From 8ac41c63e83bb3eb3ffca7077160adf684d98201 Mon Sep 17 00:00:00 2001 From: Chris Broadfoot Date: Tue, 29 May 2018 17:25:18 -0700 Subject: [PATCH 1/5] Storage: add KMS samples --- storage/cloud-client/README.rst | 9 ++++-- storage/cloud-client/requirements.txt | 2 +- storage/cloud-client/snippets.py | 44 +++++++++++++++++++++++++++ storage/cloud-client/snippets_test.py | 12 ++++++++ 4 files changed, 64 insertions(+), 3 deletions(-) diff --git a/storage/cloud-client/README.rst b/storage/cloud-client/README.rst index 5705fd44c2f..eb1e26b6ef4 100644 --- a/storage/cloud-client/README.rst +++ b/storage/cloud-client/README.rst @@ -94,7 +94,7 @@ To run this sample: usage: snippets.py [-h] bucket_name - {create-bucket,delete-bucket,get-bucket-labels,add-bucket-label,remove-bucket-label,list,list-with-prefix,upload,download,delete,metadata,make-public,signed-url,rename,copy} + {create-bucket,delete-bucket,get-bucket-labels,add-bucket-label,remove-bucket-label,list,list-with-prefix,upload,enable-default-kms-key,upload-with-kms-key,download,delete,metadata,make-public,signed-url,rename,copy} ... This application demonstrates how to perform basic operations on blobs @@ -105,7 +105,7 @@ To run this sample: positional arguments: bucket_name Your cloud storage bucket. - {create-bucket,delete-bucket,get-bucket-labels,add-bucket-label,remove-bucket-label,list,list-with-prefix,upload,download,delete,metadata,make-public,signed-url,rename,copy} + {create-bucket,delete-bucket,get-bucket-labels,add-bucket-label,remove-bucket-label,list,list-with-prefix,upload,enable-default-kms-key,upload-with-kms-key,download,delete,metadata,make-public,signed-url,rename,copy} create-bucket Creates a new bucket. delete-bucket Deletes a bucket. The bucket must be empty. get-bucket-labels Prints out a bucket's labels. @@ -124,6 +124,11 @@ To run this sample: However, if you specify prefix='/a' and delimiter='/', you'll get back: /a/1.txt upload Uploads a file to the bucket. + enable-default-kms-key + Sets a bucket's default KMS key. + upload-with-kms-key + Uploads a file to the bucket, encrypting it with the + given KMS key. download Downloads a blob from the bucket. delete Deletes a blob from the bucket. metadata Prints out a blob's metadata. diff --git a/storage/cloud-client/requirements.txt b/storage/cloud-client/requirements.txt index 2aa1cdc9b44..553705c1e0e 100644 --- a/storage/cloud-client/requirements.txt +++ b/storage/cloud-client/requirements.txt @@ -1,2 +1,2 @@ -google-cloud-storage==1.8.0 +google-cloud-storage==1.10.0 google-cloud-pubsub==0.32.1 diff --git a/storage/cloud-client/snippets.py