Use Google Auth and Cloud Python APIs instead of gcloud CLI

[swastik959]

fixes #2019

What does this implement/fix?

Put a x in the boxes that apply

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds a feature)
• Breaking change (fix or feature that would cause existing features not to work as expected)
• Documentation Update
• Code style update (formatting, renaming)
• Refactoring (no functional changes, no API changes)
• Build related changes
• Other (please describe):

Testing

• Did you test the pull request locally?
• Did you add new tests?

Any other comments?

[fangchenli]

You need to add the required GCP libraries to pyproject.toml first.

[iameskild]

Thanks @swastik959 for the contribution! We really appreciate it. This is definitely a good start, as @fangchenli mentioned, we will need to add the required google python library as a dependency in the pyproject.toml.

[swastik959]

@iameskild I wanted to ask should I modify the check credential method to point to credential json file for explicit parameter input

[iameskild]

@swastik959 that's a good question. I think we can start by supporting OAuth2 authentication for service accounts, this might be helpful: https://googleapis.github.io/google-api-python-client/docs/oauth.html#credentials

[swastik959]

@iameskild hi I have made few commits can you please review them . also can you please tell me how can I test them locally

[iameskild]

Amazing work @swastik959! I will have a closer look later today but in the meantime, do you mind making sure the tests/CI are passing?

[marcelovilla]

I'm picking up this PR to get it across the finish line. It has not seen any activity in almost a year but @swastik959 if you're still interested in working on it, feel free to leave a message here and I can point you in the right direction.

[marcelovilla]

This PR is ready for review.

Companion docs PR: nebari-dev/nebari-docs#500

How to test this PR

1. Run:

export GOOGLE_CREDENTIALS="path/to/JSON/file/with/credentials"
export PROJECT_ID="Project ID"

2. Use the nebari init --guided-init command to create a Google Cloud nebari-config.yaml file and make sure to provide a GitHub repo name and auto-provision it
3. Run:

nebari validate -c nebari-config.yaml

4. Run:

nebari render -c nebari-config.yaml

5. Run:

nebari deploy -c nebari-config.yaml

6. Change anything in the config file, push to the auto-provisioned GitHub repo and let the deploy GHA workflow run
7. Run the gcp_cleanup function located in src/_nebari/provider/cloud/google_cloud.py using your config.

I tested all of this, making sure things were working correctly. Furthermore, I triggered our GCP deployment workflow using a branch with the same contents of this PR.

Notes

• You'll notice that many functions were removed. Those were functions that were defined but not used anywhere in our codebase.
• You'll notice that one testing file was removed. It was a file containing only tests for one of the functions that were removed.
• We don't have any tests for any of our provider functions, which not only includes Google Cloud but also AWS, Azure and DO. If we want to address this, I suggest we do it in a separate PR. I can open an issue about it.

[marcelovilla]

I needed to add this library explicitly as our conda tests where failing because of it.

[marcelovilla]

This is not needed anymore as the regions() function below will call it under the hood.

[viniciusdc]

Just as a reminder, once this is merged, we will need to remember to update the conda-forge package recipe to reflect the dependencies changes. Its passing our conda test, so we should be okay when doing the release.

[marcelovilla]

@viniciusdc just a friendly reminder to take a look at this PR when you get a chance. Thanks!

[Adam-D-Lewis]

This function would be useful to do the same thing as AWS and Digital Ocean do and check instance types are valid before deploying. I'd be okay if you just open an issue to re-add that functionality at some point though. Search the repo for instances( and see how its used in infrastructure's __init__.py file.

[marcelovilla]

@Adam-D-Lewis great catch. I just created an issue to track that and make sure we add that functionality for Google Cloud.

[Adam-D-Lewis]

@marcelovilla Looks like the local integration test failed too. Is there an issue already open for that flaky test. I couldn't find one by searching the error message.

[viniciusdc]

Uhm, this is interesting. #2641 should've addressed this particular issue.

[marcelovilla]

@Adam-D-Lewis tests seem indeed to be flaky again. I've reopened #2641 to track that as it should have anything to do with this PR. I re-ran the tests and they're all passing now.

[Adam-D-Lewis]

LGTM!

[marcelovilla]

Thanks for the review @Adam-D-Lewis ! Can you take a look at this companion docs PR when you get a chance? It's a fairly small PR.