channelConfigurator;
+ /*
+ * Experimental feature
+ *
+ * {@link HardBoundTokenTypes} specifies if hard bound tokens should be used if DirectPath
+ * or S2A is used to estabilsh a connection to Google APIs.
+ *
+ */
+ @InternalApi
+ public enum HardBoundTokenTypes {
+ // If DirectPath is used to create the channel, use hard ALTS-bound tokens for requests sent on
+ // that channel.
+ ALTS,
+ // If MTLS via S2A is used to create the channel, use hard MTLS-bound tokens for requests sent
+ // on that channel.
+ MTLS_S2A
+ }
+
private InstantiatingGrpcChannelProvider(Builder builder) {
this.processorCount = builder.processorCount;
this.executor = builder.executor;
this.headerProvider = builder.headerProvider;
+ this.useS2A = builder.useS2A;
this.endpoint = builder.endpoint;
+ this.allowedHardBoundTokenTypes = builder.allowedHardBoundTokenTypes;
this.mtlsProvider = builder.mtlsProvider;
+ this.s2aConfigProvider = builder.s2aConfigProvider;
this.envProvider = builder.envProvider;
this.interceptorProvider = builder.interceptorProvider;
this.maxInboundMessageSize = builder.maxInboundMessageSize;
@@ -225,6 +266,17 @@ public TransportChannelProvider withEndpoint(String endpoint) {
return toBuilder().setEndpoint(endpoint).build();
}
+ /**
+ * Specify whether or not to use S2A.
+ *
+ * @param useS2A
+ * @return A new {@link InstantiatingGrpcChannelProvider} with useS2A set.
+ */
+ @Override
+ public TransportChannelProvider withUseS2A(boolean useS2A) {
+ return toBuilder().setUseS2A(useS2A).build();
+ }
+
/** @deprecated Please modify pool settings via {@link #toBuilder()} */
@Deprecated
@Override
@@ -410,6 +462,136 @@ ChannelCredentials createMtlsChannelCredentials() throws IOException, GeneralSec
return null;
}
+ /**
+ * Create the S2A-Secured Channel credentials. Load the API using reflection. Once the S2A API is
+ * stable in gRPC-Java, all callers of this method can simply use the S2A APIs directly and this
+ * method can be deleted.
+ *
+ * @param s2aAddress the address of the S2A server used to secure the connection.
+ * @param s2aChannelCredentials the credentials to be used when connecting to the S2A.
+ * @return {@code ChannelCredentials} instance.
+ */
+ ChannelCredentials buildS2AChannelCredentials(
+ String s2aAddress, ChannelCredentials s2aChannelCredentials) {
+ try {
+ // Load the S2A API.
+ Class s2aChannelCreds = Class.forName("io.grpc.s2a.S2AChannelCredentials");
+ Class s2aChannelCredsBuilder = Class.forName("io.grpc.s2a.S2AChannelCredentials$Builder");
+
+ // Load and invoke the S2A API methods.
+ Class[] partypes = new Class[2];
+ partypes[0] = String.class;
+ partypes[1] = ChannelCredentials.class;
+ Method newBuilder = s2aChannelCreds.getMethod("newBuilder", partypes);
+ Object arglist[] = new Object[2];
+ arglist[0] = s2aAddress;
+ arglist[1] = s2aChannelCredentials;
+ Object retObjBuilder = newBuilder.invoke(null, arglist);
+ Method build = s2aChannelCredsBuilder.getMethod("build", null);
+ Object retObjCreds = build.invoke(retObjBuilder, null);
+ return (ChannelCredentials) retObjCreds;
+ } catch (Throwable t) {
+ LOG.log(
+ Level.WARNING,
+ "Falling back to default (TLS without S2A) because S2A APIs cannot be used: "
+ + t.getMessage());
+ return null;
+ }
+ }
+
+ /**
+ * This method creates {@link TlsChannelCredentials} to be used by the client to establish an mTLS
+ * connection to S2A. Returns null if any of {@param trustBundle}, {@param privateKey} or {@param
+ * certChain} are missing.
+ *
+ * @param trustBundle the trust bundle to be used to establish the client -> S2A mTLS connection
+ * @param privateKey the client's private key to be used to establish the client -> S2A mtls
+ * connection
+ * @param certChain the client's cert chain to be used to establish the client -> S2A mtls
+ * connection
+ * @return {@link ChannelCredentials} to use to create an mtls connection between client and S2A
+ * @throws IOException on error
+ */
+ @VisibleForTesting
+ ChannelCredentials createMtlsToS2AChannelCredentials(
+ File trustBundle, File privateKey, File certChain) throws IOException {
+ if (trustBundle == null || privateKey == null || certChain == null) {
+ return null;
+ }
+ return TlsChannelCredentials.newBuilder()
+ .keyManager(privateKey, certChain)
+ .trustManager(trustBundle)
+ .build();
+ }
+
+ /**
+ * This method creates {@link ChannelCredentials} to be used by client to establish a plaintext
+ * connection to S2A. if {@param plaintextAddress} is not present, returns null.
+ *
+ * @param plaintextAddress the address to reach S2A which accepts plaintext connections
+ * @return {@link ChannelCredentials} to use to create a plaintext connection between client and
+ * S2A
+ */
+ ChannelCredentials createPlaintextToS2AChannelCredentials(String plaintextAddress) {
+ if (Strings.isNullOrEmpty(plaintextAddress)) {
+ return null;
+ }
+ return buildS2AChannelCredentials(plaintextAddress, InsecureChannelCredentials.create());
+ }
+
+ /**
+ * This method creates gRPC {@link ChannelCredentials} configured to use S2A to estbalish a mTLS
+ * connection. First, the address of S2A is discovered by using the {@link S2A} utility to learn
+ * the {@code mtlsAddress} to reach S2A and the {@code plaintextAddress} to reach S2A. Prefer to
+ * use the {@code mtlsAddress} address to reach S2A if it is non-empty and the MTLS-MDS
+ * credentials can successfully be discovered and used to create {@link TlsChannelCredentials}. If
+ * there is any failure using mTLS-to-S2A, fallback to using a plaintext connection to S2A using
+ * the {@code plaintextAddress}. If {@code plaintextAddress} is not available, this function
+ * returns null; in this case S2A will not be used, and a TLS connection to the service will be
+ * established.
+ *
+ * @return {@link ChannelCredentials} configured to use S2A to create mTLS connection.
+ */
+ ChannelCredentials createS2ASecuredChannelCredentials() {
+ SecureSessionAgentConfig config = s2aConfigProvider.getConfig();
+ String plaintextAddress = config.getPlaintextAddress();
+ String mtlsAddress = config.getMtlsAddress();
+ if (Strings.isNullOrEmpty(mtlsAddress)) {
+ // Fallback to plaintext connection to S2A.
+ LOG.log(
+ Level.INFO,
+ "Cannot establish an mTLS connection to S2A because autoconfig endpoint did not return a mtls address to reach S2A.");
+ return createPlaintextToS2AChannelCredentials(plaintextAddress);
+ }
+ // Currently, MTLS to MDS is only available on GCE. See:
+ // https://cloud.google.com/compute/docs/metadata/overview#https-mds
+ // Try to load MTLS-MDS creds.
+ File rootFile = new File(MTLS_MDS_ROOT_PATH);
+ File certKeyFile = new File(MTLS_MDS_CERT_CHAIN_AND_KEY_PATH);
+ if (rootFile.isFile() && certKeyFile.isFile()) {
+ // Try to connect to S2A using mTLS.
+ ChannelCredentials mtlsToS2AChannelCredentials = null;
+ try {
+ mtlsToS2AChannelCredentials =
+ createMtlsToS2AChannelCredentials(rootFile, certKeyFile, certKeyFile);
+ } catch (IOException ignore) {
+ // Fallback to plaintext-to-S2A connection on error.
+ LOG.log(
+ Level.WARNING,
+ "Cannot establish an mTLS connection to S2A due to error creating MTLS to MDS TlsChannelCredentials credentials, falling back to plaintext connection to S2A: "
+ + ignore.getMessage());
+ return createPlaintextToS2AChannelCredentials(plaintextAddress);
+ }
+ return buildS2AChannelCredentials(mtlsAddress, mtlsToS2AChannelCredentials);
+ } else {
+ // Fallback to plaintext-to-S2A connection if MTLS-MDS creds do not exist.
+ LOG.log(
+ Level.INFO,
+ "Cannot establish an mTLS connection to S2A because MTLS to MDS credentials do not exist on filesystem, falling back to plaintext connection to S2A");
+ return createPlaintextToS2AChannelCredentials(plaintextAddress);
+ }
+ }
+
private ManagedChannel createSingleChannel() throws IOException {
GrpcHeaderInterceptor headerInterceptor =
new GrpcHeaderInterceptor(headersWithDuplicatesRemoved);
@@ -449,14 +631,28 @@ private ManagedChannel createSingleChannel() throws IOException {
} else {
ChannelCredentials channelCredentials;
try {
+ // Try and create credentials via DCA. See https://google.aip.dev/auth/4114.
channelCredentials = createMtlsChannelCredentials();
} catch (GeneralSecurityException e) {
throw new IOException(e);
}
if (channelCredentials != null) {
+ // Create the channel using channel credentials created via DCA.
builder = Grpc.newChannelBuilder(endpoint, channelCredentials);
} else {
- builder = ManagedChannelBuilder.forAddress(serviceAddress, port);
+ // Could not create channel credentials via DCA. In accordance with
+ // https://google.aip.dev/auth/4115, if credentials not available through
+ // DCA, try mTLS with credentials held by the S2A (Secure Session Agent).
+ if (useS2A) {
+ channelCredentials = createS2ASecuredChannelCredentials();
+ }
+ if (channelCredentials != null) {
+ // Create the channel using S2A-secured channel credentials.
+ builder = Grpc.newChannelBuilder(endpoint, channelCredentials);
+ } else {
+ // Use default if we cannot initialize channel credentials via DCA or S2A.
