Upgrade Google Auth Version #15176
Closed
Upgrade Google Auth Version #15176
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
For some more context, in 1.5.3 built-in retries were added, which improves the reliability of fetching credentials from the metadata server - googleapis/google-auth-library-java@f9a9b8a |
|
I believe this is also gonna fix #14278 I hope this gets merged soon, the current library is outdated by 3 years and currently prevents me using remote cache with Workload Identity Federation. |
coeuvre
reviewed
Apr 6, 2022
| @@ -163,8 +163,10 @@ distrib_java_import( | |||
| jars = [ | |||
| "api_client/google-api-client-1.22.0.jar", | |||
| "api_client/google-api-client-jackson2-1.22.0.jar", | |||
| "api_client/google-api-client-gson-1.22.0.jar", | |||
There was a problem hiding this comment.
Does that mean the newer version uses gson instead of jackson2? It would be nice if we can remove jackson2.
There was a problem hiding this comment.
yes looks like they switched to gson in 0.23.0 https://github.com/googleapis/google-auth-library-java/pull/531/files. Removed jackson dependency in pr
third_party/BUILD
Outdated
| "api_client/google-http-client-1.22.0-SNAPSHOT.jar", | ||
| "api_client/google-http-client-jackson2-1.22.0.jar", | ||
| "api_client/google-http-client-gson-1.22.0.jar", | ||
| ], | ||
| runtime_deps = [ | ||
| ":jackson2", |
There was a problem hiding this comment.
We probably need add :gson to runtime_deps on here.
coeuvre
reviewed
Apr 7, 2022
There was a problem hiding this comment.
Thanks!
I didn't realize removing jackson2 will introduce non third_party changes. Unfortunately, we can't import PR that include both third_party and non third_party changes. In this case, we have to split the PR into 3 small PRs:
- Add Gson and upgrade Auth (third_party only changes)
- Replace
jackson2usages in non third_party packages - Remove
jackson2
Sorry the import process is not easy enough.
This was referenced Apr 12, 2022
Closed
|
This PR has been submitted as 3 sub PRs. Closing. |
|
@bazel-io flag |
|
@coeuvre I had merge conflicts trying to cherry-pick the 3 sub-PRs. Could you take that on? |
coeuvre
pushed a commit
to coeuvre/bazel
that referenced
this pull request
May 2, 2022
Follow up for bazelbuild#15215 and Step two for bazelbuild#15176 Closes bazelbuild#15295. PiperOrigin-RevId: 443050332
|
@bazel-io fork 5.2.0 |
ckolli5
pushed a commit
that referenced
this pull request
May 9, 2022
* [Step 1] Upgrade Google Auth Version third party only changes gson add back jackson Partial commit for third_party/*, see #15215. Closes #15215 Signed-off-by: Yun Peng <[email protected]> * [Step 2] Update non-third party change for jackson2 Follow up for #15215 and Step two for #15176 Closes #15295. PiperOrigin-RevId: 443050332 * clean up Partial commit for third_party/*, see #15301. Closes: #15301 Signed-off-by: Yun Peng <[email protected]> Co-authored-by: Thomas Chen <[email protected]> Co-authored-by: ThomasCJY <[email protected]>
tjgq
added a commit
to tjgq/bazel
that referenced
this pull request
Aug 10, 2022
In bazelbuild#15176 we upgraded google-auth-library-oauth2-http to 1.6.0, but didn't upgrade its dependencies accordingly; Maven claims 1.41.1 is needed [1]. In turn, a new transitive dependency on opencensus-contrib-http-util 0.31.0 also becomes necessary [2]. [1] https://mvnrepository.com/artifact/com.google.auth/google-auth-library-oauth2-http/1.6.0 [2] https://mvnrepository.com/artifact/com.google.http-client/google-http-client/1.41.1
tjgq
added a commit
to tjgq/bazel
that referenced
this pull request
Aug 10, 2022
In bazelbuild#15176 we upgraded google-auth-library-oauth2-http to 1.6.0, but didn't upgrade its dependencies accordingly; Maven claims 1.41.1 is needed [1]. In turn, a new transitive dependency on opencensus-contrib-http-util 0.31.0 also becomes necessary [2]. [1] https://mvnrepository.com/artifact/com.google.auth/google-auth-library-oauth2-http/1.6.0 [2] https://mvnrepository.com/artifact/com.google.http-client/google-http-client/1.41.1
This was referenced Aug 10, 2022
tjgq
added a commit
to tjgq/bazel
that referenced
this pull request
Aug 26, 2022
