23 lines
14 KiB
HTML
23 lines
14 KiB
HTML
<html><head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
|
|
<title>154. Spring Cloud GCP Core</title><link rel="stylesheet" type="text/css" href="css/manual-multipage.css"><meta name="generator" content="DocBook XSL Stylesheets V1.79.1"><link rel="home" href="multi_spring-cloud.html" title="Spring Cloud"><link rel="up" href="multi_spring-cloud-gcp-reference.html" title="Part XVIII. Spring Cloud GCP"><link rel="prev" href="multi__getting_started_2.html" title="153. Getting started"><link rel="next" href="multi__google_cloud_pubsub.html" title="155. Google Cloud Pub/Sub"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">154. Spring Cloud GCP Core</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="multi__getting_started_2.html">Prev</a> </td><th width="60%" align="center">Part XVIII. Spring Cloud GCP</th><td width="20%" align="right"> <a accesskey="n" href="multi__google_cloud_pubsub.html">Next</a></td></tr></table><hr></div><div class="chapter"><div class="titlepage"><div><div><h2 class="title"><a name="spring-cloud-gcp-core" href="#spring-cloud-gcp-core"></a>154. Spring Cloud GCP Core</h2></div></div></div><p>Each Spring Cloud GCP module uses <code class="literal">GcpProjectIdProvider</code> and <code class="literal">CredentialsProvider</code> to get the GCP project ID and access credentials.</p><p>Spring Cloud GCP provides a Spring Boot starter to auto-configure the core components.</p><p>Maven coordinates, using Spring Cloud GCP BOM:</p><pre class="programlisting"><span xmlns:d="http://docbook.org/ns/docbook" class="hl-tag"><dependency></span>
|
|
<span xmlns:d="http://docbook.org/ns/docbook" class="hl-tag"><groupId></span>org.springframework.cloud<span xmlns:d="http://docbook.org/ns/docbook" class="hl-tag"></groupId></span>
|
|
<span xmlns:d="http://docbook.org/ns/docbook" class="hl-tag"><artifactId></span>spring-cloud-gcp-starter<span xmlns:d="http://docbook.org/ns/docbook" class="hl-tag"></artifactId></span>
|
|
<span xmlns:d="http://docbook.org/ns/docbook" class="hl-tag"></dependency></span></pre><p>Gradle coordinates:</p><pre class="screen">dependencies {
|
|
compile group: 'org.springframework.cloud', name: 'spring-cloud-gcp-starter'
|
|
}</pre><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="_project_id" href="#_project_id"></a>154.1 Project ID</h2></div></div></div><p><code class="literal">GcpProjectIdProvider</code> is a functional interface that returns a GCP project ID string.</p><pre class="programlisting"><span xmlns:d="http://docbook.org/ns/docbook" class="hl-keyword">public</span> <span xmlns:d="http://docbook.org/ns/docbook" class="hl-keyword">interface</span> GcpProjectIdProvider {
|
|
String getProjectId();
|
|
}</pre><p>The Spring Cloud GCP starter auto-configures a <code class="literal">GcpProjectIdProvider</code>.
|
|
If a <code class="literal">spring.cloud.gcp.project-id</code> property is specified, the provided <code class="literal">GcpProjectIdProvider</code> returns that property value.</p><pre class="programlisting">spring.cloud.gcp.project-id=my-gcp-project-id</pre><p>Otherwise, the project ID is discovered based on an
|
|
<a class="link" href="https://googlecloudplatform.github.io/google-cloud-java/google-cloud-clients/apidocs/com/google/cloud/ServiceOptions.html#getDefaultProjectId--" target="_top">ordered list of rules</a>:</p><div class="orderedlist"><ol class="orderedlist" type="1"><li class="listitem">The project ID specified by the <code class="literal">GOOGLE_CLOUD_PROJECT</code> environment variable</li><li class="listitem">The Google App Engine project ID</li><li class="listitem">The project ID specified in the JSON credentials file pointed by the <code class="literal">GOOGLE_APPLICATION_CREDENTIALS</code> environment variable</li><li class="listitem">The Google Cloud SDK project ID</li><li class="listitem">The Google Compute Engine project ID, from the Google Compute Engine Metadata Server</li></ol></div></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="_credentials" href="#_credentials"></a>154.2 Credentials</h2></div></div></div><p><code class="literal">CredentialsProvider</code> is a functional interface that returns the credentials to authenticate and authorize calls to Google Cloud Client Libraries.</p><pre class="programlisting"><span xmlns:d="http://docbook.org/ns/docbook" class="hl-keyword">public</span> <span xmlns:d="http://docbook.org/ns/docbook" class="hl-keyword">interface</span> CredentialsProvider {
|
|
Credentials getCredentials() <span xmlns:d="http://docbook.org/ns/docbook" class="hl-keyword">throws</span> IOException;
|
|
}</pre><p>The Spring Cloud GCP starter auto-configures a <code class="literal">CredentialsProvider</code>.
