build: fix system tests, move to Kokoro (#372)
diff --git a/system_tests/.gitignore b/system_tests/.gitignore
index f6bf39d..be60550 100644
--- a/system_tests/.gitignore
+++ b/system_tests/.gitignore
@@ -1,2 +1,2 @@
data
-secrets.tar
+secrets.tar
\ No newline at end of file
diff --git a/system_tests/noxfile.py b/system_tests/noxfile.py
index 5f9291a..864a5be 100644
--- a/system_tests/noxfile.py
+++ b/system_tests/noxfile.py
@@ -26,10 +26,12 @@
import subprocess
from nox.command import which
+import nox
import py.path
HERE = os.path.abspath(os.path.dirname(__file__))
+LIBRARY_DIR = os.path.join(HERE, "..")
DATA_DIR = os.path.join(HERE, "data")
SERVICE_ACCOUNT_FILE = os.path.join(DATA_DIR, "service_account.json")
AUTHORIZED_USER_FILE = os.path.join(DATA_DIR, "authorized_user.json")
@@ -167,66 +169,88 @@
# Test sesssions
+TEST_DEPENDENCIES = ["pytest", "requests"]
+PYTHON_VERSIONS=['2.7', '3.7']
-def session_service_account(session):
- session.virtualenv = False
+@nox.session(python=PYTHON_VERSIONS)
+def service_account(session):
+ session.install(*TEST_DEPENDENCIES)
+ session.install(LIBRARY_DIR)
session.run("pytest", "test_service_account.py")
-def session_oauth2_credentials(session):
- session.virtualenv = False
+@nox.session(python=PYTHON_VERSIONS)
+def oauth2_credentials(session):
+ session.install(*TEST_DEPENDENCIES)
+ session.install(LIBRARY_DIR)
session.run("pytest", "test_oauth2_credentials.py")
-def session_default_explicit_service_account(session):
- session.virtualenv = False
+@nox.session(python=PYTHON_VERSIONS)
+def default_explicit_service_account(session):
session.env[EXPLICIT_CREDENTIALS_ENV] = SERVICE_ACCOUNT_FILE
session.env[EXPECT_PROJECT_ENV] = "1"
+ session.install(*TEST_DEPENDENCIES)
+ session.install(LIBRARY_DIR)
session.run("pytest", "test_default.py")
-def session_default_explicit_authorized_user(session):
- session.virtualenv = False
+@nox.session(python=PYTHON_VERSIONS)
+def default_explicit_authorized_user(session):
session.env[EXPLICIT_CREDENTIALS_ENV] = AUTHORIZED_USER_FILE
+ session.install(*TEST_DEPENDENCIES)
+ session.install(LIBRARY_DIR)
session.run("pytest", "test_default.py")
-def session_default_explicit_authorized_user_explicit_project(session):
- session.virtualenv = False
+@nox.session(python=PYTHON_VERSIONS)
+def default_explicit_authorized_user_explicit_project(session):
session.env[EXPLICIT_CREDENTIALS_ENV] = AUTHORIZED_USER_FILE
session.env[EXPLICIT_PROJECT_ENV] = "example-project"
session.env[EXPECT_PROJECT_ENV] = "1"
+ session.install(*TEST_DEPENDENCIES)
+ session.install(LIBRARY_DIR)
session.run("pytest", "test_default.py")
-def session_default_cloud_sdk_service_account(session):
- session.virtualenv = False
+@nox.session(python=PYTHON_VERSIONS)
+def default_cloud_sdk_service_account(session):
configure_cloud_sdk(session, SERVICE_ACCOUNT_FILE)
session.env[EXPECT_PROJECT_ENV] = "1"
+ session.install(*TEST_DEPENDENCIES)
+ session.install(LIBRARY_DIR)
session.run("pytest", "test_default.py")
-def session_default_cloud_sdk_authorized_user(session):
- session.virtualenv = False
+@nox.session(python=PYTHON_VERSIONS)
+def default_cloud_sdk_authorized_user(session):
configure_cloud_sdk(session, AUTHORIZED_USER_FILE)
+ session.install(*TEST_DEPENDENCIES)
+ session.install(LIBRARY_DIR)
session.run("pytest", "test_default.py")
-def session_default_cloud_sdk_authorized_user_configured_project(session):
- session.virtualenv = False
+@nox.session(python=PYTHON_VERSIONS)
+def default_cloud_sdk_authorized_user_configured_project(session):
configure_cloud_sdk(session, AUTHORIZED_USER_FILE, project=True)
session.env[EXPECT_PROJECT_ENV] = "1"
+ session.install(*TEST_DEPENDENCIES)
+ session.install(LIBRARY_DIR)
session.run("pytest", "test_default.py")
-def session_compute_engine(session):
- session.virtualenv = False
+@nox.session(python=PYTHON_VERSIONS)
+def compute_engine(session):
+ session.install(*TEST_DEPENDENCIES)
+ # unset Application Default Credentials so
+ # credentials are detected from environment
+ del session.virtualenv.env["GOOGLE_APPLICATION_CREDENTIALS"]
+ session.install(LIBRARY_DIR)
session.run("pytest", "test_compute_engine.py")
-def session_app_engine(session):
- session.virtualenv = False
-
+@nox.session(python=["2.7"])
+def app_engine(session):
if SKIP_GAE_TEST_ENV in os.environ:
session.log("Skipping App Engine tests.")