+ builder = ManagedChannelBuilder.forAddress(serviceAddress, port);
+ }
}
}
// google-c2p resolver requires service config lookup
@@ -604,7 +800,9 @@ public static final class Builder {
private Executor executor;
private HeaderProvider headerProvider;
private String endpoint;
+ private boolean useS2A;
private EnvironmentProvider envProvider;
+ private SecureSessionAgent s2aConfigProvider = SecureSessionAgent.create();
private MtlsProvider mtlsProvider = new MtlsProvider();
@Nullable private GrpcInterceptorProvider interceptorProvider;
@Nullable private Integer maxInboundMessageSize;
@@ -620,6 +818,7 @@ public static final class Builder {
@Nullable private Boolean attemptDirectPathXds;
@Nullable private Boolean allowNonDefaultServiceAccount;
@Nullable private ImmutableMap directPathServiceConfig;
+ @Nullable private List allowedHardBoundTokenTypes;
private Builder() {
processorCount = Runtime.getRuntime().availableProcessors();
@@ -632,6 +831,7 @@ private Builder(InstantiatingGrpcChannelProvider provider) {
this.executor = provider.executor;
this.headerProvider = provider.headerProvider;
this.endpoint = provider.endpoint;
+ this.useS2A = provider.useS2A;
this.envProvider = provider.envProvider;
this.interceptorProvider = provider.interceptorProvider;
this.maxInboundMessageSize = provider.maxInboundMessageSize;
@@ -648,6 +848,7 @@ private Builder(InstantiatingGrpcChannelProvider provider) {
this.allowNonDefaultServiceAccount = provider.allowNonDefaultServiceAccount;
this.directPathServiceConfig = provider.directPathServiceConfig;
this.mtlsProvider = provider.mtlsProvider;
+ this.s2aConfigProvider = provider.s2aConfigProvider;
}
/**
@@ -700,12 +901,35 @@ public Builder setEndpoint(String endpoint) {
return this;
}
+ Builder setUseS2A(boolean useS2A) {
+ this.useS2A = useS2A;
+ return this;
+ }
+ /*
+ * Sets the allowed hard bound token types for this TransportChannelProvider.
+ *
+ * The list of
+ * {@link HardBoundTokenTypes} indicates for which methods of connecting to Google APIs hard bound tokens should
+ * be used. This is optional; if it is not provided, bearer tokens will be used.
+ */
+ @InternalApi
+ public Builder setAllowHardBoundTokenTypes(List allowedValues) {
+ this.allowedHardBoundTokenTypes = allowedValues;
+ return this;
+ }
+
@VisibleForTesting
Builder setMtlsProvider(MtlsProvider mtlsProvider) {
this.mtlsProvider = mtlsProvider;
return this;
}
+ @VisibleForTesting
+ Builder setS2AConfigProvider(SecureSessionAgent s2aConfigProvider) {
+ this.s2aConfigProvider = s2aConfigProvider;
+ return this;
+ }
+
/**
* Sets the GrpcInterceptorProvider for this TransportChannelProvider.
*
diff --git a/gax-java/gax-grpc/src/main/java/com/google/api/gax/grpc/nativeimage/GrpcNettyFeature.java b/gax-java/gax-grpc/src/main/java/com/google/api/gax/grpc/nativeimage/GrpcNettyFeature.java
index bbd899b284..fa8fa77d24 100644
--- a/gax-java/gax-grpc/src/main/java/com/google/api/gax/grpc/nativeimage/GrpcNettyFeature.java
+++ b/gax-java/gax-grpc/src/main/java/com/google/api/gax/grpc/nativeimage/GrpcNettyFeature.java
@@ -167,7 +167,7 @@ private static void loadGrpcNettyClasses(BeforeAnalysisAccess access) {
private static void loadMiscClasses(BeforeAnalysisAccess access) {
registerClassHierarchyForReflection(access, "com.google.protobuf.DescriptorProtos");
registerClassForReflection(access, "com.google.api.FieldBehavior");
-
+ registerClassForReflection(access, "java.time.Instant");
registerForUnsafeFieldAccess(access, "javax.net.ssl.SSLContext", "contextSpi");
}
}
diff --git a/gax-java/gax-grpc/src/test/java/com/google/api/gax/grpc/GrpcLongRunningTest.java b/gax-java/gax-grpc/src/test/java/com/google/api/gax/grpc/GrpcLongRunningTest.java
index 241f90b08a..ac88e4acec 100644
--- a/gax-java/gax-grpc/src/test/java/com/google/api/gax/grpc/GrpcLongRunningTest.java
+++ b/gax-java/gax-grpc/src/test/java/com/google/api/gax/grpc/GrpcLongRunningTest.java
@@ -101,6 +101,8 @@ void setUp() throws IOException {
TransportChannel transportChannel =
GrpcTransportChannel.newBuilder().setManagedChannel(channel).build();
when(operationsChannelProvider.getTransportChannel()).thenReturn(transportChannel);
+ when(operationsChannelProvider.withUseS2A(Mockito.any(boolean.class)))
+ .thenReturn(operationsChannelProvider);
clock = new FakeApiClock(0L);
executor = RecordingScheduler.create(clock);
diff --git a/gax-java/gax-grpc/src/test/java/com/google/api/gax/grpc/InstantiatingGrpcChannelProviderTest.java b/gax-java/gax-grpc/src/test/java/com/google/api/gax/grpc/InstantiatingGrpcChannelProviderTest.java
index a58f9b8173..82738cae02 100644
--- a/gax-java/gax-grpc/src/test/java/com/google/api/gax/grpc/InstantiatingGrpcChannelProviderTest.java
+++ b/gax-java/gax-grpc/src/test/java/com/google/api/gax/grpc/InstantiatingGrpcChannelProviderTest.java
@@ -51,12 +51,16 @@
import com.google.auth.http.AuthHttpConstants;
import com.google.auth.oauth2.CloudShellCredentials;
import com.google.auth.oauth2.ComputeEngineCredentials;
+import com.google.auth.oauth2.SecureSessionAgent;
+import com.google.auth.oauth2.SecureSessionAgentConfig;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.truth.Truth;
import io.grpc.ManagedChannel;
import io.grpc.ManagedChannelBuilder;
+import io.grpc.TlsChannelCredentials;
import io.grpc.alts.ComputeEngineChannelBuilder;
+import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.time.Duration;
@@ -225,6 +229,10 @@ void testToBuilder() {
throw new UnsupportedOperationException();
};
Map directPathServiceConfig = ImmutableMap.of("loadbalancingConfig", "grpclb");
+ List hardBoundTokenTypes =
+ new ArrayList<>();
+ hardBoundTokenTypes.add(InstantiatingGrpcChannelProvider.HardBoundTokenTypes.ALTS);
+ hardBoundTokenTypes.add(InstantiatingGrpcChannelProvider.HardBoundTokenTypes.MTLS_S2A);
InstantiatingGrpcChannelProvider provider =
InstantiatingGrpcChannelProvider.newBuilder()
@@ -238,6 +246,7 @@ void testToBuilder() {
.setChannelConfigurator(channelConfigurator)
.setChannelsPerCpu(2.5)
.setDirectPathServiceConfig(directPathServiceConfig)
+ .setAllowHardBoundTokenTypes(hardBoundTokenTypes)
.build();
InstantiatingGrpcChannelProvider.Builder builder = provider.toBuilder();
@@ -980,6 +989,120 @@ private FixedHeaderProvider getHeaderProviderWithApiKeyHeader() {
return FixedHeaderProvider.create(header);
}
+ @Test
+ void createPlaintextToS2AChannelCredentials_emptyPlaintextAddress_returnsNull() {
+ InstantiatingGrpcChannelProvider provider =
+ InstantiatingGrpcChannelProvider.newBuilder().build();
+ assertThat(provider.createPlaintextToS2AChannelCredentials("")).isNull();
+ }
+
+ @Test
+ void createPlaintextToS2AChannelCredentials_success() {
+ InstantiatingGrpcChannelProvider provider =
+ InstantiatingGrpcChannelProvider.newBuilder().build();
+ assertThat(provider.createPlaintextToS2AChannelCredentials("localhost:8080")).isNotNull();
+ }
+
+ @Test
+ void createMtlsToS2AChannelCredentials_missingAllFiles_throws() throws IOException {
+ InstantiatingGrpcChannelProvider provider =
+ InstantiatingGrpcChannelProvider.newBuilder().build();
+ assertThat(provider.createMtlsToS2AChannelCredentials(null, null, null)).isNull();
+ }
+
+ @Test
+ void createMtlsToS2AChannelCredentials_missingRootFile_throws() throws IOException {
+ InstantiatingGrpcChannelProvider provider =
+ InstantiatingGrpcChannelProvider.newBuilder().build();
+ File privateKey = new File("src/test/resources/client_key.pem");
+ File certChain = new File("src/test/resources/client_cert.pem");
+ assertThat(provider.createMtlsToS2AChannelCredentials(null, privateKey, certChain)).isNull();
+ }
+
+ @Test
+ void createMtlsToS2AChannelCredentials_missingKeyFile_throws() throws IOException {
+ InstantiatingGrpcChannelProvider provider =
+ InstantiatingGrpcChannelProvider.newBuilder().build();
+ File trustBundle = new File("src/test/resources/root_cert.pem");
+ File certChain = new File("src/test/resources/client_cert.pem");
+ assertThat(provider.createMtlsToS2AChannelCredentials(trustBundle, null, certChain)).isNull();
+ }
+
+ @Test
+ void createMtlsToS2AChannelCredentials_missingCertChainFile_throws() throws IOException {
+ InstantiatingGrpcChannelProvider provider =
+ InstantiatingGrpcChannelProvider.newBuilder().build();
+ File trustBundle = new File("src/test/resources/root_cert.pem");
+ File privateKey = new File("src/test/resources/client_key.pem");
+ assertThat(provider.createMtlsToS2AChannelCredentials(trustBundle, privateKey, null)).isNull();
+ }
+
+ @Test
+ void createMtlsToS2AChannelCredentials_success() throws IOException {
+ InstantiatingGrpcChannelProvider provider =
+ InstantiatingGrpcChannelProvider.newBuilder().build();
+ File trustBundle = new File("src/test/resources/root_cert.pem");
+ File privateKey = new File("src/test/resources/client_key.pem");
+ File certChain = new File("src/test/resources/client_cert.pem");
+ assertEquals(
+ provider.createMtlsToS2AChannelCredentials(trustBundle, privateKey, certChain).getClass(),
+ TlsChannelCredentials.class);
+ }
+
+ @Test
+ void createS2ASecuredChannelCredentials_bothS2AAddressesNull_returnsNull() {
+ SecureSessionAgent s2aConfigProvider = Mockito.mock(SecureSessionAgent.class);
+ SecureSessionAgentConfig config = SecureSessionAgentConfig.createBuilder().build();
+ Mockito.when(s2aConfigProvider.getConfig()).thenReturn(config);
+ InstantiatingGrpcChannelProvider provider =
+ InstantiatingGrpcChannelProvider.newBuilder()
+ .setS2AConfigProvider(s2aConfigProvider)
+ .build();
+ assertThat(provider.createS2ASecuredChannelCredentials()).isNull();
+ }
+
+ @Test
+ void
+ createS2ASecuredChannelCredentials_mtlsS2AAddressNull_returnsPlaintextToS2AS2AChannelCredentials() {
+ SecureSessionAgent s2aConfigProvider = Mockito.mock(SecureSessionAgent.class);
+ SecureSessionAgentConfig config =
+ SecureSessionAgentConfig.createBuilder().setPlaintextAddress("localhost:8080").build();
+ Mockito.when(s2aConfigProvider.getConfig()).thenReturn(config);
+ FakeLogHandler logHandler = new FakeLogHandler();
+ InstantiatingGrpcChannelProvider.LOG.addHandler(logHandler);
+ InstantiatingGrpcChannelProvider provider =
+ InstantiatingGrpcChannelProvider.newBuilder()
+ .setS2AConfigProvider(s2aConfigProvider)
+ .build();
+ assertThat(provider.createS2ASecuredChannelCredentials()).isNotNull();
+ assertThat(logHandler.getAllMessages())
+ .contains(
+ "Cannot establish an mTLS connection to S2A because autoconfig endpoint did not return a mtls address to reach S2A.");
+ InstantiatingGrpcChannelProvider.LOG.removeHandler(logHandler);
+ }
+
+ @Test
+ void createS2ASecuredChannelCredentials_returnsPlaintextToS2AS2AChannelCredentials() {
+ SecureSessionAgent s2aConfigProvider = Mockito.mock(SecureSessionAgent.class);
+ SecureSessionAgentConfig config =
+ SecureSessionAgentConfig.createBuilder()
+ .setMtlsAddress("localhost:8080")
+ .setPlaintextAddress("localhost:8080")
+ .build();
+ Mockito.when(s2aConfigProvider.getConfig()).thenReturn(config);
+ FakeLogHandler logHandler = new FakeLogHandler();
+ InstantiatingGrpcChannelProvider.LOG.addHandler(logHandler);
+ InstantiatingGrpcChannelProvider provider =
+ InstantiatingGrpcChannelProvider.newBuilder()
+ .setS2AConfigProvider(s2aConfigProvider)
+ .build();
+ assertThat(provider.createS2ASecuredChannelCredentials()).isNotNull();
+ assertThat(logHandler.getAllMessages())
+ .contains(
+ "Cannot establish an mTLS connection to S2A because MTLS to MDS credentials do not exist on filesystem, falling back to plaintext connection to S2A");
+ InstantiatingGrpcChannelProvider.LOG.removeHandler(logHandler);
+ }
+
private static class FakeLogHandler extends Handler {
List records = new ArrayList<>();
diff --git a/gax-java/gax-grpc/src/test/resources/README.md b/gax-java/gax-grpc/src/test/resources/README.md
new file mode 100644
index 0000000000..77cf45111b
--- /dev/null
+++ b/gax-java/gax-grpc/src/test/resources/README.md
@@ -0,0 +1,29 @@
+# Regenerate certificates and keys for testing mTLS-S2A
+Below are the commands which can be used to regenerate the certs used in tests. This is the same process
+used to generate test certs for S2A client in grpc-java: https://github.com/grpc/grpc-java/blob/master/s2a/src/test/resources/README.md
+
+Create root CA
+
+```
+openssl req -x509 -sha256 -days 7305 -newkey rsa:2048 -keyout root_key.pem -out
+root_cert.pem
+```
+
+Generate private key
+
+```
+openssl genrsa -out client_key.pem 2048
+```
+
+Generate CSR (set Common Name to localhost, leave all
+other fields blank)
+
+```
+openssl req -key client_key.pem -new -out client.csr -config config.cnf
+```
+
+Sign CSR for client
+
+```
+openssl x509 -req -CA root_cert.pem -CAkey root_key.pem -in client.csr -out client_cert.pem -days 7305
+```
\ No newline at end of file
diff --git a/gax-java/gax-grpc/src/test/resources/client_cert.pem b/gax-java/gax-grpc/src/test/resources/client_cert.pem
new file mode 100644
index 0000000000..837f8bb501
--- /dev/null
+++ b/gax-java/gax-grpc/src/test/resources/client_cert.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDPTCCAiWgAwIBAgIUaarddwSWeE4jDC9kwxEr446ehqUwDQYJKoZIhvcNAQEL
+BQAwWTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
+GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDESMBAGA1UEAwwJbG9jYWxob3N0MB4X
+DTI0MTAwMTIxNTk1NFoXDTQ0MTAwMTIxNTk1NFowFDESMBAGA1UEAwwJbG9jYWxo
+b3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlNsldt7yAU4KRuS
+2D2/FjNIE1US5olBm4HteTr++41WaELZJqNLRPPp052jEQU3aKSYNGZvUUO6buu7
+eFpz2SBNUVMyvmzzocjVAyyf4NQvDazYHWOb+/YCeUppTRWriz4V5sn47qJTQ8cd
+CGrTFeLHxUjx4nh/OiqVXP/KnF3EqPEuqph0ky7+GirnJgPRe+C5ERuGkJye8dmP
+yWGA2lSS6MeDe7JZTAMi08bAn7BuNpeBkOzz1msGGI9PnUanUs7GOPWTDdcQAVY8
+KMvHCuGaNMGpb4rOR2mm8LlbAbpTPz8Pkw4QtMCLkgsrz2CzXpVwnLsU7nDXJAIO
+B155lQIDAQABo0IwQDAdBgNVHQ4EFgQUSZEyIHLzkIw7AwkBaUjYfIrGVR4wHwYD
+VR0jBBgwFoAUcq3dtxAVA410YWyM0B4e+4umbiwwDQYJKoZIhvcNAQELBQADggEB
+AAz0bZ4ayrZLhA45xn0yvdpdqiCtiWikCRtxgE7VXHg/ziZJVMpBpAhbIGO5tIyd
+lttnRXHwz5DUwKiba4/bCEFe229BshQEql5qaqcbGbFfSly11WeqqnwR1N7c8Gpv
+pD9sVrx22seN0rTUk87MY/S7mzCxHqAx35zm/LTW3pWcgCTMKFHy4Gt4mpTnXkNA
+WkhP2OhW5RLiu6Whi0BEdb2TGG1+ctamgijKXb+gJeef5ehlHXG8eU862KF5UlEA
+NeQKBm/PpQxOMe0NdpatjN8QRoczku0Itiodng+OZ1o+2iSNG988uFRb3CUSnjtE
+R/HL6ULAFzo59EpIYxruU/w=
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/gax-java/gax-grpc/src/test/resources/client_key.pem b/gax-java/gax-grpc/src/test/resources/client_key.pem
new file mode 100644
index 0000000000..38b93eb65c
--- /dev/null
+++ b/gax-java/gax-grpc/src/test/resources/client_key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDGU2yV23vIBTgp
+G5LYPb8WM0gTVRLmiUGbge15Ov77jVZoQtkmo0tE8+nTnaMRBTdopJg0Zm9RQ7pu
+67t4WnPZIE1RUzK+bPOhyNUDLJ/g1C8NrNgdY5v79gJ5SmlNFauLPhXmyfjuolND
+xx0IatMV4sfFSPHieH86KpVc/8qcXcSo8S6qmHSTLv4aKucmA9F74LkRG4aQnJ7x
+2Y/JYYDaVJLox4N7sllMAyLTxsCfsG42l4GQ7PPWawYYj0+dRqdSzsY49ZMN1xAB
+Vjwoy8cK4Zo0walvis5HaabwuVsBulM/Pw+TDhC0wIuSCyvPYLNelXCcuxTucNck
+Ag4HXnmVAgMBAAECggEAKuW9jXaBgiS63o1jyFkmvWcPNntG0M2sfrXuRzQfFgse
+vwOCk8xrSflWQNsOe+58ayp6746ekl3LdBWSIbiy6SqG/sm3pp/LXNmjVYHv/QH4
+QYV643R5t1ihdVnGiBFhXwdpVleme/tpdjYZzgnJKak5W69o/nrgzhSK5ShAy2xM
+j0XXbgdqG+4JxPb5BZmjHHfXAXUfgSORMdfArkbgFBRc9wL/6JVTXjeAMy5WX9qe
+5UQsSOYkwc9P2snifC/jdIhjHQOkkx59O0FgukJEFZPoagVG1duWQbnNDr7QVHCJ
+jV6dg9tIT4SXD3uPSPbgNGlRUseIakCzrhHARJuA2wKBgQD/h8zoh0KaqKyViCYw
+XKOFpm1pAFnp2GiDOblxNubNFAXEWnC+FlkvO/z1s0zVuYELUqfxcYMSXJFEVelK
+rfjZtoC5oxqWGqLo9iCj7pa8t+ipulYcLt2SWc7eZPD4T4lzeEf1Qz77aKcz34sa
