpc_asyncio import FirestoreAdminGrpcAsyncIOTransport
73+
7174
from .client import FirestoreAdminClient
75+
from .transports.base import DEFAULT_CLIENT_INFO, FirestoreAdminTransport
76+
from .transports.grpc_asyncio import FirestoreAdminGrpcAsyncIOTransport
7277

7378
try:
7479
from google.api_core import client_logging # type: ignore
Collapse file

‎google/cloud/firestore_admin_v1/services/firestore_admin/client.py‎

Copy file name to clipboardExpand all lines: google/cloud/firestore_admin_v1/services/firestore_admin/client.py
+49-25Lines changed: 49 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -13,15 +13,19 @@
1313
# See the License for the specific language governing permissions and
1414
# limitations under the License.
1515
#
16+
17+
# DO NOT EDIT THIS FILE OUTSIDE OF `.librarian/generator-input`
18+
# The source of truth for this file is `.librarian/generator-input`
19+
1620
from collections import OrderedDict
1721
from http import HTTPStatus
1822
import json
1923
import logging as std_logging
2024
import os
2125
import re
2226
from typing import (
23-
Dict,
2427
Callable,
28+
Dict,
2529
Mapping,
2630
MutableMapping,
2731
MutableSequence,
@@ -34,19 +38,19 @@
3438
)
3539
import warnings
3640

37-
from google.cloud.firestore_admin_v1 import gapic_version as package_version
38-
3941
from google.api_core import client_options as client_options_lib
4042
from google.api_core import exceptions as core_exceptions
4143
from google.api_core import gapic_v1
4244
from google.api_core import retry as retries
4345
from google.auth import credentials as ga_credentials # type: ignore
46+
from google.auth.exceptions import MutualTLSChannelError # type: ignore
4447
from google.auth.transport import mtls # type: ignore
4548
from google.auth.transport.grpc import SslCredentials # type: ignore
46-
from google.auth.exceptions import MutualTLSChannelError # type: ignore
4749
from google.oauth2 import service_account # type: ignore
4850
import google.protobuf
4951

52+
from google.cloud.firestore_admin_v1 import gapic_version as package_version
53+
5054
try:
5155
OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault, None]
5256
except AttributeError: # pragma: NO COVER
@@ -63,6 +67,13 @@
6367

6468
from google.api_core import operation as gac_operation # type: ignore
6569
from google.api_core import operation_async # type: ignore
70+
from google.cloud.location import locations_pb2 # type: ignore
71+
from google.longrunning import operations_pb2 # type: ignore
72+
from google.protobuf import duration_pb2 # type: ignore
73+
from google.protobuf import empty_pb2 # type: ignore
74+
from google.protobuf import field_mask_pb2 # type: ignore
75+
from google.protobuf import timestamp_pb2 # type: ignore
76+
6677
from google.cloud.firestore_admin_v1.services.firestore_admin import pagers
6778
from google.cloud.firestore_admin_v1.types import backup
6879
from google.cloud.firestore_admin_v1.types import database
@@ -76,13 +87,8 @@
7687
from google.cloud.firestore_admin_v1.types import schedule
7788
from google.cloud.firestore_admin_v1.types import user_creds
7889
from google.cloud.firestore_admin_v1.types import user_creds as gfa_user_creds
79-
from google.cloud.location import locations_pb2 # type: ignore
80-
from google.longrunning import operations_pb2 # type: ignore
81-
from google.protobuf import duration_pb2 # type: ignore
82-
from google.protobuf import empty_pb2 # type: ignore
83-
from google.protobuf import field_mask_pb2 # type: ignore
84-
from google.protobuf import timestamp_pb2 # type: ignore
85-
from .transports.base import FirestoreAdminTransport, DEFAULT_CLIENT_INFO
90+
91+
from .transports.base import DEFAULT_CLIENT_INFO, FirestoreAdminTransport
8692
from .transports.grpc import FirestoreAdminGrpcTransport
8793
from .transports.grpc_asyncio import FirestoreAdminGrpcAsyncIOTransport
8894
from .transports.rest import FirestoreAdminRestTransport
@@ -198,6 +204,34 @@ def _get_default_mtls_endpoint(api_endpoint):
198204
_DEFAULT_ENDPOINT_TEMPLATE = "firestore.{UNIVERSE_DOMAIN}"
199205
_DEFAULT_UNIVERSE = "googleapis.com"
200206

