Google Storage Binary Provider Native Client Template

The google-storage-v2 template is used for configuring Google Cloud as the Storage remote filestore using the Google native client.

The google-storage-v2 template is used for configuring Google Cloud Storage as the remote filestore using the Google native client.

This binary provider uses the following set of parameters.

Parameter	Description
type	google-storage-v2
bucketName	Your globally unique bucket name.
path	Default: filestore Sets the path relative to the bucket where binary files are stored.
endPoint	The cloud storage provider’s URL. 📘 Note For Pro license users, endPoints must end with `.googleapis.com`. All endpoints are supported in the JFrog Enterprise/ Enterprise+ subscriptions.
rootFoldersNameLength	Default: 2. The number of initial characters in the object's checksum that should be used to name the folder in storage. This can take any value between 0 - 6. 0 means that checksum files will be stored at the root of the object store bucket. For example, if the object's checksum is 8c335149... and `rootFoldersNameLength` is set to 4, the folder under which the object would be stored would be named 8c33.
bucketExists	Default: false. When set to true, it indicates to the binary provider that a bucket already exists in Google Cloud Storage and therefore does not need to be created.
testConnection	Default: true When set to true, the binary provider uploads and downloads a file when Artifactory starts up to verify that the connection to the cloud storage provider is fully functional.
useInstanceCredentials	Default: false. When set to true use, the "GOOGLE_APPLICATION_CREDENTIALS" environment variable finds the credentials or uses the default service account. When set to false, the default path is used to find the credentials file.
enableSignedUrlRedirect	Default: false. When set to true, redirecting download requests using enabled signed URLs.
signedUrlExpirySeconds	Default: 30. Sets the signed URL validity period in seconds.
signatureExpirySeconds	Default: 30. Specifies the number of seconds that a signed URL used internally for upload/download is valid.
proxyIdentity	Default: No proxy Corresponding parameter if you are accessing the cloud storage provider through a proxy server.
proxyCredential	Default: No proxy Corresponding parameter if you are accessing the cloud storage provider through a proxy server.
proxyPort	Default: No proxy Corresponding parameter if you are accessing the cloud storage provider through a proxy server.
proxyHost	Default: No proxy Corresponding parameter if you are accessing the cloud storage provider through a proxy server.
maxConnections	Default: 100 Sets the maximum HTTP client connections.
ConnectionTimeout	Sets the connections timeout.
maxRetries	Default: 1 If GCS returns a 50x error, this parameter determines the maximum number of retry attempts to GCS before responding with failure. 📘 Note Available from Artifactory version 7.96.3 and later.
retryIntervalMillis	Default: 1000 If GCS returns a 50x error, this parameter sets the time interval to wait between retry attempts. 📘 Note Available from Artifactory version 7.96.3 and later. The default value for this parameter was 0 until Artifactory 7.104.2.

Google Cloud Storage Authentication Mechanism

Authentication is established using a credentials file generated automatically by Google.

Authentication Resolution Order

‘useInstanceCredentials’ == true && set the "GOOGLE_APPLICATION_CREDENTIALS" env var
‘useInstanceCredentials’ == true && use Kubernetes (or other) service account creds (no creds file)
‘useInstanceCredentials’ == false && save creds file under the default path $JFROG_HOME/artifactory/var/etc/artifactory/gcp.credentials.json.

📘
Note
Grant the "Cloud Functions Service Agent" role to the utilized service account in order to use the instance's credentials.

Artifactory searches for an environment variable named GOOGLE_APPLICATION_CREDENTIALS containing the path to the credentials file. If the environment variable does not exist, the default service account provided by the Compute Engine, Kubernetes Engine, App Engine, and Cloud Functions will be applied to applications running on those services.

google-storage-v2-direct template configuration (Recommended)

The google-storage-v2-direct (or eventual-less) template allows directly uploading to Google storage, bypassing the eventual upload mechanism.

<config version="2">
  <chain template="google-storage-v2-direct"/>
    <provider id="google-storage-v2" type="google-storage-v2">
       <bucketName>my-bucket</bucketName>
       <path>myPath</path>
       <useInstanceCredentials>false</useInstanceCredentials>
       <signatureExpirySeconds>10</signatureExpirySeconds>
       <proxyHost>127.0.0.1</proxyHost>
       <proxyPort>8888</proxyPort>
       <proxyIdentity>username</proxyIdentity>
       <proxyCredential>password</proxyCredential>
       <maxConnections>50</maxConnections>
       <connectionTimeout>120000</connectionTimeout>
     </provider>
</config>

What's in the template?

<chain> <!-- template="google-storage-v2-direct" -->
    <provider id="cache-fs" type="cache-fs">
        <provider id="google-storage-v2" type="google-storage-v2"/>
    </provider>
</chain>

For details about the cache-fs provider, see Cached Filesystem Binary Provider.

For details about the eventual provider, see Eventual Binary Provider.

For details about the retry provider, see Retry Binary Provider.

google-storage-v2 template configuration

You must configure the google-storage-v2 provider with parameters specific to your account but can leave all other parameters with the recommended values. If you choose to use this template, your binarystore.xml configuration file should look like as follows.

<chain> <!-- template="google-storage-v2" -->
      <provider id="cache-fs" type="cache-fs">
        <provider id="eventual" type="eventual">
          <provider id="retry" type="retry">
            <provider id="google-storage-v2" type="google-storage-v2"/>
          </provider>
        </provider>
      </provider>
    </chain>

Example 1

<config version="2">
   <chain template="google-storage-v2"/>
   <provider id="google-storage-v2" type="google-storage-v2">
       <bucketName>my-bucket</bucketName>
       <path>myPath</path>
       <rootFoldersNameLength>3</rootFoldersNameLength>
       <useInstanceCredentials>false</useInstanceCredentials>
       <signatureExpirySeconds>10</signatureExpirySeconds>
       <proxyHost>127.0.0.1</proxyHost>
       <proxyPort>8888</proxyPort>
       <proxyIdentity>username</proxyIdentity>
       <proxyCredential>password</proxyCredential>
       <maxConnections>50</maxConnections>
       <connectionTimeout>120000</connectionTimeout>
   </provider>
</config>

For details about the cache-fs provider, see Cached Filesystem Binary Provider.

For details about the eventual provider, see Eventual Binary Provider.

For details about the retry provider, see Retry Binary Provider.

Updated 2 days ago