+dv9lzQkDvhR/Mv1VeEGFHiq2VwKBgQDGsLcTGH5Yxs//LRSY8TigBkQEDrH5NvXu
+2jtAzZhy1Yhsoa5eiZkhnnzM6+n05ovfZLcy6s7dnwP1Y+C79vs+DKMBsodtDG5z
+YpsB0VrXYa6P6pCqkcz0Bz9xdo5sOhAK3AKnX6jd29XBDdeYsw/lxHLG24wProTD
+cCYFqtaj8wKBgQCaqKT68DL9zK14a8lBaDCIyexaqx3AjXzkP+Hfhi03XrEG4P5v
+7rLYBeTbCUSt7vMN2V9QoTWFvYUm6SCkVJvTmcRblz6WL1T+z0l+LwAJBP7LC77m
+m+77j2PH8yxt/iXhP6G97o+GNxdMLDbTM8bs5KZaH4fkXQY73uc5HMMZTQKBgEZS
+7blYhf+t/ph2wD+RwVUCYrh86wkmJs2veCFro3WhlnO8lhbn5Mc9bTaqmVgQ8ZjT
+8POYoDdYvPHxs+1TcYF4v4kuQziZmc5FLE/sZZauADb38tQsXrpQhmgGakpsEpmF
+XXsYJJDB6lo2KATn+8x7R5SSyHQUdPEnlI2U9ft5AoGBAJw0NJiM1EzRS8xq0DmO
+AvQaPjo01o2hH6wghws8gDQwrj0eHraHgVi7zo0VkaHJbO7ahKPudset3N7owJhA
+CUAPPRtv5wn0amAyNz77f1dz4Gys3AkcchflqhbEaQpzKYx4kX0adclur4WJ/DVm
+P7DI977SHCVB4FVMbXMEkBjN
+-----END PRIVATE KEY-----
\ No newline at end of file
diff --git a/gax-java/gax-grpc/src/test/resources/root_cert.pem b/gax-java/gax-grpc/src/test/resources/root_cert.pem
new file mode 100644
index 0000000000..ccd0a46bc2
--- /dev/null
+++ b/gax-java/gax-grpc/src/test/resources/root_cert.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDkzCCAnugAwIBAgIUWemeXZdfqcqkP8/Eyj74oTJtoNQwDQYJKoZIhvcNAQEL
+BQAwWTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
+GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDESMBAGA1UEAwwJbG9jYWxob3N0MB4X
+DTI0MTAwMTIxNTkxMVoXDTQ0MTAwMTIxNTkxMVowWTELMAkGA1UEBhMCQVUxEzAR
+BgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5
+IEx0ZDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAt3A04hy5lljv86Nu0LLQZ2hA+fcImHjt1p1Mxgcta/5oxfVLcerE
+ZH+DAQLDtWzp9Up/vI57MM419GIL8Iszk7hnZRS/HWJ+2jewZJtz4i/g15dLr6+1
+uabMdPOWos60BwcLMxKEe6lJO1mV4z9d4NH4mAuMIHyM+ty0Klp9MfeDJtYEh0+z
+AxJUHCixDTsnKJro7My7A3ZT7bvaMfXxS7XN6qlRgBfiCmXo/GKTFfmfBW/EZGkG
+XOCxE2D79wYNhC41Q/ix0kwjEeOj2vgGFoiyblSdHdzvRXzsoQTEiZSM8lJDR2IT
+ZbpgbBlknMU6efNWlS8P5damB9ZWXg3x4wIDAQABo1MwUTAdBgNVHQ4EFgQUcq3d
+txAVA410YWyM0B4e+4umbiwwHwYDVR0jBBgwFoAUcq3dtxAVA410YWyM0B4e+4um
+biwwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEApZvaI9y7vjX/
+RRdvwf2Db9KlTE9nuVQ3AsrmG9Ml0p2X6U5aTetxdYBo2PuaaYHheF03JOH8zjpL
+UfFzvbi52DPbfFAaDw/6NIAenXlg492leNvUFNjGGRyJO9R5/aDfv40/fT3Em5G5
+DnR8SeGQ9tI1t6xBBT+d+/MilSiEKVu8IIF/p0SwvEyR4pKo6wFVZR0ZiIj2v/FZ
+P5Qk0Xhb+slpmaR3Wtx/mPl9Wb3kpPD4CAwhWDqFkKJql9/n9FvMjdwlCQKQGB26
+ZDXY3C0UTdktK5biNWRgAUVJEWBX6Q2amrxQHIn2d9RJ8uxCME/KBAntK+VxZE78
+w0JOvQ4Dpw==
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/gax-java/gax-httpjson/clirr-ignored-differences.xml b/gax-java/gax-httpjson/clirr-ignored-differences.xml
deleted file mode 100644
index c4db8a60a8..0000000000
--- a/gax-java/gax-httpjson/clirr-ignored-differences.xml
+++ /dev/null
@@ -1,10 +0,0 @@
-
-
-
-
-
- 7002
- com/google/api/gax/httpjson/InstantiatingHttpJsonChannelProvider
- * withUseS2A(*)
-
-
diff --git a/gax-java/gax-httpjson/pom.xml b/gax-java/gax-httpjson/pom.xml
index 736f790e6b..e6ade888e1 100644
--- a/gax-java/gax-httpjson/pom.xml
+++ b/gax-java/gax-httpjson/pom.xml
@@ -3,7 +3,7 @@
4.0.0
gax-httpjson
- 2.59.1
+ 2.60.0
jar
GAX (Google Api eXtensions) for Java (HTTP JSON)
Google Api eXtensions for Java (HTTP JSON)
@@ -11,7 +11,7 @@
com.google.api
gax-parent
- 2.59.1
+ 2.60.0
diff --git a/gax-java/gax/clirr-ignored-differences.xml b/gax-java/gax/clirr-ignored-differences.xml
index e7b4d93d29..ee2e254c96 100644
--- a/gax-java/gax/clirr-ignored-differences.xml
+++ b/gax-java/gax/clirr-ignored-differences.xml
@@ -106,15 +106,15 @@
com/google/api/gax/batching/Batcher
*
-
+
- 7002
- com/google/api/gax/rpc/FixedTransportChannelProvider
- * withUseS2A(*)
+ 7013
+ com/google/api/gax/rpc/EndpointContext
+ * useS2A()
-
+
- 7002
+ 7012
com/google/api/gax/rpc/TransportChannelProvider
* withUseS2A(*)
diff --git a/gax-java/gax/pom.xml b/gax-java/gax/pom.xml
index 287a78305f..f7f16ff3d0 100644
--- a/gax-java/gax/pom.xml
+++ b/gax-java/gax/pom.xml
@@ -3,7 +3,7 @@
4.0.0
gax
- 2.59.1
+ 2.60.0
jar
GAX (Google Api eXtensions) for Java (Core)
Google Api eXtensions for Java (Core)
@@ -11,7 +11,7 @@
com.google.api
gax-parent
- 2.59.1
+ 2.60.0
diff --git a/gax-java/gax/src/main/java/com/google/api/gax/rpc/ClientContext.java b/gax-java/gax/src/main/java/com/google/api/gax/rpc/ClientContext.java
index 5bce1ac6bb..8e7c9a3090 100644
--- a/gax-java/gax/src/main/java/com/google/api/gax/rpc/ClientContext.java
+++ b/gax-java/gax/src/main/java/com/google/api/gax/rpc/ClientContext.java
@@ -222,6 +222,7 @@ public static ClientContext create(StubSettings settings) throws IOException {
if (transportChannelProvider.needsEndpoint()) {
transportChannelProvider = transportChannelProvider.withEndpoint(endpoint);
}
+ transportChannelProvider = transportChannelProvider.withUseS2A(endpointContext.useS2A());
TransportChannel transportChannel = transportChannelProvider.getTransportChannel();
ApiCallContext defaultCallContext =
diff --git a/gax-java/gax/src/main/java/com/google/api/gax/rpc/EndpointContext.java b/gax-java/gax/src/main/java/com/google/api/gax/rpc/EndpointContext.java
index dd6c199b35..2c11f6e058 100644
--- a/gax-java/gax/src/main/java/com/google/api/gax/rpc/EndpointContext.java
+++ b/gax-java/gax/src/main/java/com/google/api/gax/rpc/EndpointContext.java
@@ -30,6 +30,7 @@
package com.google.api.gax.rpc;
import com.google.api.core.InternalApi;
+import com.google.api.gax.rpc.internal.EnvironmentProvider;
import com.google.api.gax.rpc.mtls.MtlsProvider;
import com.google.auth.Credentials;
import com.google.auth.oauth2.ComputeEngineCredentials;
@@ -65,6 +66,9 @@ public abstract class EndpointContext {
"The configured universe domain (%s) does not match the universe domain found in the credentials (%s). If you haven't configured the universe domain explicitly, `googleapis.com` is the default.";
public static final String UNABLE_TO_RETRIEVE_CREDENTIALS_ERROR_MESSAGE =
"Unable to retrieve the Universe Domain from the Credentials.";
+ // This environment variable is a temporary measure. It will be removed when the feature is
+ // non-experimental.
+ static final String S2A_ENV_ENABLE_USE_S2A = "EXPERIMENTAL_GOOGLE_API_USE_S2A_JAVA";
public static EndpointContext getDefaultInstance() {
return INSTANCE;
@@ -100,6 +104,11 @@ public static EndpointContext getDefaultInstance() {
@Nullable
public abstract String transportChannelProviderEndpoint();
+ abstract boolean useS2A();
+
+ @Nullable
+ abstract EnvironmentProvider envProvider();
+
@Nullable
public abstract String mtlsEndpoint();
@@ -119,7 +128,8 @@ public static EndpointContext getDefaultInstance() {
public static Builder newBuilder() {
return new AutoValue_EndpointContext.Builder()
.setSwitchToMtlsEndpointAllowed(false)
- .setUsingGDCH(false);
+ .setUsingGDCH(false)
+ .setEnvProvider(System::getenv);
}
/** Configure the existing EndpointContext to be using GDC-H */
@@ -208,6 +218,10 @@ public abstract static class Builder {
public abstract Builder setResolvedUniverseDomain(String resolvedUniverseDomain);
+ abstract Builder setUseS2A(boolean useS2A);
+
+ abstract Builder setEnvProvider(EnvironmentProvider envProvider);
+
abstract String serviceName();
abstract String universeDomain();
@@ -216,6 +230,10 @@ public abstract static class Builder {
abstract String transportChannelProviderEndpoint();
+ abstract boolean useS2A();
+
+ abstract EnvironmentProvider envProvider();
+
abstract String mtlsEndpoint();
abstract boolean switchToMtlsEndpointAllowed();
@@ -285,9 +303,46 @@ private String determineEndpoint() throws IOException {
"mTLS is not supported in any universe other than googleapis.com");
}
+ // Check if Experimental S2A feature enabled. When feature is non-experimental, remove this
+ // check from this function, and plumb MTLS endpoint to channel creation logic separately.
