Skip to content

fix(gcs): do not skip signing with allow_anonymous#4979

Merged
Xuanwo merged 2 commits intoapache:mainfrom
jdockerty:fix/gcs-allow-anonymous
Aug 7, 2024
Merged

fix(gcs): do not skip signing with allow_anonymous#4979
Xuanwo merged 2 commits intoapache:mainfrom
jdockerty:fix/gcs-allow-anonymous

Conversation

@jdockerty
Copy link
Copy Markdown
Contributor

@jdockerty jdockerty commented Aug 7, 2024
edited
Loading

Which issue does this PR close?

Fixes an oversight I made in #4965

Rationale for this change

allow_anonymous is for allowing access when explicitly allowed and credentials are not given (e.g. public buckets) and not for skipping signing entirely.

@jdockerty jdockerty requested a review from Xuanwo as a code owner August 7, 2024 16:20
@github-actions github-actions Bot added the releases-note/fix The PR fixes a bug or has a title that begins with "fix" label Aug 7, 2024
@jdockerty jdockerty mentioned this pull request Aug 7, 2024
Merged
Xuanwo
Xuanwo reviewed Aug 7, 2024
View reviewed changes
Comment thread core/src/services/gcs/core.rs
}

pub async fn sign<T>(&self, req: &mut Request<T>) -> Result<()> {
if self.allow_anonymous {
Copy link
Copy Markdown
Member

@Xuanwo Xuanwo Aug 7, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks so much for the quick fix. Could you also help with load_token? I think the logic should be to skip signing if token.is_none(). Additionally, load_token should correctly manage allow_anonymous.

Copy link
Copy Markdown
Contributor Author

@jdockerty jdockerty Aug 7, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

skip signing if token.is_none()

I believe this is for the other PR which introduces the token: Option<String> field?

Copy link
Copy Markdown
Member

@Xuanwo Xuanwo Aug 7, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this is for the other PR which introduces the token: Option<String> field?

I mean:

  • load_token() should return Result<Option<GoogleToken>>
  • if self.token is Some(), we should return it first load_token. (this can be done in the other PR)
  • If load_token() returns None, sign should skip it.

Copy link
Copy Markdown
Contributor Author

@jdockerty jdockerty Aug 7, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah yeah, I believe we're talking about the same things here.

I pushed 54c1ae8 just as you wrote this. I believe this covers what you mention here.

Copy link
Copy Markdown
Member

@Xuanwo Xuanwo Aug 7, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great, thanks!

Xuanwo
Xuanwo approved these changes Aug 7, 2024
View reviewed changes
Copy link
Copy Markdown
Member

@Xuanwo Xuanwo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me now, thanks a lot!

@Xuanwo
Copy link
Copy Markdown
Member

Xuanwo commented Aug 7, 2024
edited
Loading

This is the last PR I gonna to merge today. 00::39 AM now ❤️

I will review your other PR tomorrow.

@jdockerty
Copy link
Copy Markdown
Contributor Author

jdockerty commented Aug 7, 2024

No problem! Get some sleep 🚀

@Xuanwo Xuanwo merged commit 1f4c119 into apache:main Aug 7, 2024
@jdockerty jdockerty deleted the fix/gcs-allow-anonymous branch August 7, 2024 16:42
@jdockerty
Copy link
Copy Markdown
Contributor Author

jdockerty commented Aug 9, 2024
edited
Loading

@Xuanwo If you don't mind, as a small follow-up on this one.

Do I understand rightly that I need slightly alter how the load_token function works here with allow_anonymous.

Reading the Java implementation from Iceberg's FileIO, the GCS_NO_AUTH here is explicitly set for testing purposes and allows no credentials.

I think the equivalent of that here is that the load_token function returns instantly when GCS_NO_AUTH is set, or am I misunderstanding this?

impl GcsCore {
    async fn load_token(&self) -> Result<Option<GoogleToken>> {
        if self.allow_anonymous {
          return Ok(None);
        }
        // proceed to load...

I ask because the tests I have for the iceberg-rust PR with GCS_NO_AUTH no longer work after using latest changes on main (which includes this PR), but I think it is because I've muddled up the meaning of GCS_NO_AUTH and anonymous access.

@Xuanwo
Copy link
Copy Markdown
Member

Xuanwo commented Aug 9, 2024

Hi @jdockerty, I believe GCS_NO_AUTH should be equivalent to allow_anonymous + disable_vm_metadata + disable_config_load.

@jdockerty
Copy link
Copy Markdown
Contributor Author

jdockerty commented Aug 9, 2024

Ah! Thank you, that is the piece I was missing 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Xuanwo Xuanwo Xuanwo approved these changes

Assignees

No one assigned

Labels

releases-note/fix The PR fixes a bug or has a title that begins with "fix"

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jdockerty @Xuanwo