|
|
It uses the <code class="literal">spring.cloud.gcp.credentials.location</code> property to locate the OAuth2 private key of a Google service account.
|
|
Keep in mind this property is a Spring Resource, so the credentials file can be obtained from a number of <a class="link" href="https://docs.spring.io/spring/docs/current/spring-framework-reference/html/resources.html#resources-implementations" target="_top">different locations</a> such as the file system, classpath, URL, etc.
|
|
The next example specifies the credentials location property in the file system.</p><pre class="screen">spring.cloud.gcp.credentials.location=file:/usr/local/key.json</pre><p>Alternatively, you can set the credentials by directly specifying the <code class="literal">spring.cloud.gcp.credentials.encoded-key</code> property.
|
|
The value should be the base64-encoded account private key in JSON format.</p><p>If that credentials aren’t specified through properties, the starter tries to discover credentials from a <a class="link" href="https://github.com/GoogleCloudPlatform/google-cloud-java#authentication" target="_top">number of places</a>:</p><div class="orderedlist"><ol class="orderedlist" type="1"><li class="listitem">Credentials file pointed to by the <code class="literal">GOOGLE_APPLICATION_CREDENTIALS</code> environment variable</li><li class="listitem">Credentials provided by the Google Cloud SDK <code class="literal">gcloud auth application-default login</code> command</li><li class="listitem">Google App Engine built-in credentials</li><li class="listitem">Google Cloud Shell built-in credentials</li><li class="listitem">Google Compute Engine built-in credentials</li></ol></div><p>If your app is running on Google App Engine or Google Compute Engine, in most cases, you should omit the <code class="literal">spring.cloud.gcp.credentials.location</code> property and, instead, let the Spring Cloud GCP Starter get the correct credentials for those environments.
|
|
On App Engine Standard, the <a class="link" href="https://cloud.google.com/appengine/docs/standard/java/appidentity/" target="_top">App Identity service account credentials</a> are used, on App Engine Flexible, the <a class="link" href="https://cloud.google.com/appengine/docs/flexible/java/service-account" target="_top">Flexible service account credential</a> are used and on Google Compute Engine, the <a class="link" href="https://cloud.google.com/compute/docs/access/create-enable-service-accounts-for-instances#using_the_compute_engine_default_service_account" target="_top">Compute Engine Default Service Account</a> is used.</p><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="_scopes" href="#_scopes"></a>154.2.1 Scopes</h3></div></div></div><p>By default, the credentials provided by the Spring Cloud GCP Starter contain scopes for every service supported by Spring Cloud GCP.</p><div class="informaltable"><table class="informaltable" style="border-collapse: collapse;border-top: 1px solid ; border-bottom: 1px solid ; "><colgroup><col class="col_1"><col class="col_2"></colgroup><tbody><tr><td style="border-right: 1px solid ; border-bottom: 1px solid ; " align="left" valign="top"><p>Service</p></td><td style="border-bottom: 1px solid ; " align="left" valign="top"><p>Scope</p></td></tr><tr><td style="border-right: 1px solid ; border-bottom: 1px solid ; " align="left" valign="top"><p>Spanner</p></td><td style="border-bottom: 1px solid ; " align="left" valign="top"><p><a class="link" href="https://www.googleapis.com/auth/spanner.admin" target="_top">https://www.googleapis.com/auth/spanner.admin</a>, <a class="link" href="https://www.googleapis.com/auth/spanner.data" target="_top">https://www.googleapis.com/auth/spanner.data</a></p></td></tr><tr><td style="border-right: 1px solid ; border-bottom: 1px solid ; " align="left" valign="top"><p>Datastore</p></td><td style="border-bottom: 1px solid ; " align="left" valign="top"><p><a class="link" href="https://www.googleapis.com/auth/datastore" target="_top">https://www.googleapis.com/auth/datastore</a></p></td></tr><tr><td style="border-right: 1px solid ; border-bottom: 1px solid ; " align="left" valign="top"><p>Pub/Sub</p></td><td style="border-bottom: 1px solid ; " align="left" valign="top"><p><a class="link" href="https://www.googleapis.com/auth/pubsub" target="_top">https://www.googleapis.com/auth/pubsub</a></p></td></tr><tr><td style="border-right: 1px solid ; border-bottom: 1px solid ; " align="left" valign="top"><p>Storage (Read Only)</p></td><td style="border-bottom: 1px solid ; " align="left" valign="top"><p><a