b/storage/cloud-client/snippets.py index 3d490891a4b..8980715ba03 100644 --- a/storage/cloud-client/snippets.py +++ b/storage/cloud-client/snippets.py @@ -43,6 +43,18 @@ def delete_bucket(bucket_name): print('Bucket {} deleted'.format(bucket.name)) +def enable_default_kms_key(bucket_name, kms_key_name): + """Sets a bucket's default KMS key.""" + storage_client = storage.Client() + bucket = storage_client.get_bucket(bucket_name) + bucket.default_kms_key_name = kms_key_name + bucket.patch() + + print('Set default KMS key for bucket {} to {}.'.format( + bucket.name, + bucket.default_kms_key_name)) + + def get_bucket_labels(bucket_name): """Prints out a bucket's labels.""" storage_client = storage.Client() @@ -143,6 +155,20 @@ def upload_blob(bucket_name, source_file_name, destination_blob_name): destination_blob_name)) +def upload_blob_with_kms(bucket_name, source_file_name, destination_blob_name, + kms_key_name): + """Uploads a file to the bucket, encrypting it with the given KMS key.""" + storage_client = storage.Client() + bucket = storage_client.get_bucket(bucket_name) + blob = bucket.blob(destination_blob_name, kms_key_name=kms_key_name) + blob.upload_from_filename(source_file_name) + + print('File {} uploaded to {} with encryption key {}.'.format( + source_file_name, + destination_blob_name, + kms_key_name)) + + def download_blob(bucket_name, source_blob_name, destination_file_name): """Downloads a blob from the bucket.""" storage_client = storage.Client() @@ -277,6 +303,16 @@ def copy_blob(bucket_name, blob_name, new_bucket_name, new_blob_name): upload_parser.add_argument('source_file_name') upload_parser.add_argument('destination_blob_name') + enable_default_kms_parser = subparsers.add_parser( + 'enable-default-kms-key', help=enable_default_kms_key.__doc__) + enable_default_kms_parser.add_argument('kms_key_name') + + upload_kms_parser = subparsers.add_parser( + 'upload-with-kms-key', help=upload_blob_with_kms.__doc__) + upload_kms_parser.add_argument('source_file_name') + upload_kms_parser.add_argument('destination_blob_name') + upload_kms_parser.add_argument('kms_key_name') + download_parser = subparsers.add_parser( 'download', help=download_blob.__doc__) download_parser.add_argument('source_blob_name') @@ -310,6 +346,8 @@ def copy_blob(bucket_name, blob_name, new_bucket_name, new_blob_name): if args.command == 'create-bucket': create_bucket(args.bucket_name) + if args.command == 'enable-default-kms-key': + enable_default_kms_key(args.bucket_name, args.kms_key_name) elif args.command == 'delete-bucket': delete_bucket(args.bucket_name) if args.command == 