return
@@ -252,6 +276,8 @@
# Vendor in the test application's dependencies
session.chdir(os.path.join(HERE, "app_engine_test_app"))
+ session.install(*TEST_DEPENDENCIES)
+ session.install(LIBRARY_DIR)
session.run(
"pip", "install", "--target", "lib", "-r", "requirements.txt", silent=True
)
@@ -265,7 +291,9 @@
session.run("pytest", "test_app_engine.py")
-def session_grpc(session):
- session.virtualenv = False
+@nox.session(python=PYTHON_VERSIONS)
+def grpc(session):
+ session.install(LIBRARY_DIR)
+ session.install(*TEST_DEPENDENCIES, "google-cloud-pubsub==1.0.0")
session.env[EXPLICIT_CREDENTIALS_ENV] = SERVICE_ACCOUNT_FILE
session.run("pytest", "test_grpc.py")
diff --git a/system_tests/secrets.tar.enc b/system_tests/secrets.tar.enc
index e61707e..1106f8a 100644
--- a/system_tests/secrets.tar.enc
+++ b/system_tests/secrets.tar.enc
Binary files differ
diff --git a/system_tests/test_compute_engine.py b/system_tests/test_compute_engine.py
index 3fd420c..44f1627 100644
--- a/system_tests/test_compute_engine.py
+++ b/system_tests/test_compute_engine.py
@@ -15,8 +15,8 @@
import pytest
import google.auth
-from google.auth import _helpers
from google.auth import compute_engine
+from google.auth import _helpers
from google.auth import exceptions
from google.auth.compute_engine import _metadata
diff --git a/system_tests/test_grpc.py b/system_tests/test_grpc.py
index ea52830..f025fc0 100644
--- a/system_tests/test_grpc.py
+++ b/system_tests/test_grpc.py
@@ -16,7 +16,9 @@
import google.auth.credentials
import google.auth.jwt
import google.auth.transport.grpc
-from google.cloud.gapic.pubsub.v1 import publisher_client
+from google.cloud import pubsub_v1
+from google.cloud.pubsub_v1.gapic import publisher_client
+from google.cloud.pubsub_v1.gapic.transports import publisher_grpc_transport
def test_grpc_request_with_regular_credentials(http_request):
@@ -25,12 +27,13 @@
credentials, ["https://www.googleapis.com/auth/pubsub"]
)
- channel = google.auth.transport.grpc.secure_authorized_channel(
- credentials, http_request, publisher_client.PublisherClient.SERVICE_ADDRESS
+ transport = publisher_grpc_transport.PublisherGrpcTransport(
+ address=publisher_client.PublisherClient.SERVICE_ADDRESS,
+ credentials=credentials,
)
# Create a pub/sub client.
- client = publisher_client.PublisherClient(channel=channel)
+ client = pubsub_v1.PublisherClient(transport=transport)
# list the topics and drain the iterator to test that an authorized API
# call works.
@@ -40,19 +43,18 @@
def test_grpc_request_with_jwt_credentials():
credentials, project_id = google.auth.default()
- audience = "https://{}/google.pubsub.v1.Publisher".format(
- publisher_client.PublisherClient.SERVICE_ADDRESS
- )
+ audience = "https://pubsub.googleapis.com/google.pubsub.v1.Publisher"
credentials = google.auth.jwt.Credentials.from_signing_credentials(
credentials, audience=audience
)
- channel = google.auth.transport.grpc.secure_authorized_channel(
- credentials, None, publisher_client.PublisherClient.SERVICE_ADDRESS
+ transport = publisher_grpc_transport.PublisherGrpcTransport(
+ address=publisher_client.PublisherClient.SERVICE_ADDRESS,
+ credentials=credentials,
)
# Create a pub/sub client.
- client = publisher_client.PublisherClient(channel=channel)
+ client = pubsub_v1.PublisherClient(transport=transport)
# list the topics and drain the iterator to test that an authorized API
# call works.
@@ -66,12 +68,13 @@
credentials
)
- channel = google.auth.transport.grpc.secure_authorized_channel(
- credentials, None, publisher_client.PublisherClient.SERVICE_ADDRESS
+ transport = publisher_grpc_transport.PublisherGrpcTransport(
+ address=publisher_client.PublisherClient.SERVICE_ADDRESS,
+ credentials=credentials,
)
# Create a pub/sub client.
- client = publisher_client.PublisherClient(channel=channel)
+ client = pubsub_v1.PublisherClient(transport=transport)
# list the topics and drain the iterator to test that an authorized API
# call works.
diff --git a/system_tests/test_oauth2_credentials.py b/system_tests/test_oauth2_credentials.py
index a33b89f..3ecd850 100644
--- a/system_tests/test_oauth2_credentials.py
+++ b/system_tests/test_oauth2_credentials.py
@@ -17,7 +17,7 @@
from google.auth import _helpers
import google.oauth2.credentials
-GOOGLE_OAUTH2_TOKEN_ENDPOINT = "https://accounts.google.com/o/oauth2/token"
+GOOGLE_OAUTH2_TOKEN_ENDPOINT = "https://oauth2.googleapis.com/token"
def test_refresh(authorized_user_file, http_request, token_info):
@@ -39,9 +39,13 @@
info = token_info(credentials.token)
info_scopes = _helpers.string_to_scopes(info["scope"])
+
+ # Canonical list of scopes at https://cloud.google.com/sdk/gcloud/reference/auth/application-default/login
+ # or do `gcloud auth application-defaut login --help`
assert set(info_scopes) == set(
[
"https://www.googleapis.com/auth/userinfo.email",
- "https://www.googleapis.com/auth/userinfo.profile",
+ "https://www.googleapis.com/auth/cloud-platform",
+ "openid",
]
)