Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FR] Update Java Client Libraries and Object Lifecycle Management #660

Closed
CameronProbert opened this issue Apr 18, 2022 · 6 comments
Closed

[FR] Update Java Client Libraries and Object Lifecycle Management #660

CameronProbert opened this issue Apr 18, 2022 · 6 comments
Labels
needs-triage type: feature request

Comments

@CameronProbert
Copy link

Is your feature request related to a problem? Please describe.
I received an email from Google advising me to update the GCP Java Client Libraries and Object Lifecycle Management. In my Gradle dependencies graph I have: com.google.cloud:google-cloud-storage:1.118.0, which I think should be at v2.6.0

Describe the solution you'd like
Upgrade the GCP Java Client Libraries and Object Lifecycle Management dependencies. I don't have much knowledge of dependency management in the Java ecosystem, but I think that #654 fixes this.

Describe alternatives you've considered
I tried setting com.google.cloud:google-cloud-storage:2.6.0 in my gradle build script, but then I get exceptions at runtime.

Exception in thread "main" com.google.cloud.firestore.FirestoreException: java.lang.IllegalStateException: getTransportChannel() called when needsExecutor() is true
        at com.google.cloud.firestore.FirestoreException.forIOException(FirestoreException.java:94)
        at com.google.cloud.firestore.FirestoreOptions$DefaultFirestoreRpcFactory.create(FirestoreOptions.java:91)
        at com.google.cloud.firestore.FirestoreOptions$DefaultFirestoreRpcFactory.create(FirestoreOptions.java:81)
        at com.google.cloud.ServiceOptions.getRpc(ServiceOptions.java:560)
        at com.google.cloud.firestore.FirestoreOptions.getFirestoreRpc(FirestoreOptions.java:365)
        at com.google.cloud.firestore.FirestoreImpl.<init>(FirestoreImpl.java:72)
        at com.google.cloud.firestore.FirestoreOptions$DefaultFirestoreFactory.create(FirestoreOptions.java:72)
        at com.google.cloud.firestore.FirestoreOptions$DefaultFirestoreFactory.create(FirestoreOptions.java:65)
        at com.google.cloud.ServiceOptions.getService(ServiceOptions.java:540)
        at com.google.firebase.cloud.FirestoreClient.<init>(FirestoreClient.java:51)
        at com.google.firebase.cloud.FirestoreClient.<init>(FirestoreClient.java:29)
        at com.google.firebase.cloud.FirestoreClient$FirestoreClientService.<init>(FirestoreClient.java:95)
        at com.google.firebase.cloud.FirestoreClient.getInstance(FirestoreClient.java:85)
        at com.google.firebase.cloud.FirestoreClient.getFirestore(FirestoreClient.java:78)
        at com.google.firebase.cloud.FirestoreClient.getFirestore(FirestoreClient.java:64)

Additional context
The contents of the email:

We're writing to let you know that we have identified an issue with older versions of the Java Client Libraries and Object Lifecycle Management. Versions 1.50.0-2.2.3, 4.4.0 - 24.2.0 libraries-bom of this library will fail if buckets have configured any upcoming lifecycle actions. To read/set Google Cloud Storage buckets with any new lifecycle actions, update your Java client library to version 2.3.0 or higher.

What do I need to do?
Update your Java Storage client to version 2.3.0 or higher to read/write Google Cloud Storage buckets with new lifecycle actions by June 20, 2022. You can find more details for the latest version in the Maven Central Repository.

If you’re unable to upgrade your Java client library version, select the needed bucket metadata fields to work with Google Cloud Storage buckets without accessing lifecycle rules.

The following example gets a bucket by selecting all bucket fields except the lifecycle rules:

Bucket bucket = storage.get("bucket-name", Storage.BucketGetOption.fields(Storage.BucketField.ID,
Storage.BucketField.SELF_LINK,
Storage.BucketField.NAME,
Storage.BucketField.TIME_CREATED,
Storage.BucketField.METAGENERATION,
Storage.BucketField.ACL,
Storage.BucketField.DEFAULT_OBJECT_ACL,
Storage.BucketField.OWNER,
Storage.BucketField.LABELS,
Storage.BucketField.LOCATION,
Storage.BucketField.LOCATION_TYPE,
Storage.BucketField.WEBSITE,
Storage.BucketField.VERSIONING,
Storage.BucketField.CORS,
Storage.BucketField.STORAGE_CLASS,
Storage.BucketField.ETAG,
Storage.BucketField.ENCRYPTION,
Storage.BucketField.BILLING,
Storage.BucketField.DEFAULT_EVENT_BASED_HOLD,
Storage.BucketField.RETENTION_POLICY,
Storage.BucketField.IAMCONFIGURATION,
Storage.BucketField.LOGGING,
Storage.BucketField.UPDATED));
The following example lists buckets by selecting all bucket fields except the lifecycle rules:

storage.list(Storage.BucketListOption.fields(Storage.BucketField.ID,
Storage.BucketField.SELF_LINK,
Storage.BucketField.NAME,
Storage.BucketField.TIME_CREATED,
Storage.BucketField.METAGENERATION,
Storage.BucketField.ACL,
Storage.BucketField.DEFAULT_OBJECT_ACL,
Storage.BucketField.OWNER,
Storage.BucketField.LABELS,
Storage.BucketField.LOCATION,
Storage.BucketField.LOCATION_TYPE,
Storage.BucketField.WEBSITE,
Storage.BucketField.VERSIONING,
Storage.BucketField.CORS,
Storage.BucketField.STORAGE_CLASS,
Storage.BucketField.ETAG,
Storage.BucketField.ENCRYPTION,
Storage.BucketField.BILLING,
Storage.BucketField.DEFAULT_EVENT_BASED_HOLD,
Storage.BucketField.RETENTION_POLICY,
Storage.BucketField.IAMCONFIGURATION,
Storage.BucketField.LOGGING,
Storage.BucketField.UPDATED));
If you have any questions or require assistance, please reply to this email to contact Google Cloud Support.

Thanks for choosing Google Cloud Storage.
@google-oss-bot
Copy link

I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.

@loicortola loicortola mentioned this issue May 3, 2022
Closed
@mitchelkuijpers
Copy link

We are currently also trying to update these libraries and are unable to do so, will this be fixed before June 20, 2022?

@lahirumaramba
Copy link
Member

Thank you @CameronProbert for reporting this issue. We are currently looking into upgrading the gcp dependencies. I need to confirm a list of things that we are breaking before moving forward with this. Please note that we have prioritized this task and will track any updates here.

@felipebonezi
Copy link

We need to upgrade the library as soon as possible because of a new security vulnerability over gson-2.8.7.jar used by the google-cloud-storage-1.118.0.jar dependency.

Vulnerability 1: WS-2021-0419
Vulnerability 2: CVE-2022-25647

A possible fix is to upgrade google-cloud-storage to version 2.6.1 because already uses gson version 2.9.0 which has the necessary fix.

@lahirumaramba
Copy link
Member

We have started the process to upgrade the libraries-bom by dropping support for Java 8. I will use this issue to track the progress. Thank you for your patience!

@lahirumaramba lahirumaramba mentioned this issue Jun 8, 2022
Merged
@lahirumaramba
Copy link
Member

This should be fixed in v9.0.0. Thank you for your patience!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
needs-triage type: feature request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@lahirumaramba @mitchelkuijpers @felipebonezi @CameronProbert @google-oss-bot