'get-bucket-labels': @@ -327,6 +365,12 @@ def copy_blob(bucket_name, blob_name, new_bucket_name, new_blob_name): args.bucket_name, args.source_file_name, args.destination_blob_name) + elif args.command == 'upload-with-kms-key': + upload_blob_with_kms( + args.bucket_name, + args.source_file_name, + args.destination_blob_name, + args.kms_key_name) elif args.command == 'download': download_blob( args.bucket_name, diff --git a/storage/cloud-client/snippets_test.py b/storage/cloud-client/snippets_test.py index bf5ecb8e1e8..fde16798fae 100644 --- a/storage/cloud-client/snippets_test.py +++ b/storage/cloud-client/snippets_test.py @@ -23,6 +23,7 @@ import snippets BUCKET = os.environ['CLOUD_STORAGE_BUCKET'] +KMS_KEY = os.environ['CLOUD_KMS_KEY'] def test_get_bucket_labels(): @@ -79,6 +80,17 @@ def test_upload_blob(): 'test_upload_blob') +def test_upload_blob_with_kms(): + with tempfile.NamedTemporaryFile() as source_file: + source_file.write(b'test') + + snippets.upload_blob_with_kms( + BUCKET, + source_file.name, + 'test_upload_blob_encrypted', + KMS_KEY) + + def test_download_blob(test_blob): with tempfile.NamedTemporaryFile() as dest_file: snippets.download_blob( From fdcf93a5b90a3aba3fe0086ddf03108e4f88f994 Mon Sep 17 00:00:00 2001 From: Frank Natividad Date: Mon, 11 Jun 2018 10:30:15 -0700 Subject: [PATCH 2/5] Add CLOUD_KMS_KEY environment variable --- testing/secrets.tar.enc | Bin 6688 -> 3088 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/testing/secrets.tar.enc b/testing/secrets.tar.enc index 4d6d34d2beed36060a1a12ed3d4017df98dbc7fb..f57ce1afea8aa061d8073329729c3c726420650a 100644 GIT binary patch literal 3088 zcmV+r4Da((VQh3|WM5yin4I{rRl_XE?Bx00ezyFh{6Q!y+0Yw(~Z9ui(Bg_hkIMjDpa6H~y}1xBfRzrnMcLh`DebQ;T$=H8KL zP4Z=NIw;-jO~qECz2x+u6)_$wVNq2&5p72OIL=Pd#0BI^c6JQ1M4kidKkV+)=Y`ta zz%4_LdwKwZCvfQc)~0zKEM>118jrE5&<&rabaCPUBQRX&`wTkPJsZi4?0r!Fn#2J6 zx!`Fb$(U#nBBTsgBBA*CwTW~HNzQUc=*VBjn1n)+2@3l7%lBm zDUR4H&rb=+1cahmRirx!U~RrAwD&edbC0?te4$*yR6?0mu^2Vp7R}KMoNQG22C3*^ zm#xq|lO;`NV1KhDlD=*riZ*UxX2Yp8lCJ8%-B1V5Q7!DT^C(L3;0k4aUsOR!i=Qu9 zh%s2?o@b5?n9)RNL?H2jO$qXi;BcWuiDjO@-q^h*(*=yiQLVp|BP2lI`8D1p;U(a4 zKAVF5olOY-2<}T~8u91*ZPnnFZ?`|{GDUu^rtC>2-l9lCFKZGGLXdefJ0c|ChTF-u zJmi5HAqF&gci!zO1#DbOCux9hGg8Un`d1W!wF){(;MW)2?26bt6;TE!8ASs~u?rbM z1Wu?9P#ytAq#7oVdgtCYv+clGMlLVMnc)E!&thhn)<664DU;N7$P&xUmlSG(QTHz! zQA8p|M0AcNVjp`RYHzHpA(bM6nXe;(hIXSrgMx)Ifd_EpWqdnW+m3)_u83$X^30CS zE9p-t9*?~@1^9cR%&AlFf)kD_^_%sA^RwtrC_USrlR%upUjMLf(%m{)4gF^FAo(D-u>{IL`yrr_7&W{Rsx(nxr0uChH=DU!scT4?(IsPO4+{uT_* zO#96hRBSbHE?sM&1v2oio}6!DrU=1>^?YITb)cy#pxup}Ij$&04Fyc4CSfC1XbBQ^ zv$X?Q!