-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add new DLP samples (Bigquery, DeID, Risk Analysis) #841
Conversation
This can be merged now: Note: I did not review the API/these samples for Java-specific developer experience concerns (e.g. idiomaticity). I simply wrote them so that the tests passed. (@jabubake let me know if you'd like me to make any changes.) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please run the google-java-formatter(https://github.com/google/google-java-format) on these files.
Also please run mvn clean verify
locally ensuring that the tests pass for java-docs-samples-testing
project.
|
||
import com.google.cloud.dlp.v2beta1.DlpServiceClient; | ||
import com.google.common.io.BaseEncoding; | ||
import com.google.privacy.dlp.v2beta1.*; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please avoid .* imports
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
import com.google.privacy.dlp.v2beta1.InfoTypeTransformations.InfoTypeTransformation; | ||
import com.google.privacy.dlp.v2beta1.CryptoReplaceFfxFpeConfig.FfxCommonNativeAlphabet; | ||
import com.google.protobuf.ByteString; | ||
import org.apache.commons.cli.*; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please avoid .* imports
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
import com.google.protobuf.ByteString; | ||
import org.apache.commons.cli.*; | ||
|
||
public class DeId { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Given this short name, I recommend renaming to DeIdentification
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
|
||
public class DeId { | ||
|
||
private static void deidentifyWithMask(String string, Character maskingCharacter, int numberToMask) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
deidentify => deIdentify
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
.setPrimitiveTransformation(primitiveTransformation) | ||
.build(); | ||
|
||
InfoTypeTransformations infoTypeTransformationArray = |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Given all these objects that get created just to create a request, it would be to provide a comment above each to state what it is. It is unfortunate that InfoTypeTransformations
object exists to just provide an InfoTypeTransformation[]
surface. PrimitiveTransformation
, InfoTypeTransformation
also seem pretty confusing. In an ideal world, PrimitveTransformation
, InfoTypeTransformation
, InfoTypeTransformations
are un-necessary objects.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I had similar comments with the Node client libraries, to be honest. I'll follow up with the API/product team(s) about this.
(TODO, so I can CTRL-F for this comment.)
.setValue(string) | ||
.build(); | ||
|
||
KmsWrappedCryptoKey kmsWrappedCryptoKey = |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same comment as earlier, better comments around these objects and ideally some of these can get cleaned up on the surface. This looks very cumbersome to the user.
@@ -20,24 +20,8 @@ | |||
import com.google.cloud.ServiceOptions; | |||
import com.google.cloud.dlp.v2beta1.DlpServiceClient; | |||
import com.google.longrunning.Operation; | |||
import com.google.privacy.dlp.v2beta1.CloudStorageOptions; | |||
import com.google.privacy.dlp.v2beta1.*; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please remove .* import.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
import static org.junit.Assert.*; | ||
|
||
@RunWith(JUnit4.class) | ||
public class DeIdIT { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
DeIdentificationIT
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
import java.util.regex.Matcher; | ||
import java.util.regex.Pattern; | ||
|
||
import static org.junit.Assert.*; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please remove .* import
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
out = new PrintStream(bout); | ||
System.setOut(out); // TODO(b/64541432) DLP currently doesn't support GOOGLE DEFAULT AUTH | ||
assertNotNull(System.getenv("GOOGLE_APPLICATION_CREDENTIALS")); | ||
assertNotNull(System.getenv("DLP_DEID_WRAPPED_KEY")); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if you can hard-code these variables, that would be ideal.
Else .travis.yaml will need to be updated so that these tests are successful on java-docs-samples-testing
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm assuming you're referring to the DLP_DEID_*
variables and not GOOGLE_APPLICATION_CREDENTIALS
.
DLP_DEID_WRAPPED_KEY
is an encrypted secret - it technically should be safe to hard-code, but I wouldn't call it a 'best practice'. (As far as I'm aware, the best practice for such secrets is to add them to CI as secret environment variables.)
DLP_DEID_KEY_NAME
is not terribly secret, but would reveal your project ID and keyring name if hard-coded.
The Node samples usually use environment variables for such things, but I can hard-code these if you want. Alternatively, I'm happy (and would prefer) to add these variables to your Travis builds (through the web UI, since they're supposed to remain secret - and not travis.yaml
).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In that case, agree on not hard-coding. @lesv might be able to recommend the best approach.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ace - can you just add how to do this to the README. I'm a fan of getting this stuff from Datastore, but in this case I'm going to go w/ Ace's current implementation.
