-
Notifications
You must be signed in to change notification settings - Fork 114
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: allow non-default service account for DP #2635
Changes from all commits
96f3f9b
eafbd4c
6b7c9aa
47c9ea1
608cf1b
11b2ac9
4a196b0
d36fb3a
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -53,6 +53,7 @@ | |
import com.google.api.gax.rpc.UnavailableException; | ||
import com.google.api.gax.rpc.WatchdogProvider; | ||
import com.google.api.pathtemplate.PathTemplate; | ||
import com.google.cloud.NoCredentials; | ||
import com.google.cloud.RetryHelper; | ||
import com.google.cloud.RetryHelper.RetryHelperException; | ||
import com.google.cloud.grpc.GcpManagedChannelBuilder; | ||
|
@@ -339,9 +340,16 @@ public GapicSpannerRpc(final SpannerOptions options) { | |
// This sets the response compressor (Server -> Client). | ||
.withEncoding(compressorName)) | ||
.setHeaderProvider(headerProviderWithUserAgent) | ||
.setAllowNonDefaultServiceAccount(true) | ||
// Attempts direct access to spanner service over gRPC to improve throughput, | ||
// whether the attempt is allowed is totally controlled by service owner. | ||
.setAttemptDirectPath(true); | ||
// We'll only attempt DirectPath if we are using real credentials. | ||
// NoCredentials is used for plain text connections, for example when connecting to | ||
// the emulator. | ||
.setAttemptDirectPath( | ||
options.isAttemptDirectPath() | ||
&& !Objects.equals( | ||
options.getScopedCredentials(), NoCredentials.getInstance())); | ||
Comment on lines
+351
to
+352
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
This sounds more like a identification strategy for emulator. Can't we use the env variable used to identify emulator instead? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We need this for more than just the emulator. This is also used for the in-memory Spanner mock server tests that also use |
||
|
||
// If it is enabled in options uses the channel pool provided by the gRPC-GCP extension. | ||
maybeEnableGrpcGcpExtension(defaultChannelProviderBuilder, options); | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure. It is certainly something that they should not do for normal production connections. As we've seen in our own tests however, it is something that you need to do when connecting to something local that does not use credentials. That could be the emulator (and we turn it off by default if they connect in a known way to the emulator). It is also required for connecting to an in-mem Spanner test server like the ones that we use for our own testing. I don't think many customers use it, but it is not unthinkable.