[jira] [Closed] (LIBCLOUD-762) GCE Add Pricing Data

[Eric Johnson (JIRA)]

 [ 
https://issues.apache.org/jira/browse/LIBCLOUD-762?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Eric Johnson closed LIBCLOUD-762.
-
Resolution: Won't Fix

Was fixed in https://github.com/apache/libcloud/pull/464

> GCE Add Pricing Data
> 
>
> Key: LIBCLOUD-762
> URL: https://issues.apache.org/jira/browse/LIBCLOUD-762
> Project: Libcloud
>  Issue Type: Improvement
>Reporter: David Wilson
>Priority: Minor
>
> GCE currently has no pricing data. Add pricing data estimate.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (LIBCLOUD-785) GCE: Service Account User ID has been changed the postfix

[Eric Johnson (JIRA)]

 [ 
https://issues.apache.org/jira/browse/LIBCLOUD-785?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Eric Johnson resolved LIBCLOUD-785.
---
Resolution: Fixed

Thanks for reporting this Hoang!

> GCE: Service Account User ID has been changed the postfix
> -
>
> Key: LIBCLOUD-785
> URL: https://issues.apache.org/jira/browse/LIBCLOUD-785
> Project: Libcloud
>  Issue Type: Bug
>  Components: Core
>Reporter: Hoang Phan
>Assignee: Eric Johnson
>  Labels: gce, google-compute-engine, oauth2
>
> The post-fix of Service Account has been change from 
> developer.gserviceaccount.com to ..iam.gserviceaccount.com. It 
> make user always need to use api service to authenticate.
> https://github.com/apache/libcloud/blob/trunk/libcloud/common/google.py#L609



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Assigned] (LIBCLOUD-785) GCE: Service Account User ID has been changed the postfix

[Eric Johnson (JIRA)]

 [ 
https://issues.apache.org/jira/browse/LIBCLOUD-785?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Eric Johnson reassigned LIBCLOUD-785:
-

Assignee: Eric Johnson

> GCE: Service Account User ID has been changed the postfix
> -
>
> Key: LIBCLOUD-785
> URL: https://issues.apache.org/jira/browse/LIBCLOUD-785
> Project: Libcloud
>  Issue Type: Bug
>  Components: Core
>Reporter: Hoang Phan
>Assignee: Eric Johnson
>  Labels: gce, google-compute-engine, oauth2
>
> The post-fix of Service Account has been change from 
> developer.gserviceaccount.com to ..iam.gserviceaccount.com. It 
> make user always need to use api service to authenticate.
> https://github.com/apache/libcloud/blob/trunk/libcloud/common/google.py#L609



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (LIBCLOUD-776) Google Storage tests take forever on a Mac

[Eric Johnson (JIRA)]

 [ 
https://issues.apache.org/jira/browse/LIBCLOUD-776?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Eric Johnson resolved LIBCLOUD-776.
---
Resolution: Fixed

Thanks again for the investigation and fix Greg and Scott.

> Google Storage tests take forever on a Mac
> --
>
> Key: LIBCLOUD-776
> URL: https://issues.apache.org/jira/browse/LIBCLOUD-776
> Project: Libcloud
>  Issue Type: Bug
>Reporter: Greg Hill
>
> If you run tox on a Mac, the google storage tests take forever.  I tracked it 
> down to the _is_gce() method making an HTTP GET request against 
> http://metadata - for some reason this is slow on a mac but fails fast on 
> linux.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

libcloud git commit: [google] Allow for old and new style service account client email address

[erjohnso]

Repository: libcloud
Updated Branches:
  refs/heads/trunk 59fec8e7a -> 88170f658


[google] Allow for old and new style service account client email address

Closes LIBCLOUD-785


Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo
Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/88170f65
Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/88170f65
Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/88170f65

Branch: refs/heads/trunk
Commit: 88170f6582dd6cc3bce87c0ab3a89118551fe508
Parents: 59fec8e
Author: Eric Johnson 
Authored: Fri Dec 18 23:57:47 2015 +
Committer: Eric Johnson 
Committed: Fri Dec 18 23:57:47 2015 +