We should also mention it in the root README as well - once we write it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
// Instantiates a client | ||
try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) { | ||
|
||
// (Optional) The project ID to run the API call under |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You might wish to mention the API's if you are going to mention this much stuff.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perhaps in a more JavaDoc way and move the tag earlier.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Be sure to do a "mvn verify" or look at the results from Circle to see how you are doing on the Java Style guide - I see stuff that looks a bit iffy.
private PrintStream out; | ||
|
||
// Update to wrapped local encryption key | ||
private String wrappedKey = System.getenv("DLP_DEID_WRAPPED_KEY"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We'll need to update our testing if this stays.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've added these environment variables to Travis, but they (and a few BigQuery tables) are based off of the nodejs-docs-samples
project - and will need to be moved over at some point.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please update the README to mention your environment variables for testing.
I didn't address the "abbreviation" linter warning, since it was complaining about files that I didn't modify - but let me know if this was in error. |
🤖 I have created a release *beep* *boop* --- ### [0.122.22](googleapis/java-errorreporting@v0.122.21...v0.122.22) (2022-03-29) ### Dependencies * update dependency com.google.cloud:google-cloud-core to v2.5.11 ([#839](googleapis/java-errorreporting#839)) ([ecda8aa](googleapis/java-errorreporting@ecda8aa)) * update dependency com.google.cloud:google-cloud-shared-dependencies to v2.9.0 ([#840](googleapis/java-errorreporting#840)) ([7f59117](googleapis/java-errorreporting@7f59117)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
🤖 I have created a release *beep* *boop* --- ### [0.122.22](googleapis/java-errorreporting@v0.122.21...v0.122.22) (2022-03-29) ### Dependencies * update dependency com.google.cloud:google-cloud-core to v2.5.11 ([#839](googleapis/java-errorreporting#839)) ([ecda8aa](googleapis/java-errorreporting@ecda8aa)) * update dependency com.google.cloud:google-cloud-shared-dependencies to v2.9.0 ([#840](googleapis/java-errorreporting#840)) ([7f59117](googleapis/java-errorreporting@7f59117)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
🤖 I have created a release *beep* *boop* --- ### [0.122.22](googleapis/java-errorreporting@v0.122.21...v0.122.22) (2022-03-29) ### Dependencies * update dependency com.google.cloud:google-cloud-core to v2.5.11 ([#839](googleapis/java-errorreporting#839)) ([ecda8aa](googleapis/java-errorreporting@ecda8aa)) * update dependency com.google.cloud:google-cloud-shared-dependencies to v2.9.0 ([#840](googleapis/java-errorreporting#840)) ([7f59117](googleapis/java-errorreporting@7f59117)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
…2.0 (#841) [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java)) | `25.1.0` -> `25.2.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.2.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.2.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.2.0/compatibility-slim/25.1.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.2.0/confidence-slim/25.1.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-language).
…2.0 (#841) [![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/GoogleCloudPlatform/cloud-opensource-java)) | `25.1.0` -> `25.2.0` | [![age](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.2.0/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.2.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.2.0/compatibility-slim/25.1.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.cloud:libraries-bom/25.2.0/confidence-slim/25.1.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Renovate will not automatically rebase this PR, because other commits have been found. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-language).
…6.0 (#841) * deps: update dependency com.google.cloud:google-cloud-pubsub to v1.116.0 * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
🤖 I have created a release *beep* *boop* --- ## [3.2.0](googleapis/java-dlp@v3.1.4...v3.2.0) (2022-03-29) ### Features * new Bytes and File types: POWERPOINT and EXCEL ([#848](googleapis/java-dlp#848)) ([ffb764d](googleapis/java-dlp@ffb764d)) ### Dependencies * update dependency com.google.cloud:google-cloud-pubsub to v1.116.0 ([#841](googleapis/java-dlp#841)) ([e12a43f](googleapis/java-dlp@e12a43f)) * update dependency com.google.cloud:google-cloud-shared-dependencies to v2.9.0 ([#849](googleapis/java-dlp#849)) ([7106010](googleapis/java-dlp@7106010)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
Do not merge until this code has been:a) testedb) updated to use new client libraries (as the current ones don't support scanning BigQuery)Reminder: this should be reviewed on a best-effort basis.