Skip to content

Add support for Google Artifact Registry #1936

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Apr 23, 2025
Merged

Add support for Google Artifact Registry #1936

merged 6 commits into from
Apr 23, 2025

Conversation

paololazzari
Copy link
Contributor

Fixes #1934

@consideRatio consideRatio mentioned this pull request Mar 5, 2025
Closed
@paololazzari paololazzari reopened this Mar 10, 2025
@paololazzari
Copy link
Contributor Author

This pull requests allows for the GCP's Google Metadata Server to be used as a token_url:

config:
  BinderHub: 
    DockerRegistry:
      url: "https://us-central1-docker.pkg.dev"
      token_url: http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token
      username: "oauth2accesstoken"

@paololazzari
Copy link
Contributor Author

@consideRatio could you take a look please? this change is the only way I can get binderhub to work with artifact registry

@paololazzari
Copy link
Contributor Author

@rgaiacs could you take a look please?

@consideRatio
Copy link
Member

@paololazzari Sorry I am too low on time to help at the moment =/

@rgaiacs
Copy link
Contributor

rgaiacs commented Mar 31, 2025

could you take a look please?

I never used Google Compute Engine. I cannot help. Sorry.

@paololazzari
Copy link
Contributor Author

Is there anyone who can help? it's a very small change.

manics
manics reviewed Apr 22, 2025
View reviewed changes
Copy link
Member

@manics manics left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry for the delay in reviewing. Based on your comments in #1934 this seems reasonable. However rather than adding a conditional here I think it'd be cleaner to create a subclass, especially if we need to add more conditionals for other registries in future.

e.g.

class GoogleArtifactRegistry(DockerRegistry):
    # Please add some comments about where the URL comes from etc, e.g. link to the Google Cloud documentation

    @default("token_url")
    def _default_token_url(self):
        ....

    async def _get_token(self, client, token_url, service, scope):
        ....

This also makes it easier to use- you can just specify the registry class instead of having to set the token_url since that'll be embedded in the class.

@paololazzari
Copy link
Contributor Author

@manics Thanks for the feedback, I've made those changes.

manics
manics reviewed Apr 23, 2025
View reviewed changes
@manics
Copy link
Member

manics commented Apr 23, 2025

Thanks, and once again sorry for the delay.

@manics manics merged commit 837169d into jupyterhub:main Apr 23, 2025
14 checks passed
consideRatio pushed a commit to jupyterhub/helm-chart that referenced this pull request Apr 23, 2025
[binderhub] Automatic update for commit 1.0.0-0.dev.git.3724.h837169df
ee5aae5 
jupyterhub/binderhub#1936 Merge pull request #1936 from paololazzari/1934-gcp-artifact-registry
@jupyterhub-bot jupyterhub-bot mentioned this pull request Apr 24, 2025
Merged
@paololazzari paololazzari mentioned this pull request May 9, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@manics manics manics approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

tornado.httpclient.HTTPClientError: HTTP 401: Unauthorized for GCP service account which works locally
4 participants
@paololazzari @consideRatio @rgaiacs @manics