+ // Note that mTLS via S2A is an independent feature from mTLS via DCA (for which endpoint
+ // determined by {@code mtlsEndpointResolver} above).
+ if (shouldUseS2A()) {
+ return mtlsEndpoint();
+ }
return endpoint;
}
+ /** Determine if S2A can be used */
+ @VisibleForTesting
+ boolean shouldUseS2A() {
+ // If mTLS endpoint is not available, skip S2A
+ if (Strings.isNullOrEmpty(mtlsEndpoint())) {
+ return false;
+ }
+
+ // If EXPERIMENTAL_GOOGLE_API_USE_S2A_JAVA is not set to true, skip S2A.
+ String s2AEnv = envProvider().getenv(S2A_ENV_ENABLE_USE_S2A);
+ boolean s2AEnabled = Boolean.parseBoolean(s2AEnv);
+ if (!s2AEnabled) {
+ return false;
+ }
+
+ // Skip S2A when using GDC-H
+ if (usingGDCH()) {
+ return false;
+ }
+
+ // If a custom endpoint is being used, skip S2A.
+ if (!Strings.isNullOrEmpty(clientSettingsEndpoint())
+ || !Strings.isNullOrEmpty(transportChannelProviderEndpoint())) {
+ return false;
+ }
+
+ // mTLS via S2A is not supported in any universe other than googleapis.com.
+ return mtlsEndpoint().contains(Credentials.GOOGLE_DEFAULT_UNIVERSE);
+ }
+
// Default to port 443 for HTTPS. Using HTTP requires explicitly setting the endpoint
private String buildEndpointTemplate(String serviceName, String resolvedUniverseDomain) {
return serviceName + "." + resolvedUniverseDomain + ":443";
@@ -321,6 +376,7 @@ public EndpointContext build() throws IOException {
// The Universe Domain is used to resolve the Endpoint. It should be resolved first
setResolvedUniverseDomain(determineUniverseDomain());
setResolvedEndpoint(determineEndpoint());
+ setUseS2A(shouldUseS2A());
return autoBuild();
}
}
diff --git a/gax-java/gax/src/main/java/com/google/api/gax/rpc/TransportChannelProvider.java b/gax-java/gax/src/main/java/com/google/api/gax/rpc/TransportChannelProvider.java
index 21f3c31f63..7ab19c9c16 100644
--- a/gax-java/gax/src/main/java/com/google/api/gax/rpc/TransportChannelProvider.java
+++ b/gax-java/gax/src/main/java/com/google/api/gax/rpc/TransportChannelProvider.java
@@ -97,6 +97,13 @@ public interface TransportChannelProvider {
*/
TransportChannelProvider withEndpoint(String endpoint);
+ /** Sets whether to use S2A when constructing a new {@link TransportChannel}. */
+ @BetaApi(
+ "The S2A feature is not stable yet and may change in the future. https://github.com/grpc/grpc-java/issues/11533.")
+ default TransportChannelProvider withUseS2A(boolean useS2A) {
+ return this;
+ }
+
/**
* Reports whether this provider allows pool size customization.
*
diff --git a/gax-java/gax/src/test/java/com/google/api/gax/rpc/EndpointContextTest.java b/gax-java/gax/src/test/java/com/google/api/gax/rpc/EndpointContextTest.java
index 3276e4a73e..94f013f9ba 100644
--- a/gax-java/gax/src/test/java/com/google/api/gax/rpc/EndpointContextTest.java
+++ b/gax-java/gax/src/test/java/com/google/api/gax/rpc/EndpointContextTest.java
@@ -33,6 +33,7 @@
import static org.junit.jupiter.api.Assertions.assertThrows;
import com.google.api.gax.core.NoCredentialsProvider;
+import com.google.api.gax.rpc.internal.EnvironmentProvider;
import com.google.api.gax.rpc.mtls.MtlsProvider;
import com.google.api.gax.rpc.testing.FakeMtlsProvider;
import com.google.auth.Credentials;
@@ -372,6 +373,21 @@ void endpointContextBuild_multipleUniverseDomainConfigurations_clientSettingsHas
.isEqualTo(clientSettingsUniverseDomain);
}
+ @Test
+ void endpointContextBuild_shouldUseS2A_mtlsEndpoint() throws IOException {
+ EnvironmentProvider envProvider = Mockito.mock(EnvironmentProvider.class);
+ Mockito.when(envProvider.getenv(EndpointContext.S2A_ENV_ENABLE_USE_S2A)).thenReturn("true");
+ defaultEndpointContextBuilder =
+ defaultEndpointContextBuilder
+ .setEnvProvider(envProvider)
+ .setClientSettingsEndpoint("")
+ .setTransportChannelProviderEndpoint("")
+ .setUsingGDCH(false);
+ EndpointContext endpointContext = defaultEndpointContextBuilder.build();
+ Truth.assertThat(defaultEndpointContextBuilder.shouldUseS2A()).isTrue();
+ Truth.assertThat(endpointContext.resolvedEndpoint()).isEqualTo(DEFAULT_MTLS_ENDPOINT);
+ }
+
@Test
void hasValidUniverseDomain_gdchFlow_anyCredentials() throws IOException {
Credentials noCredentials = NoCredentialsProvider.create().getCredentials();
@@ -454,4 +470,111 @@ void hasValidUniverseDomain_computeEngineCredentials_noValidationOnUniverseDomai
.build();
assertDoesNotThrow(() -> endpointContext.validateUniverseDomain(credentials, statusCode));
}
+
+ @Test
+ void shouldUseS2A_envVarNotSet_returnsFalse() throws IOException {
+ EnvironmentProvider envProvider = Mockito.mock(EnvironmentProvider.class);
+ Mockito.when(envProvider.getenv(EndpointContext.S2A_ENV_ENABLE_USE_S2A)).thenReturn("false");
+ defaultEndpointContextBuilder =
+ defaultEndpointContextBuilder
+ .setEnvProvider(envProvider)
+ .setClientSettingsEndpoint("")
+ .setTransportChannelProviderEndpoint("")
+ .setUsingGDCH(false);
+ Truth.assertThat(defaultEndpointContextBuilder.shouldUseS2A()).isFalse();
+ }
+
+ @Test
+ void shouldUseS2A_UsingGDCH_returnsFalse() throws IOException {
+ EnvironmentProvider envProvider = Mockito.mock(EnvironmentProvider.class);
+ Mockito.when(envProvider.getenv(EndpointContext.S2A_ENV_ENABLE_USE_S2A)).thenReturn("true");
+ defaultEndpointContextBuilder =
+ defaultEndpointContextBuilder
+ .setEnvProvider(envProvider)
+ .setClientSettingsEndpoint("")
+ .setTransportChannelProviderEndpoint("")
+ .setUsingGDCH(true);
+ Truth.assertThat(defaultEndpointContextBuilder.shouldUseS2A()).isFalse();
+ }
+
+ @Test
+ void shouldUseS2A_customEndpointSetViaClientSettings_returnsFalse() throws IOException {
+ EnvironmentProvider envProvider = Mockito.mock(EnvironmentProvider.class);
+ Mockito.when(envProvider.getenv(EndpointContext.S2A_ENV_ENABLE_USE_S2A)).thenReturn("true");
+ defaultEndpointContextBuilder =
+ defaultEndpointContextBuilder
+ .setEnvProvider(envProvider)
+ .setClientSettingsEndpoint("test.endpoint.com:443")
+ .setTransportChannelProviderEndpoint("")
+ .setUsingGDCH(false);
+ Truth.assertThat(defaultEndpointContextBuilder.shouldUseS2A()).isFalse();
+ }
+
+ @Test
+ void shouldUseS2A_customEndpointSetViaTransportChannelProvider_returnsFalse() throws IOException {
+ EnvironmentProvider envProvider = Mockito.mock(EnvironmentProvider.class);
+ Mockito.when(envProvider.getenv(EndpointContext.S2A_ENV_ENABLE_USE_S2A)).thenReturn("true");
+ defaultEndpointContextBuilder =
+ defaultEndpointContextBuilder
+ .setEnvProvider(envProvider)
+ .setClientSettingsEndpoint("")
+ .setTransportChannelProviderEndpoint("test.endpoint.com:443")
+ .setUsingGDCH(false);
+ Truth.assertThat(defaultEndpointContextBuilder.shouldUseS2A()).isFalse();
+ }
+
+ @Test
+ void shouldUseS2A_mtlsEndpointNull_returnsFalse() throws IOException {
+ EnvironmentProvider envProvider = Mockito.mock(EnvironmentProvider.class);
+ Mockito.when(envProvider.getenv(EndpointContext.S2A_ENV_ENABLE_USE_S2A)).thenReturn("true");
+ defaultEndpointContextBuilder =
+ defaultEndpointContextBuilder
+ .setEnvProvider(envProvider)
+ .setClientSettingsEndpoint("")
+ .setTransportChannelProviderEndpoint("")
+ .setUsingGDCH(false)
+ .setMtlsEndpoint(null);
+ Truth.assertThat(defaultEndpointContextBuilder.shouldUseS2A()).isFalse();
+ }
+
+ @Test
+ void shouldUseS2A_mtlsEndpointEmpty_returnsFalse() throws IOException {
+ EnvironmentProvider envProvider = Mockito.mock(EnvironmentProvider.class);
+ Mockito.when(envProvider.getenv(EndpointContext.S2A_ENV_ENABLE_USE_S2A)).thenReturn("true");
+ defaultEndpointContextBuilder =
+ defaultEndpointContextBuilder
+ .setEnvProvider(envProvider)
+ .setClientSettingsEndpoint("")
+ .setTransportChannelProviderEndpoint("")
+ .setMtlsEndpoint("")
+ .setUsingGDCH(false);
+ Truth.assertThat(defaultEndpointContextBuilder.shouldUseS2A()).isFalse();
+ }
+
+ @Test
+ void shouldUseS2A_mtlsEndpointNotGoogleDefaultUniverse_returnsFalse() throws IOException {
+ EnvironmentProvider envProvider = Mockito.mock(EnvironmentProvider.class);
+ Mockito.when(envProvider.getenv(EndpointContext.S2A_ENV_ENABLE_USE_S2A)).thenReturn("true");
+ defaultEndpointContextBuilder =
+ defaultEndpointContextBuilder
+ .setEnvProvider(envProvider)
+ .setClientSettingsEndpoint("")
+ .setTransportChannelProviderEndpoint("")
+ .setMtlsEndpoint("test.mtls.abcd.com:443")
+ .setUsingGDCH(false);
+ Truth.assertThat(defaultEndpointContextBuilder.shouldUseS2A()).isFalse();
+ }
+
+ @Test
+ void shouldUseS2A_success() throws IOException {
+ EnvironmentProvider envProvider = Mockito.mock(EnvironmentProvider.class);
+ Mockito.when(envProvider.getenv(EndpointContext.S2A_ENV_ENABLE_USE_S2A)).thenReturn("true");
+ defaultEndpointContextBuilder =
+ defaultEndpointContextBuilder
+ .setEnvProvider(envProvider)
+ .setClientSettingsEndpoint("")
+ .setTransportChannelProviderEndpoint("")
+ .setUsingGDCH(false);
+ Truth.assertThat(defaultEndpointContextBuilder.shouldUseS2A()).isTrue();
+ }
}
diff --git a/gax-java/pom.xml b/gax-java/pom.xml
index c3ed07ca98..776337e93f 100644
--- a/gax-java/pom.xml
+++ b/gax-java/pom.xml
@@ -4,14 +4,14 @@
com.google.api
gax-parent
pom
- 2.59.1
+ 2.60.0
GAX (Google Api eXtensions) for Java (Parent)
Google Api eXtensions for Java (Parent)