^e89I25YO^@(5LWnkSdhQb}`+VA4Nd*OI4mF6CHK0%hHsXViYwTPjE75k}|IVFE$X&hgf8%vMYO!eD zW%gO95*E|Wvp)^uDZ*{TJJiQl5c3fg=$-u;U+TR$ZIYM6GVt^~Mi_ugX@24rGKBXV z20igp+`)%9ktIS=)V1RKC)YAzf~lq~X6vVBC?19jj195A9YtSrV)qgeqA+nLF`NA} z)Iy4*U!){?hE`yle$f=QSz_JAMKiPy4R@Wv8^E3x!CW7Pea;6T)OjYoXw3Qf;l9|y zzsYSzJk~-gB=dG}Kp#)YVk2>dfF7lrdwFk<=6}9)Ad?J(H#(o@+iBv$>X?bqgid5u zPHz(c6?9ZfSrYDyBJC3j6~}XHmuPqGr!AOa!rTG_wJuw2ZgTm=1L(vl0uQ?Wanrq< z@$2FLyTB(7BTd-j~C0( zgqtVeY+3b+Md-c*j?{}F$GKGT zx$1!=E3DJP|LHIp{5uIm@V|oj=bFQnc~yo)cX#Kn%&jV%8&hIQtw>ZH8;pvXN921D zmq_E0PmC9^$rMKKw79&I`3{+gB1-uhA!`t*fF1ua9{i%+Mj)vJY~1h-EN`YxB1xDa zp4CNaRTj&?%({zdtO9m_`%dRZ>>ola&XaXHmWnO>tp60bm8X2V_|(4|Ajf;(*N4A1 zj0eKPYZ^Usrt1X&P`OuS43c?o*14Gg6-{4bJq}U0DzO;J6Aq~L8g_daviX+#Yp%L`z@S_y_^jpsccpca{ zfZdK|lxWVhNVbYL){z{+16jWO{^wyTg3SXJo4Y|XG>Ykc_6jW2U_B!vxg8*@fUXzh zro~4JOpnHMah~>DDqRjtY92@2o)Do+BOy0V9+$O){fBPT6WwoEE36(0%=oG1xZspN z0SJr(m@WXj*rAdsSBhClv=kg*1$<;F$kg-I>7LXV*>;;p;gIxxWRn5Ea+?>j zsa{&0sEe>4n={8$vE0Dc68!x|dSev%IU+zki%SM;2Z(x+??aR#D&NXyG-KV%fQX4OI6+{YnSCqcb1_wK3~F7y}Y z!7ZVdSbi0PU@b{TDe<2k3;U2z4D}4R1ti-#?lTXUB)mh*JMsE(3uXUjxNOMuEv19Q zR%dXv=j3G5`GsBVkU=OSeOh<#E19qjT|`UyMU-Ge#m#|X=9$}lQ zQ9PEF?epuWOpQ}(XOKKL0UQyENLqefqojJ+jsR z37Ny;d-+5$utP(1ea-pdLGp+okj6AAaPD?I)XnhdtDucgDTJCtr zPI1ThHkqETnFVY$?TfIc4p`cr;W<3gxDh``Y%Ie%B~bpz58W>W6ZhS)qweFFX@IK_ znlA@rPD3!0AjM*mN!`g?9Q5S3i?RFwAR)b&9PNSJffj&)svB=kW>b5pyqr)L?jpp@ zNz+T)l1o!5T12mI;BnI!W$$RG>iX=V1<*-AyXb9YnQ;~>VAQXG>_WjcLH}=qLP05W z)ngCT%0n8~$2{*Dk2(iq|DL*EkeWow<+T>`_WW~)sy!kBZW7UE}UHv7Ao}=zG7)p?`)LS&_LPGAWtP(h;~$eBM6S~S<(oiC^oLx z50G*b4*7*>qkhwt9w)A>GQ1_T4P{Ai7a-`{kP*Oq`~(SUxD?&f`_bw~Mn2^sd(AtK zXhl9Qc<+o49!FZz@#W={)Y*?AFk`*0q^3r!=-*K!e(G;QJ1Z{YZhU9GlHsPUWFZoW z5Q)TSr{(vVdz8~SV@C)9hq=>O3*SzetVORHysg;EglPa3#QUkINsB_;SSttRo?gCC z9_rzJgC*SY**?g%k-E%DP{M`v`V5j5LMLYt7x)13zN>(dl9gUSWRO$n<=#;b0} zVP9LfVYdpnNw_11sT#6a{rB2dZ;daA{;SKE>ttb=&&?sL&`%}5dV7_he^;IOG5gS^ zw<-sa|D$~>fO|}_$tN_nwL=^G9^36DKF*e+2($s+TNe2Ki0r-%v%FDrxx3Ll$FAeW zf43{q_x($h%#{nlA6187fNC$|QRNiNkH^fAh!ebi!>KeX@~_SGrRp#b0Xx%6bq}f5 zu6pl(pplVdKm@;z)cy{}{AAoRJiYob{6_RsqLlfOce{YMDjxnmfS&{<-fFpyt#t*{ z&@4{ViS6cM9yhQsZ7@qb-6!oiV{}D(=6ihL00TFq)&LXq`*_(2`kZ$At7wHSWw)3v z!)#5(Ju}Ze@C@R`3c^?YO0X!JZ(Ttds(eoT?7!JJ7hgA76GS=31Zl&M#U>zV)ojnr_DEl9BoPR5htqBhlF2IYCPO^oZQ&j?ge~b=3o_n1UY=I{m z=<~$xiw}|QCG}C8pL{{lC8Q;zl-$v@{&%Oh$L0p0CfMz*+7meAl-e_2n)payL8S?i z7g}+7x$O<~lyL)v*Qo_0a+=PjeyEcNCYCsas`oT4nb(yu_FBR=v+E4aE*(!2ye{xN zy)-Ba_kvfbpQ#OVBdp@!@pp!y2Z`7a(z! z{vH!#GXtbo9OY^+T^m)0)JTVFikO$}m?DdhVq0Z>5LG{%ao1`NoS*zx}6Y%+68lJ54S~@S`7*UN9u8|Hi#U=eoFBEbLj;YILM+pe)jy18k4m651(VMBmn=s&raSJyEG^v-Ks{aagarE& z7uC${pMw-^EGH?3;LegAI`o49tj9U3T zLgPEXmkX=V^Lgm`5n!y6{v`TG5n7V_q0RO}pIU?n9*?