--
 CHANGES.rst   | 4 
 libcloud/common/google.py | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/libcloud/blob/88170f65/CHANGES.rst
--
diff --git a/CHANGES.rst b/CHANGES.rst
index b175664..874aebb 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -30,6 +30,10 @@ General
 Compute
 ~~~
 
+- [google] Allow for old and new style service account client email address
+  (LIBCLOUD-785)
+  [Hoang Phan]
+
 - Minor security improvement for storing cached GCE credentials
   (LIBCLOUD-718)
   [Siim Põder]

http://git-wip-us.apache.org/repos/asf/libcloud/blob/88170f65/libcloud/common/google.py
--
diff --git a/libcloud/common/google.py b/libcloud/common/google.py
index 491d5af..bfc8f9b 100644
--- a/libcloud/common/google.py
+++ b/libcloud/common/google.py
@@ -607,7 +607,7 @@ class GoogleAuthType(object):
 
 @staticmethod
 def _is_sa(user_id):
-return user_id.endswith('@developer.gserviceaccount.com')
+return user_id.endswith('.gserviceaccount.com')
 
 
 class GoogleBaseConnection(ConnectionUserAndKey, PollingConnection):

[jira] [Commented] (LIBCLOUD-785) GCE: Service Account User ID has been changed the postfix

[ASF subversion and git services (JIRA)]

[ 
https://issues.apache.org/jira/browse/LIBCLOUD-785?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15065007#comment-15065007
 ] 

ASF subversion and git services commented on LIBCLOUD-785:
--

Commit 88170f6582dd6cc3bce87c0ab3a89118551fe508 in libcloud's branch 
refs/heads/trunk from [~erjohnso]
[ https://git-wip-us.apache.org/repos/asf?p=libcloud.git;h=88170f6 ]

[google] Allow for old and new style service account client email address

Closes LIBCLOUD-785


> GCE: Service Account User ID has been changed the postfix
> -
>
> Key: LIBCLOUD-785
> URL: https://issues.apache.org/jira/browse/LIBCLOUD-785
> Project: Libcloud
>  Issue Type: Bug
>  Components: Core
>Reporter: Hoang Phan
>Assignee: Eric Johnson
>  Labels: gce, google-compute-engine, oauth2
>
> The post-fix of Service Account has been change from 
> developer.gserviceaccount.com to ..iam.gserviceaccount.com. It 
> make user always need to use api service to authenticate.
> https://github.com/apache/libcloud/blob/trunk/libcloud/common/google.py#L609



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (LIBCLOUD-718) gce_libcloud_auth credentials file world-readable

[Eric Johnson (JIRA)]

 [ 
https://issues.apache.org/jira/browse/LIBCLOUD-718?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Eric Johnson resolved LIBCLOUD-718.
---
Resolution: Fixed
  Assignee: Eric Johnson

> gce_libcloud_auth credentials file world-readable
> -
>
> Key: LIBCLOUD-718
> URL: https://issues.apache.org/jira/browse/LIBCLOUD-718
> Project: Libcloud
>  Issue Type: Bug
>  Components: Core
>Reporter: Siim Põder
>Assignee: Eric Johnson
>
> I noticed a suspicious-looking world-readable file on a VM that talks to 
> Google Compute Engine API via libcloud: 
> {noformat}
> -rw-r--r--  1 root root  164 Jun 27 21:21 
> .gce_libcloud_auth.wargame-engine
> {noformat}
> It contains a "Bearer" access token so presumably should not be readable by 
> other users on a shared system. I suspect this (untested) patch might maybe 
> fix this in git head:
> {noformat}
> diff --git a/libcloud/common/google.py b/libcloud/common/google.py
> index 694cf93..7a658c8 100644
> --- a/libcloud/common/google.py
> +++ b/libcloud/common/google.py
> @@ -715,7 +715,7 @@ class GoogleBaseConnection(ConnectionUserAndKey, 
> PollingConnection):
>  """
>  filename = os.path.realpath(os.path.expanduser(self.credential_file))
>  data = json.dumps(self.token_info)
> -with open(filename, 'w') as f:
> +with os.open(filename, os.O_WRONLY, 0o600) as f:
>  f.write(data)
>  
>  def has_completed(self, response): 
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

libcloud git commit: [google] Minor security improvement for storing cached GCE credentials

[erjohnso]

Repository: libcloud
Updated Branches:
  refs/heads/trunk 66f161739 -> 59fec8e7a


[google] Minor security improvement for storing cached GCE credentials

Closes LIBCLOUD-718


Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo
Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/59fec8e7
Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/59fec8e7
Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/59fec8e7

Branch: refs/heads/trunk
Commit: 59fec8e7a203ce95bca7a8b6c5c1744f4f718527
Parents: 66f1617
Author: Eric Johnson 
Authored: Fri Dec 18 23:43:17 2015 +
Committer: Eric Johnson 
Committed: Fri Dec 18 23:45:03 2015 +

--
 CHANGES.rst   | 4 
 libcloud/common/google.py | 4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/libcloud/blob/59fec8e7/CHANGES.rst
--
diff --git a/CHANGES.rst b/CHANGES.rst
index 3084c38..b175664 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -30,6 +30,10 @@ General
 Compute
 ~~~
 