com.google.api
gapic-generator-java-pom-parent
- 2.51.1
+ 2.52.0
../gapic-generator-java-pom-parent
@@ -50,7 +50,7 @@
com.google.api
api-common
- 2.42.1
+ 2.43.0
com.google.auth
@@ -98,24 +98,24 @@
com.google.api
gax
- 2.59.1
+ 2.60.0
com.google.api
gax
- 2.59.1
+ 2.60.0
test-jar
testlib
com.google.api.grpc
proto-google-common-protos
- 2.50.1
+ 2.51.0
com.google.api.grpc
grpc-google-common-protos
- 2.50.1
+ 2.51.0
io.grpc
diff --git a/generation_config.yaml b/generation_config.yaml
index 58f847ab87..5f8cf288b1 100644
--- a/generation_config.yaml
+++ b/generation_config.yaml
@@ -1,4 +1,4 @@
-googleapis_commitish: 3cef095370b3176f67542e527ffde81e019df091
+googleapis_commitish: 1a0e353ac4a372cf7016df4ce0a7d7e609f339b3
# the libraries are ordered with respect to library name, which is
# java-{library.library_name} or java-{library.api-shortname} when
# library.library_name is not defined.
diff --git a/hermetic_build/common/requirements.txt b/hermetic_build/common/requirements.txt
index ed6b65f69b..325c64b726 100644
--- a/hermetic_build/common/requirements.txt
+++ b/hermetic_build/common/requirements.txt
@@ -36,9 +36,9 @@ gitdb==4.0.11 \
--hash=sha256:81a3407ddd2ee8df444cbacea00e2d038e40150acfa3001696fe0dcf1d3adfa4 \
--hash=sha256:bf5421126136d6d0af55bc1e7c1af1c397a34f5b7bd79e776cd3e89785c2b04b
# via gitpython
-gitpython==3.1.43 \
- --hash=sha256:35f314a9f878467f5453cc1fee295c3e18e52f1b99f10f6cf5b1682e968a9e7c \
- --hash=sha256:eec7ec56b92aad751f9912a73404bc02ba212a23adb2c7098ee668417051a1ff
+GitPython==3.1.44 \
+ --hash=sha256:9e0e10cda9bed1ee64bc9a6de50e7e38a9c9943241cd7f585f6df3ed28011110 \
+ --hash=sha256:c87e30b26253bf5418b01b0660f818967f3c503193838337fe5e573331249269
# via -r hermetic_build/common/requirements.in
mypy-extensions==1.0.0 \
--hash=sha256:4392f6c0eb8a5668a69e23d168ffa70f0be9ccfd32b5cc2d26a34ae5b844552d \
@@ -115,7 +115,7 @@ pyyaml==6.0.2 \
--hash=sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12 \
--hash=sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4
# via -r hermetic_build/common/requirements.in
-smmap==5.0.1 \
- --hash=sha256:dceeb6c0028fdb6734471eb07c0cd2aae706ccaecab45965ee83f11c8d3b1f62 \
- --hash=sha256:e6d8668fa5f93e706934a62d7b4db19c8d9eb8cf2adbb75ef1b675aa332b69da
+smmap==5.0.2 \
+ --hash=sha256:26ea65a03958fa0c8a1c7e8c7a58fdc77221b8910f6be2131affade476898ad5 \
+ --hash=sha256:b30115f0def7d7531d22a0fb6502488d879e75b260a9db4d0819cfb25403af5e
# via gitdb
diff --git a/hermetic_build/library_generation/requirements.in b/hermetic_build/library_generation/requirements.in
index 9eef0bbd74..4d91f5b7fa 100644
--- a/hermetic_build/library_generation/requirements.in
+++ b/hermetic_build/library_generation/requirements.in
@@ -1,5 +1,5 @@
attrs==24.2.0
click==8.1.7
-jinja2==3.1.4
+jinja2==3.1.5
lxml==5.3.0
PyYAML==6.0.2
\ No newline at end of file
diff --git a/hermetic_build/library_generation/requirements.txt b/hermetic_build/library_generation/requirements.txt
index 4edb128302..4f0b1c3f43 100644
--- a/hermetic_build/library_generation/requirements.txt
+++ b/hermetic_build/library_generation/requirements.txt
@@ -7,15 +7,15 @@
attrs==24.2.0 \
--hash=sha256:5cfb1b9148b5b086569baec03f20d7b6bf3bcacc9a42bebf87ffaaca362f6346 \
--hash=sha256:81921eb96de3191c8258c199618104dd27ac608d9366f5e35d011eae1867ede2
- # via -r hermetic_build/library_generation/requirements.in
+ # via -r requirements.in
click==8.1.7 \
--hash=sha256:ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28 \
--hash=sha256:ca9853ad459e787e2192211578cc907e7594e294c7ccc834310722b41b9ca6de
- # via -r hermetic_build/library_generation/requirements.in
-jinja2==3.1.4 \
- --hash=sha256:4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369 \
- --hash=sha256:bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d
- # via -r hermetic_build/library_generation/requirements.in
+ # via -r requirements.in
+jinja2==3.1.5 \
+ --hash=sha256:8fefff8dc3034e27bb80d67c671eb8a9bc424c0ef4c0826edbff304cceff43bb \
+ --hash=sha256:aba0f4dc9ed8013c424088f68a5c226f7d6097ed89b246d7749c2ec4175c6adb
+ # via -r requirements.in
lxml==5.3.0 \
--hash=sha256:01220dca0d066d1349bd6a1726856a78f7929f3878f7e2ee83c296c69495309e \
--hash=sha256:02ced472497b8362c8e902ade23e3300479f4f43e45f4105c85ef43b8db85229 \
@@ -155,7 +155,7 @@ lxml==5.3.0 \
--hash=sha256:f7d4a670107d75dfe5ad080bed6c341d18c4442f9378c9f58e5851e86eb79965 \
--hash=sha256:f914c03e6a31deb632e2daa881fe198461f4d06e57ac3d0e05bbcab8eae01945 \
--hash=sha256:fb66442c2546446944437df74379e9cf9e9db353e61301d1a0e26482f43f0dd8
- # via -r hermetic_build/library_generation/requirements.in
+ # via -r requirements.in
markupsafe==3.0.2 \
--hash=sha256:0bff5e0ae4ef2e1ae4fdf2dfd5b76c75e5c2fa4132d05fc1b0dabcd20c7e28c4 \
--hash=sha256:0f4ca02bea9a23221c0182836703cbf8930c5e9454bacce27e767509fa286a30 \
@@ -273,4 +273,4 @@ pyyaml==6.0.2 \
--hash=sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba \
--hash=sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12 \
--hash=sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4
- # via -r hermetic_build/library_generation/requirements.in
+ # via -r requirements.in
diff --git a/hermetic_build/release_note_generation/requirements.txt b/hermetic_build/release_note_generation/requirements.txt
index 5032108ff9..66fc4abe33 100644
--- a/hermetic_build/release_note_generation/requirements.txt
+++ b/hermetic_build/release_note_generation/requirements.txt
@@ -12,11 +12,11 @@ gitdb==4.0.11 \
--hash=sha256:81a3407ddd2ee8df444cbacea00e2d038e40150acfa3001696fe0dcf1d3adfa4 \
--hash=sha256:bf5421126136d6d0af55bc1e7c1af1c397a34f5b7bd79e776cd3e89785c2b04b
# via gitpython
-gitpython==3.1.43 \
- --hash=sha256:35f314a9f878467f5453cc1fee295c3e18e52f1b99f10f6cf5b1682e968a9e7c \
- --hash=sha256:eec7ec56b92aad751f9912a73404bc02ba212a23adb2c7098ee668417051a1ff
+GitPython==3.1.44 \
+ --hash=sha256:9e0e10cda9bed1ee64bc9a6de50e7e38a9c9943241cd7f585f6df3ed28011110 \
+ --hash=sha256:c87e30b26253bf5418b01b0660f818967f3c503193838337fe5e573331249269
# via -r hermetic_build/release_note_generation/requirements.in
-smmap==5.0.1 \
- --hash=sha256:dceeb6c0028fdb6734471eb07c0cd2aae706ccaecab45965ee83f11c8d3b1f62 \
- --hash=sha256:e6d8668fa5f93e706934a62d7b4db19c8d9eb8cf2adbb75ef1b675aa332b69da
+smmap==5.0.2 \
+ --hash=sha256:26ea65a03958fa0c8a1c7e8c7a58fdc77221b8910f6be2131affade476898ad5 \
+ --hash=sha256:b30115f0def7d7531d22a0fb6502488d879e75b260a9db4d0819cfb25403af5e
# via gitdb
diff --git a/java-common-protos/grpc-google-common-protos/pom.xml b/java-common-protos/grpc-google-common-protos/pom.xml
index 22e9007e5f..f9107ae4f3 100644
--- a/java-common-protos/grpc-google-common-protos/pom.xml
+++ b/java-common-protos/grpc-google-common-protos/pom.xml
@@ -4,13 +4,13 @@
4.0.0
com.google.api.grpc
grpc-google-common-protos
- 2.50.1
+ 2.51.0
grpc-google-common-protos
GRPC library for grpc-google-common-protos
com.google.api.grpc
google-common-protos-parent
- 2.50.1
+ 2.51.0
diff --git a/java-common-protos/pom.xml b/java-common-protos/pom.xml
index a4e4e61380..9977f9cffe 100644
--- a/java-common-protos/pom.xml
+++ b/java-common-protos/pom.xml
@@ -4,7 +4,7 @@
com.google.api.grpc
google-common-protos-parent
pom
- 2.50.1
+ 2.51.0
Google Common Protos Parent
Java idiomatic client for Google Cloud Platform services.