(sKCAFQT*Z19J7|03Qfz6f zLy;RM2b{ab6nWC4Q?^Q+nmcL8cXY|7r-h{4UriDVKo~aqL#Odiv%8E_nr65++WH4*j}(joF#@Grwir<> z&tlcZgm_}Dl~r0znpuQK=c^upVhrLVY`g?G46LXI`+?)vl2oAe)}JZ5!F$u~K8(H) z$^W`176f9N9kIpx7)l1^V}a&kB$X^&&DJWTyVN+RRnLrqKtH#0u28O+$lfpNQb-pc zJC41&2BLk)8^uoBpn74irRbg*S<^MkvvB1n>lb1&Ez-lqFXh>ibt|IOT^G9)2nsp}?N97^g|h z63~jY0@6#N7<+6#--b7z3Ey9Hg~A3T({V!__HAfjS_Kny;lY*^!+du$T>gbiLXDuSdO6e3d$Jr0y_l4@d;MX0U;%_9^9$_ zSJFbBtk5?C>%7Cf?LakUoaZMx(~21o%Xr#?egYG4-XrUou5BoqDeg+I}H{N(P0DQh8i(e z9d>_9DGvM>m|c7+oyR@W0Ym%8SMT1s566{@uS*n@XtrDBc2ls%2VAIhm|bH$K2?gW z0|61h31|4lm~>9i$_xAN6;7{IUiZMX@S8tgP+Aiv3nU)t>aA=w>vhi%t1L6?4R!$C z3R9VX_xLpx;IMx+hVS~swXUlGqWjQ3KbgO0JBI!N$5SB3n47LBo&QfXmE!R$@Hchp zDZB!$9e`e}hXJ;EdhZ5m5g2=Ga$CY66dE1jkz>EZ-r-XLTWv~9RGaw*2Le#XKx5I; zuqyN|^{ifmbNN9jQO6xqyj5a_q0I;_P6+D_>D64iFkh)cs|YCfIPkBr`yXnC5{M)b z@T^5nceLj{PDIsH&wb@Dj1v^lh3 z4H!Bq-ZZgva{{YtIS;znY3qm!X?<>SGf^{!$Zn(qk&VOR0WiFkMH!boq_P~T4?@X3 z)3X7(ZxNL87XnEB?*V78-!Tg~`TnA;UP<-h5i`HjSqQT)p>H%CJZZ?=1RKn|6>(@n zs#{Mv=c;R2_;r3O_&{j6_Y35+)=)7N$-=X;=P)P?YDL4r6; zB~$dq|CWi);Fo{pR3OPsja(ELqBRZmRZZ$D&H)P+wMQ!_VsuFyn0F->1l7UH&w;}1 zW=r!7)-M1*Wbb?mI*?sVWl7+staOP&T?U0?!CZzWo^xOk1aOL1H^vn65Xztqr~Qy?U^4r9E0l3|L=CY;(^mcX4i>rOdhiKRNz?@Aazd$IjI$Lx z_7EBQMBdL!LYr&uHB#$g3fEh_nfTZgoV`%i(Rnw)yqGcs@yZESu3mbTU=WQy`--D-)ZExl>)>$-IO zrl<)6B~*DI!mW7|Y06`f^zINGLXeAhy3ZGA1~xevhgpv+h8DU{k9C%Xp*|rIYXQtILGn z@B7KB40>_$$d?Zc-KPfQu8zWiZ6a{_0nVA+>FJtFA1vIl+*>y{%GRy561XC~;j@Qk z|Ch?-A=M9Oy z3O?H%A+$6b4+RB#oP`Uvm?mbN#!xP>{qRlu&Qn&PUAzN8#KIYeC(Y-M7jUit;+(o| zgd0-578XjKZ8~wxE5mf@+;(sOV;o0)CHEh@v?x^z%bF;=66cE3IV9Tfo+&k68uDwX zv2!|Mb|Lz3U0W7R5g3p*0$3b_FHWKfE6rCieT9ua)3;AH46K@x!zo5iFA`k@f zjnVrWu=Ai5gM|pIo6NV8d~}r@j8(?mN-t?Wnv{Eq=)J|98PMjc3tPg=b50rel=@9d zB6W7$%3_Z+^w~HYZ0!$qQmcxbctKdS1C@UgaC`muVL%Jt^(KqzC z|Ij+5xbnD^DE)^B7hw-b^8)O3vGJ^rBd{4Rkba}(*a5R_h#ziCUy0$SsA!pZzwhaV ze(!#-Z5mv)>ahURzTX&ypzjqvXzmTbOk4$8I_D!3o*O zg?OznBVd<|K@IzO;S}80m{CGKA}wBaNtv5)XCe;|^I#s&VZA3}3yxp)(+msLX>WaU zbJerWsox0(>#mI}g>P8Y`cDQL&9Fn7?9n||Kyw)b8vc-R+Fwnc%ZD#HRV6z^;IdxB z_N?34dV25i`APg!P{b(Q2ypU*o1&7oQPuyREx)=-)2L)UMzZ++9;akKiZ%c7*xitP zd3@~tB5VQRhqeXmX9|@>xY@qkR-yG}?HmJee!)#Xc+Z(**s83ah9*)xA? zlC|7Wl1$cd&S^fhNykj+ycBd4t~=-6!2NPg=VkQ1S(qrkPT6Sxmxr~H_y3`aC^Wi| z%)}k9wvn4ATmb+T8{>f{E2GPd5{bd6*_Mzm`p~i3`QCH2X8S!IemmPVun~-v$KX%xG8$Fg(TncD#7!_DO~_kx*HU+oEp!gnzES zUlm^-*#cGU3r-S&BqHD8D6(;pA4-45Vww5s+&`zlZDH`FV0E|?*BPbOk9k)1G$6%f zE%24C}bdW zS{+@!jI8wAtSlPGWC`HoPaGv&clT-}^6^4hM3IS9Ht)9kbciQeeT3fs|9p4;lqm3~ zBmhASRB$~z&XP|&JbdmhG$Hmw(J?h1((lvrI9DaZd`-PF8I7RF*R++hL;7}-jw<)TA7KE`X%R?)VB4C-@_4qi? zC}1FIrxY5Vk%_y+gRRRUk+K}?FRgk|2b@4qp7i{y9wQ9Ka;llfp!