207+
@staticmethod
208+
def _use_client_cert_effective():
209+
"""Returns whether client certificate should be used for mTLS if the
210+
google-auth version supports should_use_client_cert automatic mTLS enablement.
211+
212+
Alternatively, read from the GOOGLE_API_USE_CLIENT_CERTIFICATE env var.
213+
214+
Returns:
215+
bool: whether client certificate should be used for mTLS
216+
Raises:
217+
ValueError: (If using a version of google-auth without should_use_client_cert and
218+
GOOGLE_API_USE_CLIENT_CERTIFICATE is set to an unexpected value.)
219+
"""
220+
# check if google-auth version supports should_use_client_cert for automatic mTLS enablement
221+
if hasattr(mtls, "should_use_client_cert"): # pragma: NO COVER
222+
return mtls.should_use_client_cert()
223+
else: # pragma: NO COVER
224+
# if unsupported, fallback to reading from env var
225+
use_client_cert_str = os.getenv(
226+
"GOOGLE_API_USE_CLIENT_CERTIFICATE", "false"
227+
).lower()
228+
if use_client_cert_str not in ("true", "false"):
229+
raise ValueError(
230+
"Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be"
231+
" either `true` or `false`"
232+
)
233+
return use_client_cert_str == "true"
234+
201235
@classmethod
202236
def from_service_account_info(cls, info: dict, *args, **kwargs):
203237
"""Creates an instance of this client using the provided credentials
@@ -555,20 +589,16 @@ def get_mtls_endpoint_and_cert_source(
555589
)
556590
if client_options is None:
557591
client_options = client_options_lib.ClientOptions()
558-
use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false")
592+
use_client_cert = FirestoreAdminClient._use_client_cert_effective()
559593
use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto")
560-
if use_client_cert not in ("true", "false"):
561-
raise ValueError(
562-
"Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`"
563-
)
564594
if use_mtls_endpoint not in ("auto", "never", "always"):
565595
raise MutualTLSChannelError(
566596
"Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`"
567597
)
568598

569599
# Figure out the client cert source to use.
570600
client_cert_source = None
571-
if use_client_cert == "true":
601+
if use_client_cert:
572602
if client_options.client_cert_source:
573603
client_cert_source = client_options.client_cert_source
574604
elif mtls.has_default_client_cert_source():
@@ -600,20 +630,14 @@ def _read_environment_variables():
600630
google.auth.exceptions.MutualTLSChannelError: If GOOGLE_API_USE_MTLS_ENDPOINT
601631
is not any of ["auto", "never", "always"].
602632
"""
603-
use_client_cert = os.getenv(
604-
"GOOGLE_API_USE_CLIENT_CERTIFICATE", "false"
605-
).lower()
633+
use_client_cert = FirestoreAdminClient._use_client_cert_effective()
606634
use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto").lower()
607635
universe_domain_env = os.getenv("GOOGLE_CLOUD_UNIVERSE_DOMAIN")
608-
if use_client_cert not in ("true", "false"):
609-
raise ValueError(
610-
"Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`"
611-
)
612636
if use_mtls_endpoint not in ("auto", "never", "always"):
613637
raise MutualTLSChannelError(
614638
"Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`"
615639
)
616-
return use_client_cert == "true", use_mtls_endpoint, universe_domain_env
640+
return use_client_cert, use_mtls_endpoint, universe_domain_env
617641

618642
@staticmethod
619643
def _get_client_cert_source(provided_cert_source, use_cert_flag):
Collapse file

‎google/cloud/firestore_admin_v1/services/firestore_admin/pagers.py‎

Copy file name to clipboardExpand all lines: google/cloud/firestore_admin_v1/services/firestore_admin/pagers.py
+11-8Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -13,21 +13,26 @@
1313
# See the License for the specific language governing permissions and
1414
# limitations under the License.
1515
#
16-
from google.api_core import gapic_v1
17-
from google.api_core import retry as retries
18-
from google.api_core import retry_async as retries_async
16+
17+
# DO NOT EDIT THIS FILE OUTSIDE OF `.librarian/generator-input`
18+
# The source of truth for this file is `.librarian/generator-input`
19+
1920
from typing import (
2021
Any,
2122
AsyncIterator,
2223
Awaitable,
2324
Callable,
25+
Iterator,
26+
Optional,
2427
Sequence,
2528
Tuple,
26-
Optional,
27-
Iterator,
2829
Union,
2930
)
3031

32+
from google.api_core import gapic_v1
33+
from google.api_core import retry as retries
34+
from google.api_core import retry_async as retries_async
35+
3136
try:
3237
OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault, None]
3338
OptionalAsyncRetry = Union[
@@ -37,9 +42,7 @@
3742
OptionalRetry = Union[retries.Retry, object, None] # type: ignore
3843
OptionalAsyncRetry = Union[retries_async.AsyncRetry, object, None] # type: ignore
3944