class="link" href="https://www.googleapis.com/auth/devstorage.read_only" target="_top">https://www.googleapis.com/auth/devstorage.read_only</a></p></td></tr><tr><td style="border-right: 1px solid ; border-bottom: 1px solid ; " align="left" valign="top"><p>Storage (Write/Write)</p></td><td style="border-bottom: 1px solid ; " align="left" valign="top"><p><a class="link" href="https://www.googleapis.com/auth/devstorage.read_write" target="_top">https://www.googleapis.com/auth/devstorage.read_write</a></p></td></tr><tr><td style="border-right: 1px solid ; border-bottom: 1px solid ; " align="left" valign="top"><p>Runtime Config</p></td><td style="border-bottom: 1px solid ; " align="left" valign="top"><p><a class="link" href="https://www.googleapis.com/auth/cloudruntimeconfig" target="_top">https://www.googleapis.com/auth/cloudruntimeconfig</a></p></td></tr><tr><td style="border-right: 1px solid ; border-bottom: 1px solid ; " align="left" valign="top"><p>Trace (Append)</p></td><td style="border-bottom: 1px solid ; " align="left" valign="top"><p><a class="link" href="https://www.googleapis.com/auth/trace.append" target="_top">https://www.googleapis.com/auth/trace.append</a></p></td></tr><tr><td style="border-right: 1px solid ; border-bottom: 1px solid ; " align="left" valign="top"><p>Cloud Platform</p></td><td style="border-bottom: 1px solid ; " align="left" valign="top"><p><a class="link" href="https://www.googleapis.com/auth/cloud-platform" target="_top">https://www.googleapis.com/auth/cloud-platform</a></p></td></tr><tr><td style="border-right: 1px solid ; " align="left" valign="top"><p>Vision</p></td><td style="" align="left" valign="top"><p><a class="link" href="https://www.googleapis.com/auth/cloud-vision" target="_top">https://www.googleapis.com/auth/cloud-vision</a></p></td></tr></tbody></table></div><p>The Spring Cloud GCP starter allows you to configure a custom scope list for the provided credentials.
|
|
To do that, specify a comma-delimited list of <a class="link" href="https://developers.google.com/identity/protocols/googlescopes" target="_top">Google OAuth2 scopes</a> in the <code class="literal">spring.cloud.gcp.credentials.scopes</code> property.</p><p><code class="literal">spring.cloud.gcp.credentials.scopes</code> is a comma-delimited list of <a class="link" href="https://developers.google.com/identity/protocols/googlescopes" target="_top">Google OAuth2 scopes</a> for Google Cloud Platform services that the credentials returned by the provided <code class="literal">CredentialsProvider</code> support.</p><pre class="screen">spring.cloud.gcp.credentials.scopes=https://www.googleapis.com/auth/pubsub,https://www.googleapis.com/auth/sqlservice.admin</pre><p>You can also use <code class="literal">DEFAULT_SCOPES</code> placeholder as a scope to represent the starters default scopes, and append the additional scopes you need to add.</p><pre class="screen">spring.cloud.gcp.credentials.scopes=DEFAULT_SCOPES,https://www.googleapis.com/auth/cloud-vision</pre></div></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="_environment" href="#_environment"></a>154.3 Environment</h2></div></div></div><p><code class="literal">GcpEnvironmentProvider</code> is a functional interface, auto-configured by the Spring Cloud GCP starter, that returns a <code class="literal">GcpEnvironment</code> enum.
|
|
The provider can help determine programmatically in which GCP environment (App Engine Flexible, App Engine Standard, Kubernetes Engine or Compute Engine) the application is deployed.</p><pre class="programlisting"><span xmlns:d="http://docbook.org/ns/docbook" class="hl-keyword">public</span> <span xmlns:d="http://docbook.org/ns/docbook" class="hl-keyword">interface</span> GcpEnvironmentProvider {
|
|
GcpEnvironment getCurrentEnvironment();
|
|
}</pre></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="_spring_initializr_2" href="#_spring_initializr_2"></a>154.4 Spring Initializr</h2></div></div></div><p>This starter is available from <a class="link" href="https://start.spring.io/" target="_top">Spring Initializr</a> through the <code class="literal">GCP Support</code> entry.</p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="multi__getting_started_2.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="multi_spring-cloud-gcp-reference.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="multi__google_cloud_pubsub.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">153. Getting started </td><td width="20%" align="center"><a accesskey="h" href="multi_spring-cloud.html">Home</a></td><td width="40%" align="right" valign="top"> 155. Google Cloud Pub/Sub</td></tr></table></div></body></html> |