$ovXD;06kL5I1 zYx8^ygm%GD$?Ez|6R<1iD8&iD5slDKsF3dv)NL6cwq^Fe=PI(SYb#>;C863s*Lq)g zLTAdp8BHvFIY_)Anz1g_%w@EVY&%?uwro-;R3Ed&?m0l%#vN^_`j1J{e{v?+dkGh$^;3aM)$q=vqyA0V*V}+ITviO= zV(go-$pa8!lU4g3N*~-GKBB4fN4J!?&Qq;<1uDqxRW+RjM+j{hyqyrVT(?o*6<&WP zp&(kH^%DUH`k^6x5`SNNC0OTyJAAFMCl$01rhKLc*|Ms#pCz)-L3WFOg6)?qF@~gw z2N>vb&iz`Q_^w*k3#T<-ZZ$8+VNXREs~%xB18fSxxL;*`=0S-8rdb+YG5d zh#<|bdcZ*%R4|en<8U}ZrK!P;y2e#k9 z38WzSb4K-nUMFSrwBi^OitUSq8`^OFXqxLL02IcG8@vEM77l1PTGrAAB`Po&yy;!z z!<%ndzgkEHxfYzP427Q^%qP>Qr$tN)b%&Sd+lI>4hi^qf)?-2yeJ%}F?H|&K*;ccD=bX{>WCo^CI zjNuoO|89@3lN(!r#JT>N{qrupZa zH!#+oDFv#V0UC0zglPi`wssd2i*;5oYfGJ#Xnlz8lwW7rqzw<<;E!u4K0DYp3ctME zVlnX5UVp4zBrRG2{2gH=MVlD@a7WAMhMRHK2syvbYFWL)v>}f zLb1K-TEY0qK1xb;yaM_~58F(!$x5#~?nNu4jfwi2T3jJaoSxEJh<+qkn^(f!>4hxb z>&3MT@%h#-!}>{HMxJeX*46g5f`4;vUbCDcmZm(C_epQNH;2P$vFEs;?n|E$DImMx zh5oovkWQD1+u4nQPb=adLF7|0hhb7J=n#gNc-6D4m2ad+O+eDJ4r@yS1cSo*L7f}o qkC|byc<`w@B2!gVbijYfmOU=9P35cep&d6hmCSufgynLN)MIuwvhgke From 2c595c2fc122b6b21d5e9eab07cdc00deb5fecb9 Mon Sep 17 00:00:00 2001 From: Frank Natividad Date: Mon, 11 Jun 2018 10:37:27 -0700 Subject: [PATCH 3/5] Add region tags around samples --- storage/cloud-client/snippets.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/storage/cloud-client/snippets.py b/storage/cloud-client/snippets.py index 8980715ba03..89434bd859a 100644 --- a/storage/cloud-client/snippets.py +++ b/storage/cloud-client/snippets.py @@ -44,6 +44,7 @@ def delete_bucket(bucket_name): def enable_default_kms_key(bucket_name, kms_key_name): + # [START storage_set_bucket_default_kms_key] """Sets a bucket's default KMS key.""" storage_client = storage.Client() bucket = storage_client.get_bucket(bucket_name) @@ -53,6 +54,7 @@ def enable_default_kms_key(bucket_name, kms_key_name): print('Set default KMS key for bucket {} to {}.'.format( bucket.name, bucket.default_kms_key_name)) + # [END storage_set_bucket_default_kms_key] def get_bucket_labels(bucket_name): @@ -157,6 +159,7 @@ def upload_blob(bucket_name, source_file_name, destination_blob_name): def upload_blob_with_kms(bucket_name, source_file_name, destination_blob_name, kms_key_name): + # [START storage_upload_with_kms_key] """Uploads a file to the bucket, encrypting it with the given KMS key.""" storage_client = storage.Client() bucket = storage_client.get_bucket(bucket_name) @@ -167,6 +170,7 @@ def upload_blob_with_kms(bucket_name, source_file_name, destination_blob_name, source_file_name, destination_blob_name, kms_key_name)) + # [END storage_upload_with_kms_key] def download_blob(bucket_name, source_blob_name, destination_file_name): From 01fed508a95ce0071e2f903d13bb7f4391f783ed Mon Sep 17 00:00:00 2001 From: Frank Natividad Date: Mon, 11 Jun 2018 11:09:55 -0700 Subject: [PATCH 4/5] Add more testing --- storage/cloud-client/snippets_test.