@@ -13,7 +13,7 @@
com.google.api
gapic-generator-java-pom-parent
- 2.51.1
+ 2.52.0
../gapic-generator-java-pom-parent
@@ -31,16 +31,6 @@
Google LLC
-
-
- sonatype-nexus-snapshots
- https://google.oss.sonatype.org/content/repositories/snapshots
-
-
- sonatype-nexus-staging
- https://google.oss.sonatype.org/service/local/staging/deploy/maven2/
-
-
Apache-2.0
@@ -61,7 +51,7 @@
com.google.cloud
third-party-dependencies
- 3.41.1
+ 3.42.0
pom
import
@@ -75,7 +65,7 @@
com.google.api.grpc
grpc-google-common-protos
- 2.50.1
+ 2.51.0
io.grpc
@@ -87,7 +77,7 @@
com.google.api.grpc
proto-google-common-protos
- 2.50.1
+ 2.51.0
com.google.guava
diff --git a/java-common-protos/proto-google-common-protos/pom.xml b/java-common-protos/proto-google-common-protos/pom.xml
index 6e7c48b6f6..edf8884dba 100644
--- a/java-common-protos/proto-google-common-protos/pom.xml
+++ b/java-common-protos/proto-google-common-protos/pom.xml
@@ -3,13 +3,13 @@
4.0.0
com.google.api.grpc
proto-google-common-protos
- 2.50.1
+ 2.51.0
proto-google-common-protos
PROTO library for proto-google-common-protos
com.google.api.grpc
google-common-protos-parent
- 2.50.1
+ 2.51.0
diff --git a/java-core/google-cloud-core-bom/pom.xml b/java-core/google-cloud-core-bom/pom.xml
index 84c92ff33f..4143b235d5 100644
--- a/java-core/google-cloud-core-bom/pom.xml
+++ b/java-core/google-cloud-core-bom/pom.xml
@@ -3,13 +3,13 @@
4.0.0
com.google.cloud
google-cloud-core-bom
- 2.49.1
+ 2.50.0
pom
com.google.api
gapic-generator-java-pom-parent
- 2.51.1
+ 2.52.0
../../gapic-generator-java-pom-parent
@@ -23,17 +23,17 @@
com.google.cloud
google-cloud-core
- 2.49.1
+ 2.50.0
com.google.cloud
google-cloud-core-grpc
- 2.49.1
+ 2.50.0
com.google.cloud
google-cloud-core-http
- 2.49.1
+ 2.50.0
diff --git a/java-core/google-cloud-core-grpc/pom.xml b/java-core/google-cloud-core-grpc/pom.xml
index 4668a71058..9a8b9c9570 100644
--- a/java-core/google-cloud-core-grpc/pom.xml
+++ b/java-core/google-cloud-core-grpc/pom.xml
@@ -3,7 +3,7 @@
4.0.0
com.google.cloud
google-cloud-core-grpc
- 2.49.1
+ 2.50.0
jar
Google Cloud Core gRPC
@@ -12,7 +12,7 @@
com.google.cloud
google-cloud-core-parent
- 2.49.1
+ 2.50.0
google-cloud-core-grpc
diff --git a/java-core/google-cloud-core-http/pom.xml b/java-core/google-cloud-core-http/pom.xml
index eac7518caa..4635161519 100644
--- a/java-core/google-cloud-core-http/pom.xml
+++ b/java-core/google-cloud-core-http/pom.xml
@@ -3,7 +3,7 @@
4.0.0
com.google.cloud
google-cloud-core-http
- 2.49.1
+ 2.50.0
jar
Google Cloud Core HTTP
@@ -12,7 +12,7 @@
com.google.cloud
google-cloud-core-parent
- 2.49.1
+ 2.50.0
google-cloud-core-http
diff --git a/java-core/google-cloud-core/pom.xml b/java-core/google-cloud-core/pom.xml
index db6e114ca6..f0f00492b8 100644
--- a/java-core/google-cloud-core/pom.xml
+++ b/java-core/google-cloud-core/pom.xml
@@ -3,7 +3,7 @@
4.0.0
com.google.cloud
google-cloud-core
- 2.49.1
+ 2.50.0
jar
Google Cloud Core
@@ -12,7 +12,7 @@
com.google.cloud
google-cloud-core-parent
- 2.49.1
+ 2.50.0
google-cloud-core
diff --git a/java-core/pom.xml b/java-core/pom.xml
index 071e72b0cd..1fe5c79ade 100644
--- a/java-core/pom.xml
+++ b/java-core/pom.xml
@@ -4,7 +4,7 @@
com.google.cloud
google-cloud-core-parent
pom
- 2.49.1
+ 2.50.0
Google Cloud Core Parent
Java idiomatic client for Google Cloud Platform services.
@@ -13,7 +13,7 @@
com.google.api
gapic-generator-java-pom-parent
- 2.51.1
+ 2.52.0
../gapic-generator-java-pom-parent
@@ -33,7 +33,7 @@
com.google.cloud
google-cloud-shared-dependencies
- 3.41.1
+ 3.42.0
pom
import
diff --git a/java-iam/grpc-google-iam-v1/pom.xml b/java-iam/grpc-google-iam-v1/pom.xml
index 06d16b5190..909650042c 100644
--- a/java-iam/grpc-google-iam-v1/pom.xml
+++ b/java-iam/grpc-google-iam-v1/pom.xml
@@ -4,13 +4,13 @@
4.0.0
com.google.api.grpc
grpc-google-iam-v1
- 1.45.1
+ 1.46.0
grpc-google-iam-v1
GRPC library for grpc-google-iam-v1
com.google.cloud
google-iam-parent
- 1.45.1
+ 1.46.0
diff --git a/java-iam/grpc-google-iam-v2/pom.xml b/java-iam/grpc-google-iam-v2/pom.xml
index 807e3b60ce..102ac4df6d 100644
--- a/java-iam/grpc-google-iam-v2/pom.xml
+++ b/java-iam/grpc-google-iam-v2/pom.xml
@@ -4,13 +4,13 @@
4.0.0
com.google.api.grpc
grpc-google-iam-v2
- 1.45.1
+ 1.46.0
grpc-google-iam-v2
GRPC library for proto-google-iam-v2
com.google.cloud
google-iam-parent
- 1.45.1
+ 1.46.0
diff --git a/java-iam/grpc-google-iam-v2beta/pom.xml b/java-iam/grpc-google-iam-v2beta/pom.xml
index 77651b0fc3..b99b85df51 100644
--- a/java-iam/grpc-google-iam-v2beta/pom.xml
+++ b/java-iam/grpc-google-iam-v2beta/pom.xml
@@ -4,13 +4,13 @@
4.0.0
com.google.api.grpc
grpc-google-iam-v2beta
- 1.45.1
+ 1.46.0
grpc-google-iam-v2beta
GRPC library for proto-google-iam-v1
com.google.cloud
google-iam-parent
- 1.45.1
+ 1.46.0
diff --git a/java-iam/pom.xml b/java-iam/pom.xml
index c578aa22b4..6f33321f4d 100644
--- a/java-iam/pom.xml
+++ b/java-iam/pom.xml
@@ -4,7 +4,7 @@
com.google.cloud
google-iam-parent
pom
- 1.45.1
+ 1.46.0
Google IAM Parent
Java idiomatic client for Google Cloud Platform services.