In bazelbuild#15176 we upgraded google-auth-library-oauth2-http to 1.6.0, but didn't upgrade its dependencies accordingly; Maven claims 1.41.1 is needed [1]. In turn, a new transitive dependency on opencensus-contrib-http-util 0.31.0 also becomes necessary [2]. [1] https://mvnrepository.com/artifact/com.google.auth/google-auth-library-oauth2-http/1.6.0 [2] https://mvnrepository.com/artifact/com.google.http-client/google-http-client/1.41.1
tjgq
added a commit
to tjgq/bazel
that referenced
this pull request
Aug 26, 2022
In bazelbuild#15176 we upgraded google-auth-library-oauth2-http to 1.6.0, but didn't upgrade its dependencies accordingly; Maven claims 1.41.4 is needed [1]. In turn, a new transitive dependency on opencensus-contrib-http-util 0.31.0 also becomes necessary [2]. [1] https://mvnrepository.com/artifact/com.google.auth/google-auth-library-oauth2-http/1.6.0 [2] https://mvnrepository.com/artifact/com.google.http-client/google-http-client/1.41.4
tjgq
added a commit
to tjgq/bazel
that referenced
this pull request
Aug 26, 2022
In bazelbuild#15176 we upgraded google-auth-library-oauth2-http to 1.6.0, but didn't upgrade its dependencies accordingly; Maven claims 1.41.4 is needed [1]. In turn, a new transitive dependency on opencensus-contrib-http-util 0.31.0 also becomes necessary [2]. Fixes bazelbuild#15639. [1] https://mvnrepository.com/artifact/com.google.auth/google-auth-library-oauth2-http/1.6.0 [2] https://mvnrepository.com/artifact/com.google.http-client/google-http-client/1.41.4
copybara-service bot
pushed a commit
that referenced
this pull request
Aug 27, 2022
In #15176 we upgraded google-auth-library-oauth2-http to 1.6.0, but didn't upgrade its dependencies accordingly; Maven claims 1.41.4 is needed [1]. In turn, a new transitive dependency on opencensus-contrib-http-util 0.31.0 also becomes necessary [2]. Fixes #15639. [1] https://mvnrepository.com/artifact/com.google.auth/google-auth-library-oauth2-http/1.6.0 [2] https://mvnrepository.com/artifact/com.google.http-client/google-http-client/1.41.4 Partial commit for third_party/*, see #16082. Signed-off-by: Sunil Gowroji <[email protected]>
aiuto
pushed a commit
to aiuto/bazel
that referenced
this pull request
Oct 12, 2022
In bazelbuild#15176 we upgraded google-auth-library-oauth2-http to 1.6.0, but didn't upgrade its dependencies accordingly; Maven claims 1.41.4 is needed [1]. In turn, a new transitive dependency on opencensus-contrib-http-util 0.31.0 also becomes necessary [2]. Fixes bazelbuild#15639. [1] https://mvnrepository.com/artifact/com.google.auth/google-auth-library-oauth2-http/1.6.0 [2] https://mvnrepository.com/artifact/com.google.http-client/google-http-client/1.41.4 Partial commit for third_party/*, see bazelbuild#16082. Signed-off-by: Sunil Gowroji <[email protected]>
tjgq
added a commit
to tjgq/bazel
that referenced
this pull request
Nov 11, 2022
In bazelbuild#15176 we upgraded google-auth-library-oauth2-http to 1.6.0, but didn't upgrade its dependencies accordingly; Maven claims 1.41.4 is needed [1]. In turn, a new transitive dependency on opencensus-contrib-http-util 0.31.0 also becomes necessary [2]. Fixes bazelbuild#15639. [1] https://mvnrepository.com/artifact/com.google.auth/google-auth-library-oauth2-http/1.6.0 [2] https://mvnrepository.com/artifact/com.google.http-client/google-http-client/1.41.4 Partial commit for third_party/*, see bazelbuild#16082. Signed-off-by: Sunil Gowroji <[email protected]>
ShreeM01
pushed a commit
that referenced
this pull request
Nov 15, 2022
In #15176 we upgraded google-auth-library-oauth2-http to 1.6.0, but didn't upgrade its dependencies accordingly; Maven claims 1.41.4 is needed [1]. In turn, a new transitive dependency on opencensus-contrib-http-util 0.31.0 also becomes necessary [2]. Fixes #15639. [1] https://mvnrepository.com/artifact/com.google.auth/google-auth-library-oauth2-http/1.6.0 [2] https://mvnrepository.com/artifact/com.google.http-client/google-http-client/1.41.4 Partial commit for third_party/*, see #16082. Signed-off-by: Sunil Gowroji <[email protected]> Signed-off-by: Sunil Gowroji <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
upgrade google auth to use the latest v1.6.0 instead of the outdated 0.17 in bazel