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/storage/cloud-client/snippets_test.py b/storage/cloud-client/snippets_test.py index fde16798fae..24a0699a92c 100644 --- a/storage/cloud-client/snippets_test.py +++ b/storage/cloud-client/snippets_test.py @@ -25,6 +25,16 @@ BUCKET = os.environ['CLOUD_STORAGE_BUCKET'] KMS_KEY = os.environ['CLOUD_KMS_KEY'] +def test_enable_default_kms_key(): + snippets.enable_default_kms_key( + bucket_name=BUCKET, + kms_key_name=KMS_KEY) + + bucket = storage.Client().bucket(BUCKET) + assert bucket.default_kms_key_name.startswith(KMS_KEY) + bucket.default_kms_key_name = null + bucket.patch() + def test_get_bucket_labels(): snippets.get_bucket_labels(BUCKET) @@ -90,6 +100,10 @@ def test_upload_blob_with_kms(): 'test_upload_blob_encrypted', KMS_KEY) + bucket = storage.Client().bucket(BUCKET) + kms_blob = bucket.get_blob('test_upload_blob_encrypted') + assert kms_blob.kms_key_name.startwith(KMS_KEY) + def test_download_blob(test_blob): with tempfile.NamedTemporaryFile() as dest_file: From 74704936b37036a845f6843b5308fff58f608dc5 Mon Sep 17 00:00:00 2001 From: Frank Natividad Date: Mon, 11 Jun 2018 11:19:40 -0700 Subject: [PATCH 5/5] Fix tests and lint --- storage/cloud-client/snippets_test.py | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/storage/cloud-client/snippets_test.py b/storage/cloud-client/snippets_test.py index 24a0699a92c..dc97b084fd8 100644 --- a/storage/cloud-client/snippets_test.py +++ b/storage/cloud-client/snippets_test.py @@ -25,14 +25,14 @@ BUCKET = os.environ['CLOUD_STORAGE_BUCKET'] KMS_KEY = os.environ['CLOUD_KMS_KEY'] + def test_enable_default_kms_key(): snippets.enable_default_kms_key( bucket_name=BUCKET, kms_key_name=KMS_KEY) - - bucket = storage.Client().bucket(BUCKET) + bucket = storage.Client().get_bucket(BUCKET) assert bucket.default_kms_key_name.startswith(KMS_KEY) - bucket.default_kms_key_name = null + bucket.default_kms_key_name = None bucket.patch() @@ -93,16 +93,14 @@ def test_upload_blob(): def test_upload_blob_with_kms(): with tempfile.NamedTemporaryFile() as source_file: source_file.write(b'test') - snippets.upload_blob_with_kms( BUCKET, source_file.name, 'test_upload_blob_encrypted', KMS_KEY) - - bucket = storage.Client().bucket(BUCKET) + bucket = storage.Client().bucket(BUCKET) kms_blob = bucket.get_blob('test_upload_blob_encrypted') - assert kms_blob.kms_key_name.startwith(KMS_KEY) + assert kms_blob.kms_key_name.startswith(KMS_KEY) def test_download_blob(test_blob):