40-
from google.cloud.firestore_admin_v1.types import field
41-
from google.cloud.firestore_admin_v1.types import firestore_admin
42-
from google.cloud.firestore_admin_v1.types import index
45+
from google.cloud.firestore_admin_v1.types import field, firestore_admin, index
4346

4447

4548
class ListIndexesPager:
Collapse file

‎google/cloud/firestore_admin_v1/services/firestore_admin/transports/README.rst‎

Copy file name to clipboardExpand all lines: google/cloud/firestore_admin_v1/services/firestore_admin/transports/README.rst
+3Lines changed: 3 additions & 0 deletions
  • Display the source diff
  • Display the rich diff
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
# DO NOT EDIT THIS FILE OUTSIDE OF `.librarian/generator-input`
2+
# The source of truth for this file is `.librarian/generator-input`
3+
14

25
transport inheritance structure
36
_______________________________
Collapse file

‎google/cloud/firestore_admin_v1/services/firestore_admin/transports/__init__.py‎

Copy file name to clipboardExpand all lines: google/cloud/firestore_admin_v1/services/firestore_admin/transports/__init__.py
+5-3Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,15 +13,17 @@
1313
# See the License for the specific language governing permissions and
1414
# limitations under the License.
1515
#
16+
17+
# DO NOT EDIT THIS FILE OUTSIDE OF `.librarian/generator-input`
18+
# The source of truth for this file is `.librarian/generator-input`
19+
1620
from collections import OrderedDict
1721
from typing import Dict, Type
1822

1923
from .base import FirestoreAdminTransport
2024
from .grpc import FirestoreAdminGrpcTransport
2125
from .grpc_asyncio import FirestoreAdminGrpcAsyncIOTransport
22-
from .rest import FirestoreAdminRestTransport
23-
from .rest import FirestoreAdminRestInterceptor
24-
26+
from .rest import FirestoreAdminRestInterceptor, FirestoreAdminRestTransport
2527

2628
# Compile a registry of transports.
2729
_transport_registry = OrderedDict() # type: Dict[str, Type[FirestoreAdminTransport]]
Collapse file

‎google/cloud/firestore_admin_v1/services/firestore_admin/transports/base.py‎

Copy file name to clipboardExpand all lines: google/cloud/firestore_admin_v1/services/firestore_admin/transports/base.py
+18-14Lines changed: 18 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -13,32 +13,36 @@
1313
# See the License for the specific language governing permissions and
1414
# limitations under the License.
1515
#
16+
17+
# DO NOT EDIT THIS FILE OUTSIDE OF `.librarian/generator-input`
18+
# The source of truth for this file is `.librarian/generator-input`
19+
1620
import abc
1721
from typing import Awaitable, Callable, Dict, Optional, Sequence, Union
1822

19-
from google.cloud.firestore_admin_v1 import gapic_version as package_version
20-
21-
import google.auth # type: ignore
2223
import google.api_core
2324
from google.api_core import exceptions as core_exceptions
24-
from google.api_core import gapic_v1
25+
from google.api_core import gapic_v1, operations_v1
2526
from google.api_core import retry as retries
26-
from google.api_core import operations_v1
27+
import google.auth # type: ignore
2728
from google.auth import credentials as ga_credentials # type: ignore
29+
from google.cloud.location import locations_pb2 # type: ignore
30+
from google.longrunning import operations_pb2 # type: ignore
2831
from google.oauth2 import service_account # type: ignore
2932
import google.protobuf
33+
from google.protobuf import empty_pb2 # type: ignore
3034

31-
from google.cloud.firestore_admin_v1.types import backup
32-
from google.cloud.firestore_admin_v1.types import database
33-
from google.cloud.firestore_admin_v1.types import field
34-
from google.cloud.firestore_admin_v1.types import firestore_admin
35-
from google.cloud.firestore_admin_v1.types import index
36-
from google.cloud.firestore_admin_v1.types import schedule
35+
from google.cloud.firestore_admin_v1 import gapic_version as package_version
36+
from google.cloud.firestore_admin_v1.types import (
37+
backup,
38+
database,
39+
field,
40+
firestore_admin,
41+
index,
42+
schedule,
43+
)
3744
from google.cloud.firestore_admin_v1.types import user_creds
3845
from google.cloud.firestore_admin_v1.types import user_creds as gfa_user_creds
39-
from google.cloud.location import locations_pb2 # type: ignore
40-
from google.longrunning import operations_pb2 # type: ignore
41-
from google.protobuf import empty_pb2 # type: ignore
4246

4347
DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(
4448
gapic_version=package_version.__version__

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.