googleCloudRunner
googleCloudRunner copied to clipboard
MarkEdmondson1234
Reference secrets from Cloud Run directly
Helpful for env variables, auth files etc, will mean less buildsteps for deploying Cloud Run workflows
https://cloud.google.com/run/docs/configuring/secrets
Hi Mark,
Thanks for making Google Cloud available for R, really great. I had a question about the Secrets. I have a Plumber function where I want to download a file from a gcs bucket, and interface with some other api's (like github).
What is the recommended way to do the authentication for gcs buckets? Below is some example code. Would I need to add a gcs_auth() and reference a secret?
I use cr_deploy_plumber() to deploy the code. ... If I try I see in the logs a error message with
No .httr-oauth file exists in current working directory. Do library authentication steps to provide credentials.
Thanks for your help.
library(googleCloudStorageR)
run <- function( file_name =NULL){
# stop if no filename is provided
if(is.null(file_name)){
stop(
"No file provided",
call. = FALSE
)
}
# set bucket
googleCloudStorageR::gcs_global_bucket("some_bucket_name")
# read local
file <- googleCloudStorageR::gcs_get_object( file_name,
overwrite = FALSE,
saveToDisk = file_name)
#do something with the file
# return name for now
return(file_name)
}
#' Receive pub/sub message
#' @post /pubsub
#' @param message a pub/sub message
pub <- function(message){
# set global bucket
file_name <- run(message)
paste("Echo:", file_name)
}
For buckets I suggest making sure the Cloud Run service account has auth access to the bucket as well, then auth via googleAuthR/gargle gar_gce_auth() to reuse the auth running in the environment. This should mean you can avoid uploading service keys etc.
Thanks for the promt response.
Should I pass in the cloudrunner service account? e.g. googlecloudrunner@project_id.iam.gserviceaccount.com and does it matter if the gar_gce_auth() call live inside or outside of the run function?