+- Minor security improvement for storing cached GCE credentials
+  (LIBCLOUD-718)
+  [Siim Põder]
+
 - Removed DreamHosts Compute Driver, DreamHosts users will now use the 
OpenStack Node driver since DreamHosts are OpenStack
   API compliant
   (GITHUB-655)

http://git-wip-us.apache.org/repos/asf/libcloud/blob/59fec8e7/libcloud/common/google.py
--
diff --git a/libcloud/common/google.py b/libcloud/common/google.py
index e29451f..491d5af 100644
--- a/libcloud/common/google.py
+++ b/libcloud/common/google.py
@@ -826,5 +826,5 @@ class GoogleBaseConnection(ConnectionUserAndKey, 
PollingConnection):
 """
 filename = os.path.realpath(os.path.expanduser(self.credential_file))
 data = json.dumps(self.oauth2_token)
-with open(filename, 'w') as f:
-f.write(data)
+f = os.open(filename, os.O_CREAT | os.O_WRONLY, 0600)
+os.write(f, data)

[jira] [Commented] (LIBCLOUD-718) gce_libcloud_auth credentials file world-readable

[ASF subversion and git services (JIRA)]

[ 
https://issues.apache.org/jira/browse/LIBCLOUD-718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15064985#comment-15064985
 ] 

ASF subversion and git services commented on LIBCLOUD-718:
--

Commit 59fec8e7a203ce95bca7a8b6c5c1744f4f718527 in libcloud's branch 
refs/heads/trunk from [~erjohnso]
[ https://git-wip-us.apache.org/repos/asf?p=libcloud.git;h=59fec8e ]

[google] Minor security improvement for storing cached GCE credentials

Closes LIBCLOUD-718


> gce_libcloud_auth credentials file world-readable
> -
>
> Key: LIBCLOUD-718
> URL: https://issues.apache.org/jira/browse/LIBCLOUD-718
> Project: Libcloud
>  Issue Type: Bug
>  Components: Core
>Reporter: Siim Põder
>
> I noticed a suspicious-looking world-readable file on a VM that talks to 
> Google Compute Engine API via libcloud: 
> {noformat}
> -rw-r--r--  1 root root  164 Jun 27 21:21 
> .gce_libcloud_auth.wargame-engine
> {noformat}
> It contains a "Bearer" access token so presumably should not be readable by 
> other users on a shared system. I suspect this (untested) patch might maybe 
> fix this in git head:
> {noformat}
> diff --git a/libcloud/common/google.py b/libcloud/common/google.py
> index 694cf93..7a658c8 100644
> --- a/libcloud/common/google.py
> +++ b/libcloud/common/google.py
> @@ -715,7 +715,7 @@ class GoogleBaseConnection(ConnectionUserAndKey, 
> PollingConnection):
>  """
>  filename = os.path.realpath(os.path.expanduser(self.credential_file))
>  data = json.dumps(self.token_info)
> -with open(filename, 'w') as f:
> +with os.open(filename, os.O_WRONLY, 0o600) as f:
>  f.write(data)
>  
>  def has_completed(self, response): 
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (LIBCLOUD-774) Add support for creation/edit of preemptible instance in GCE driver

[Eric Johnson (JIRA)]

 [ 
https://issues.apache.org/jira/browse/LIBCLOUD-774?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Eric Johnson resolved LIBCLOUD-774.
---
Resolution: Fixed

Fixed in https://github.com/apache/libcloud/pull/643

> Add support for creation/edit of preemptible instance in GCE driver
> ---
>
> Key: LIBCLOUD-774
> URL: https://issues.apache.org/jira/browse/LIBCLOUD-774
> Project: Libcloud
>  Issue Type: Improvement
>  Components: Compute
>Reporter: Brian Lawney
>Priority: Minor
>  Labels: gce, patch
>   Original Estimate: 48h
>  Remaining Estimate: 48h
>
> GCE driver currently does not support the creation of preemptible instances.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)