@@ -13,7 +13,7 @@
com.google.api
gapic-generator-java-pom-parent
- 2.51.1
+ 2.52.0
../gapic-generator-java-pom-parent
@@ -31,16 +31,6 @@
Google LLC
-
-
- sonatype-nexus-snapshots
- https://google.oss.sonatype.org/content/repositories/snapshots
-
-
- sonatype-nexus-staging
- https://google.oss.sonatype.org/service/local/staging/deploy/maven2/
-
-
Apache-2.0
@@ -60,7 +50,7 @@
com.google.cloud
third-party-dependencies
- 3.41.1
+ 3.42.0
pom
import
@@ -88,44 +78,44 @@
com.google.api
gax-bom
- 2.59.1
+ 2.60.0
pom
import
com.google.api.grpc
proto-google-iam-v2
- 1.45.1
+ 1.46.0
com.google.api.grpc
grpc-google-iam-v2
- 1.45.1
+ 1.46.0
com.google.api.grpc
proto-google-common-protos
- 2.50.1
+ 2.51.0
com.google.api.grpc
proto-google-iam-v2beta
- 1.45.1
+ 1.46.0
com.google.api.grpc
grpc-google-iam-v1
- 1.45.1
+ 1.46.0
com.google.api.grpc
grpc-google-iam-v2beta
- 1.45.1
+ 1.46.0
com.google.api.grpc
proto-google-iam-v1
- 1.45.1
+ 1.46.0
javax.annotation
diff --git a/java-iam/proto-google-iam-v1/pom.xml b/java-iam/proto-google-iam-v1/pom.xml
index 68015e3ec6..e4734a8876 100644
--- a/java-iam/proto-google-iam-v1/pom.xml
+++ b/java-iam/proto-google-iam-v1/pom.xml
@@ -3,13 +3,13 @@
4.0.0
com.google.api.grpc
proto-google-iam-v1
- 1.45.1
+ 1.46.0
proto-google-iam-v1
PROTO library for proto-google-iam-v1
com.google.cloud
google-iam-parent
- 1.45.1
+ 1.46.0
diff --git a/java-iam/proto-google-iam-v2/pom.xml b/java-iam/proto-google-iam-v2/pom.xml
index a888ac6092..ac421e0e68 100644
--- a/java-iam/proto-google-iam-v2/pom.xml
+++ b/java-iam/proto-google-iam-v2/pom.xml
@@ -4,13 +4,13 @@
4.0.0
com.google.api.grpc
proto-google-iam-v2
- 1.45.1
+ 1.46.0
proto-google-iam-v2
Proto library for proto-google-iam-v1
com.google.cloud
google-iam-parent
- 1.45.1
+ 1.46.0
diff --git a/java-iam/proto-google-iam-v2beta/pom.xml b/java-iam/proto-google-iam-v2beta/pom.xml
index e42fd85152..fbde7fe561 100644
--- a/java-iam/proto-google-iam-v2beta/pom.xml
+++ b/java-iam/proto-google-iam-v2beta/pom.xml
@@ -4,13 +4,13 @@
4.0.0
com.google.api.grpc
proto-google-iam-v2beta
- 1.45.1
+ 1.46.0
proto-google-iam-v2beta
Proto library for proto-google-iam-v1
com.google.cloud
google-iam-parent
- 1.45.1
+ 1.46.0
diff --git a/java-shared-dependencies/README.md b/java-shared-dependencies/README.md
index 4f8db8ebf5..1bdf37d3f3 100644
--- a/java-shared-dependencies/README.md
+++ b/java-shared-dependencies/README.md
@@ -14,7 +14,7 @@ If you are using Maven, add this to the `dependencyManagement` section.
com.google.cloud
google-cloud-shared-dependencies
- 3.41.1
+ 3.42.0
pom
import
diff --git a/java-shared-dependencies/dependency-convergence-check/pom.xml b/java-shared-dependencies/dependency-convergence-check/pom.xml
index f1f1fa8eff..c28a5fbc37 100644
--- a/java-shared-dependencies/dependency-convergence-check/pom.xml
+++ b/java-shared-dependencies/dependency-convergence-check/pom.xml
@@ -3,7 +3,7 @@
4.0.0
com.google.cloud
shared-dependencies-dependency-convergence-test
- 3.41.1
+ 3.42.0
Dependency convergence test for certain artifacts in Google Cloud Shared Dependencies
An dependency convergence test case for the shared dependencies BOM. A failure of this test case means
diff --git a/java-shared-dependencies/first-party-dependencies/pom.xml b/java-shared-dependencies/first-party-dependencies/pom.xml
index aeada96ec1..5bc75b0cca 100644
--- a/java-shared-dependencies/first-party-dependencies/pom.xml
+++ b/java-shared-dependencies/first-party-dependencies/pom.xml
@@ -6,7 +6,7 @@
com.google.cloud
first-party-dependencies
pom
- 3.41.1
+ 3.42.0
Google Cloud First-party Shared Dependencies
Shared first-party dependencies for Google Cloud Java libraries.
@@ -24,7 +24,7 @@
${project.artifactId}
1.6.1
1.37.0
- 2.7.1
+ 2.7.2
@@ -33,7 +33,7 @@
com.google.api
gapic-generator-java-bom
- 2.51.1
+ 2.52.0
pom
import
@@ -45,7 +45,7 @@
com.google.cloud
google-cloud-core-bom
- 2.49.1
+ 2.50.0
pom
import
@@ -69,13 +69,13 @@
com.google.cloud
google-cloud-core
- 2.49.1
+ 2.50.0
test-jar
com.google.cloud
google-cloud-core
- 2.49.1
+ 2.50.0
tests
diff --git a/java-shared-dependencies/pom.xml b/java-shared-dependencies/pom.xml
index 790d58dac1..2bfa1d4de4 100644
--- a/java-shared-dependencies/pom.xml
+++ b/java-shared-dependencies/pom.xml
@@ -4,7 +4,7 @@
com.google.cloud
google-cloud-shared-dependencies
pom
- 3.41.1
+ 3.42.0
first-party-dependencies
third-party-dependencies
@@ -17,7 +17,7 @@
com.google.api
gapic-generator-java-pom-parent
- 2.51.1
+ 2.52.0
../gapic-generator-java-pom-parent
@@ -31,14 +31,14 @@
com.google.cloud
first-party-dependencies
- 3.41.1
+ 3.42.0
pom
import
com.google.cloud
third-party-dependencies
- 3.41.1
+ 3.42.0
pom
import
diff --git a/java-shared-dependencies/third-party-dependencies/pom.xml b/java-shared-dependencies/third-party-dependencies/pom.xml
index b3e3c6a491..9d3341d983 100644
--- a/java-shared-dependencies/third-party-dependencies/pom.xml
+++ b/java-shared-dependencies/third-party-dependencies/pom.xml
@@ -6,7 +6,7 @@
com.google.cloud
third-party-dependencies
pom
- 3.41.1
+ 3.42.0
Google Cloud Third-party Shared Dependencies
Shared third-party dependencies for Google Cloud Java libraries.
@@ -15,7 +15,7 @@
com.google.api
gapic-generator-java-pom-parent
- 2.51.1
+ 2.52.0
../../gapic-generator-java-pom-parent
@@ -29,11 +29,11 @@
3.0.2
2.18.2
2.36.0
- 1.17.1
+ 1.17.2
4.4.16
4.5.14
- 3.48.3
+ 3.48.4
0.27.0
3.0.0
0.33.0
@@ -42,7 +42,7 @@
0.8
15.0.2
0.6.0
- 1.15.0
+ 1.16.0
diff --git a/java-shared-dependencies/upper-bound-check/pom.xml b/java-shared-dependencies/upper-bound-check/pom.xml
index 150264bc4b..2f229d6d7e 100644
--- a/java-shared-dependencies/upper-bound-check/pom.xml
+++ b/java-shared-dependencies/upper-bound-check/pom.xml
@@ -4,7 +4,7 @@
com.google.cloud
shared-dependencies-upper-bound-test
pom
- 3.41.1
+ 3.42.0
Upper bound test for Google Cloud Shared Dependencies
An upper bound test case for the shared dependencies BOM. A failure of this test case means
@@ -30,7 +30,7 @@
com.google.cloud
google-cloud-shared-dependencies
- 3.41.1
+ 3.42.0
pom
import
diff --git a/renovate.json b/renovate.json
index 31f0ff21b8..fa40e87d89 100644
--- a/renovate.json
+++ b/renovate.json
@@ -110,7 +110,8 @@
"versioning": "docker",
"matchPackageNames": [
"/^com.google.guava:/"
- ]
+ ],
+ "enabled": false
},
{
"semanticCommitType": "deps",
@@ -168,7 +169,8 @@
"groupName": "gRPC dependencies",
"matchPackageNames": [
"/^io.grpc/"
- ]
+ ],
+ "enabled": false
},
{
"groupName": "Google Auth Library dependencies",
diff --git a/sdk-platform-java-config/pom.xml b/sdk-platform-java-config/pom.xml
index 258f5a856b..b489ec13bb 100644
--- a/sdk-platform-java-config/pom.xml
+++ b/sdk-platform-java-config/pom.xml
@@ -4,7 +4,7 @@
com.google.cloud
sdk-platform-java-config
pom
- 3.41.1
+ 3.42.0
SDK Platform For Java Configurations
Shared build configuration for Google Cloud Java libraries.
@@ -17,6 +17,6 @@
- 3.41.1
+ 3.42.0
\ No newline at end of file
diff --git a/showcase/pom.xml b/showcase/pom.xml
index ee1acd4bb2..7c482b9358 100644
--- a/showcase/pom.xml
+++ b/showcase/pom.xml
@@ -34,7 +34,7 @@
com.google.cloud
google-cloud-shared-dependencies
- 3.41.1
+ 3.42.0
pom
import
diff --git a/versions.txt b/versions.txt
index 9ad76bddc0..1b5cc77cc1 100644
--- a/versions.txt
+++ b/versions.txt
@@ -1,19 +1,19 @@
# Format:
# module:released-version:current-version
-gapic-generator-java:2.51.1:2.51.1
-api-common:2.42.1:2.42.1
-gax:2.59.1:2.59.1
-gax-grpc:2.59.1:2.59.1
-gax-httpjson:0.144.1:0.144.1
-proto-google-common-protos:2.50.1:2.50.1
-grpc-google-common-protos:2.50.1:2.50.1
-proto-google-iam-v1:1.45.1:1.45.1
-grpc-google-iam-v1:1.45.1:1.45.1
-proto-google-iam-v2beta:1.45.1:1.45.1
-grpc-google-iam-v2beta:1.45.1:1.45.1
-google-iam-policy:1.45.1:1.45.1
-proto-google-iam-v2:1.45.1:1.45.1
-grpc-google-iam-v2:1.45.1:1.45.1
-google-cloud-core:2.49.1:2.49.1
-google-cloud-shared-dependencies:3.41.1:3.41.1
+gapic-generator-java:2.52.0:2.52.0
+api-common:2.43.0:2.43.0
+gax:2.60.0:2.60.0
+gax-grpc:2.60.0:2.60.0
+gax-httpjson:0.145.0:0.145.0
+proto-google-common-protos:2.51.0:2.51.0
+grpc-google-common-protos:2.51.0:2.51.0
+proto-google-iam-v1:1.46.0:1.46.0
+grpc-google-iam-v1:1.46.0:1.46.0
+proto-google-iam-v2beta:1.46.0:1.46.0
+grpc-google-iam-v2beta:1.46.0:1.46.0
+google-iam-policy:1.46.0:1.46.0
+proto-google-iam-v2:1.46.0:1.46.0
+grpc-google-iam-v2:1.46.0:1.46.0
+google-cloud-core:2.50.0:2.50.0
+google-cloud-shared-dependencies:3.42.0:3.42.0