fixed oauth check and updated libraries

GoogleCloudPlatform · Oct 22, 2023 · 6ef91a2 · 6ef91a2
1 parent 545c04f
commit 6ef91a2
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 38 deletions.
diff --git a/docs/manual_deployment.md b/docs/manual_deployment.md
@@ -247,13 +247,13 @@ gcloud alpha firestore databases create --project=$TAG_ENGINE_PROJECT --location
 
    ```
 	   gcloud beta run deploy tag-engine-ui \
-	   --source . \
-	   --platform managed \
-	   --region $TAG_ENGINE_REGION \
-	   --allow-unauthenticated \
-	   --ingress=all \
-	   --memory=1024Mi \
-	   --service-account=$TAG_ENGINE_SA
+		   --source . \
+		   --platform managed \
+		   --region $TAG_ENGINE_REGION \
+		   --allow-unauthenticated \
+		   --ingress=all \
+		   --memory=1024Mi \
+		   --service-account=$TAG_ENGINE_SA
    
    ``` 
 
@@ -264,19 +264,19 @@ gcloud alpha firestore databases create --project=$TAG_ENGINE_PROJECT --location
    Create a VPC access connector before running the next command. This connector is used to send requests to your VPC network from Cloud Run using internal DNS and internal IP addresses as opposed to going through the public internet. To create a connector, consult [this page](https://cloud.google.com/vpc/docs/configure-serverless-vpc-access#gcloud).  
 
 	```
-	gcloud beta run deploy tag-engine-ui \
-		--source . \
-		--platform managed \
-		--region $TAG_ENGINE_REGION \
-		--allow-unauthenticated \
-		--ingress=internal-and-cloud-load-balancing \
-		--port=8080 \
-		--min-instances=0 \
-		--max-instances=5 \
-		--memory=1024Mi,
-		--service-account=$TAG_ENGINE_SA \
-		--vpc-connector=projects/$TAG_ENGINE_PROJECT/locations/$TAG_ENGINE_REGION/connectors/$VPC_CONNECTOR \
-		--vpc-egress=private-ranges-only
+		gcloud beta run deploy tag-engine-ui \
+			--source . \
+			--platform managed \
+			--region $TAG_ENGINE_REGION \
+			--allow-unauthenticated \
+			--ingress=internal-and-cloud-load-balancing \
+			--port=8080 \
+			--min-instances=0 \
+			--max-instances=5 \
+			--memory=1024Mi,
+			--service-account=$TAG_ENGINE_SA \
+			--vpc-connector=projects/$TAG_ENGINE_PROJECT/locations/$TAG_ENGINE_REGION/connectors/$VPC_CONNECTOR \
+			--vpc-egress=private-ranges-only
 	```
 <br> 
 
@@ -286,14 +286,15 @@ gcloud alpha firestore databases create --project=$TAG_ENGINE_PROJECT --location
    If you are deploying the API, run:
 
 	```
-	export API_SERVICE_URL=`gcloud run services describe tag-engine-api --format="value(status.url)"`
-	gcloud run services update tag-engine-api --set-env-vars SERVICE_URL=$API_SERVICE_URL
+		export API_SERVICE_URL=`gcloud run services describe tag-engine-api --format="value(status.url)"`
+		gcloud run services update tag-engine-api --set-env-vars SERVICE_URL=$API_SERVICE_URL
 	```
 
    If you are deploying the UI, run:
+
 	```
-	export UI_SERVICE_URL=`gcloud run services describe tag-engine-ui --format="value(status.url)"`
-	gcloud run services update tag-engine-ui --set-env-vars SERVICE_URL=$UI_SERVICE_URL
+		export UI_SERVICE_URL=`gcloud run services describe tag-engine-ui --format="value(status.url)"`
+		gcloud run services update tag-engine-ui --set-env-vars SERVICE_URL=$UI_SERVICE_URL
 	```
 
 <br> 

diff --git a/main.py b/main.py
@@ -57,7 +57,7 @@ def check_service_url():
 
 check_service_url()
 
-##################### CHECK CLIENT SECRET #####################
+##################### CHECK AUTH and CLIENT SECRET VARIABLES #####################
 
 if config['DEFAULT']['ENABLE_AUTH'].lower() == 'true' or config['DEFAULT']['ENABLE_AUTH'] == 1:
     ENABLE_AUTH = True
@@ -66,17 +66,15 @@ def check_service_url():
     ENABLE_AUTH = False
     print('Info: ENABLE_AUTH = False. This option is only supported in API mode as the client secret is needed to obtain an access token from the UI.')
 
-def check_client_secret():
-    if 'OAUTH_CLIENT_CREDENTIALS' in config['DEFAULT']:
-        OAUTH_CLIENT_CREDENTIALS = config['DEFAULT']['OAUTH_CLIENT_CREDENTIALS'].strip()
-    else:
-        if 'tag-engine-ui-' in os.environ['SERVICE_URL']:
-            print('Fatal Error: The Tag Engine UI requires the OAUTH_CLIENT_CREDENTIALS variable to be set. Please set it in tagengine.ini.')
-            return -1
-        else:
-            print('Info: running in API mode without the client secret file')
 
-check_client_secret()
+if 'OAUTH_CLIENT_CREDENTIALS' in config['DEFAULT']:
+    OAUTH_CLIENT_CREDENTIALS = config['DEFAULT']['OAUTH_CLIENT_CREDENTIALS'].strip()
+    print('Info: OAUTH_CLIENT_CREDENTIALS =', OAUTH_CLIENT_CREDENTIALS)
+else:
+    if 'tag-engine-ui-' in os.environ['SERVICE_URL']:
+        print('Fatal Error: The Tag Engine UI requires the OAUTH_CLIENT_CREDENTIALS variable to be set. Please set it in tagengine.ini.')
+    else:
+        print('Info: running in API mode without the client secret file')
 
 ##################### INIT GLOBAL VARIABLES ##################################
 

diff --git a/requirements.txt b/requirements.txt
@@ -1,10 +1,10 @@
 gunicorn
 Flask==2.3.2
 Flask-Session
-google-cloud-datacatalog==3.14
+google-cloud-datacatalog==3.16.0
 google-cloud-bigquery
 google-cloud-core
-google-cloud-firestore==2.11.1
+google-cloud-firestore==2.12.0
 google-cloud-storage
 google-cloud-tasks==2.13.1
 google-cloud-pubsub

diff --git a/tagengine.ini b/tagengine.ini
@@ -6,5 +6,5 @@ TAG_ENGINE_SA = tag-engine@tag-engine-develop.iam.gserviceaccount.com
 TAG_CREATOR_SA = tag-creator@tag-engine-develop.iam.gserviceaccount.com 
 INJECTOR_QUEUE = te-injector-task-queue
 WORK_QUEUE = te-work-task-queue
-OAUTH_CLIENT_CREDENTIALS = client_secret.json
+OAUTH_CLIENT_CREDENTIALS = client_secret2.json
 ENABLE_AUTH = True