Skip to content

[Spanner] credentials object not passed into InstanceAdminAPI #3070

New issue
New issue
Closed
Closed
[Spanner] credentials object not passed into InstanceAdminAPI#3070
Assignees
tseaver
Labels
api: spannerIssues related to the Spanner API.authrelease blockingRequired feature/issue must be fixed prior to next release.type: bugError or flaw in code with unintended results or allowing sub-optimal usage patterns.
@supertom

Description

@supertom
supertom
opened on Feb 25, 2017

Hi Folks,

I don't see that the credentials I pass into the Spanner Client are being used for the InstanceAdminClient or DatabaseAdminClient instantiations. I'm chasing a downstream bug and will fill in details soon, but from what I see, defaultcredentials are assumed to be used when using those APIs, whereas it should use the provided credentials object.

  1. OS type and version
    CentOS
  2. Python version and virtual environment information python --version
    Python 2.7.9
  3. google-cloud-python version pip show google-cloud, pip show google-<service> or pip freeze
gapic-google-cloud-spanner-admin-database-v1==0.15.0
gapic-google-cloud-spanner-admin-instance-v1==0.15.0
gapic-google-cloud-spanner-v1==0.15.0
google-auth==0.8.0
google-auth-httplib2==0.0.2
google-cloud-core==0.23.1
google-cloud-spanner==0.23.1
google-compute-engine==2.3.2
google-gax==0.15.6
googleapis-common-protos==1.5.2
grpc-google-iam-v1==0.11.1
grpcio==1.1.3
  1. Stacktrace if available
  2. Steps to reproduce
  • Create credentials with a service account. Make sure default credentials will fail.
  • Try to interact with an instance.
  1. Code example
import google.auth.credentials
from google.cloud import spanner
from google.oauth2 import service_account
SPANNER_ADMIN_SCOPE = 'https://www.googleapis.com/auth/spanner.admin'
JSON_KEY='/home/me/keys/mykey.json'

credentials = service_account.Credentials.from_service_account_file(
                JSON_KEY)
scopes = [ SPANNER_ADMIN_SCOPE ]
credentials = credentials.with_scopes(scopes)
# credentials = google.auth.credentials.with_scopes_if_required(credentials, scopes)
sc = spanner.Client(project='my-project, credentials=credentials)

i = sc.instance('my-instance', configuration_name='regionally-us-central1')
i.exists()

I checked these sites before filing:

Metadata

Metadata

Assignees

Labels

api: spannerIssues related to the Spanner API.authrelease blockingRequired feature/issue must be fixed prior to next release.type: bugError or flaw in code with unintended results or allowing sub-optimal usage patterns.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions