Migrating to google-cloud-kms 2.0
The 2.0 release of the google-cloud-kms client is a significant upgrade based on a next-gen code generator, and includes substantial interface changes. Existing code written for earlier versions of this library will likely require updates to use this version. This document describes the changes that have been made, and what you need to do to update your usage.
To summarize:
- The library has been broken out into two libraries. The new gem
google-cloud-kms-v1
contains the actual client classes for version V1 of the KMS service, and the gemgoogle-cloud-kms
now simply provides a convenience wrapper. See Library Structure for more info. - The library uses a new configuration mechanism giving you closer control over endpoint address, network timeouts, and retry. See Client Configuration for more info. Furthermore, when creating a client object, you can customize its configuration in a block rather than passing arguments to the constructor. See Creating Clients for more info.
- Previously, IAM methods such as
set_iam_policy
were exposed on the main client object. Now they are on a separate IAM client object. See Creating Clients for more info. - Previously, positional arguments were used to indicate required arguments. Now, all method arguments are keyword arguments, with documentation that specifies whether they are required or optional. Additionally, you can pass a proto request object instead of separate arguments. See Passing Arguments for more info.
- Previously, some client classes included helper methods for constructing resource paths. These methods now take keyword rather than positional arguments, and are also available in a separate paths module. See Resource Path Helpers for more info.
- Previously, clients reported RPC errors by raising instances of
Google::Gax::GaxError
and its subclasses. Now, RPC exceptions are of typeGoogle::Cloud::Error
and its subclasses. See Handling Errors for more info. - Some classes have moved into different namespaces. See Class Namespaces for more info.
Library Structure
Older 1.x releases of the google-cloud-kms
gem were all-in-one gems
that included potentially multiple clients for multiple versions of the
KMS service. The Google::Cloud::Kms.new
factory method would
return you an instance of a Google::Cloud::Kms::V1::KeyManagementServiceClient
object for the V1 version of the service.
With the 2.0 release, the google-cloud-kms
gem still provides factory
methods for obtaining clients. (The method signatures will have changed. See
Creating Clients for details.) However, the actual client
classes have been moved into separate gems, one per service version. Currently,
KMS has one version, V1. The
Google::Cloud::Kms::V1::KeyManagementService::Client
class, along with its
helpers and data types, is now part of the google-cloud-kms-v1
gem.
If an additional version of the KMS service is released, an additional gem
may be provided for its client classes.
For normal usage, you can continue to install the google-cloud-kms
gem
(which will bring in the versioned client gems as dependencies) and continue to
use factory methods to create clients. However, you may alternatively choose to
install only one of the versioned gems. For example, if you know you will only
use V1
of the service, you can install google-cloud-kms-v1
by
itself, and construct instances of the
Google::Cloud::Kms::V1::KeyManagementService::Client
client class directly.
Client Configuration
In older releases, if you wanted to customize performance parameters or low-level behavior of the client (such as credentials, timeouts, or instrumentation), you would pass a variety of keyword arguments to the client constructor. It was also extremely difficult to customize the default settings.
With the 2.0 release, a configuration interface provides control over these parameters, including defaults for all instances of a client, and settings for each specific client instance. For example, to set default credentials and timeout for all KMS V1 clients:
Google::Cloud::Kms::V1::KeyManagementService::Client.configure do |config|
config.credentials = "/path/to/credentials.json"
config.timeout = 10.0
end
Individual RPCs can also be configured independently. For example, to set the
timeout for the list_key_rings
call:
Google::Cloud::Kms::V1::KeyManagementService::Client.configure do |config|
config.rpcs.list_key_rings.timeout = 20.0
end
Defaults for certain configurations can be set for all KMS versions and services globally:
Google::Cloud::Kms.configure do |config|
config.credentials = "/path/to/credentials.json"
config.timeout = 10.0
end
Finally, you can override the configuration for each client instance. See the next section on Creating Clients for details.
Creating Clients
In older releases, to create a client object, you would use the
Google::Cloud::Kms.new
class method. Keyword arguments were available to
select a service version and to configure parameters such as credentials and
timeouts.
With the 2.0 release, use the Google::Cloud::Kms.key_management_service
class
method to create a client object. You may select a service version using the
:version
keyword argument. However, other configuration parameters should be
set in a configuration block when you create the client.
Old:
client = Google::Cloud::Kms.new credentials: "/path/to/credentials.json"
New:
client = Google::Cloud::Kms.key_management_service do |config|
config.credentials = "/path/to/credentials.json"
end
The configuration block is optional. If you do not provide it, or you do not set some configuration parameters, then the default configuration is used. See Client Configuration.
Additionally, IAM-related methods such as set_iam_policy
, get_iam_policy
,
and test_iam_permissions
have been moved to a separate client class, which
you can construct by calling the Google::Cloud::Kms.iam_policy
class method.
Passing Arguments
In older releases, required arguments would be passed as positional method arguments, while most optional arguments would be passed as keyword arguments.
With the 2.0 release, all RPC arguments are passed as keyword arguments, regardless of whether they are required or optional. For example:
Old:
client = Google::Cloud::Kms.new
parent = "projects/my-project/locations/my-location"
# Parent is a positional argument, while page_size is a keyword argument.
response = client.list_key_rings parent, page_size: 10
New:
client = Google::Cloud::Kms.key_management_service
parent = "projects/my-project/locations/my-location"
# Parent and page_size are both keyword arguments
response = client.list_key_rings parent: parent, page_size: 10
In the 2.0 release, it is also possible to pass a request object, either as a hash or as a protocol buffer.
New:
client = Google::Cloud::Kms.key_management_service
request = Google::Cloud::Kms::V1::ListKeyRingsRequest.new(
parent: "projects/my-project/locations/my-location",
page_size: 10
)
# Pass a request object as a positional argument:
response = client.list_key_rings request
Finally, in older releases, to provide call options, you would pass a
Google::Gax::CallOptions
object with the :options
keyword argument. In the
2.0 release, pass call options using a second set of keyword arguments.
Old:
client = Google::Cloud::Kms.new
parent = "projects/my-project/locations/my-location"
= Google::Gax::CallOptions.new timeout: 10.0
response = client.list_key_rings parent, page_size: 10, options:
New:
client = Google::Cloud::Kms.key_management_service
parent = "projects/my-project/locations/my-location"
# Use a hash to wrap the normal call arguments (or pass a request object), and
# then add further keyword arguments for the call options.
response = client.list_key_rings(
{ parent: parent, page_size: 10 },
timeout: 10.0
)
Resource Path Helpers
The client library includes helper methods for generating the resource path strings passed to many calls. These helpers have changed in two ways:
- In older releases, they are both class methods and instance methods on the client class. In the 2.0 release, they are instance methods only. However, they are also available on a separate paths module that you can include elsewhere for convenience.
- In older releases, arguments to a resource path helper are passed as positional arguments. In the 2.0 release, they are passed as named keyword arguments.
Following is an example involving using a resource path helper.
Old:
client = Google::Cloud::Kms.new
# Call the helper on the client instance
parent = client.location_path "my-project", "my-location"
response = client.list_key_rings parent
New:
client = Google::Cloud::Kms.key_management_service
# Call the helper on the client instance, and use keyword arguments
parent = client.location_path project: "my-project", location: "my-location"
response = client.list_key_rings parent: parent
In the 2.0 client, you can also use the paths module as a convenience module.
New:
# Bring the path helper methods into the current class
include Google::Cloud::Kms::V1::KeyManagementService::Paths
def foo
client = Google::Cloud::Kms.key_management_service
# Call the included helper method
parent = location_path project: "my-project", location: "my-location"
response = client.list_key_rings parent: parent
# Do something with response...
end
Handling Errors
The client reports standard
gRPC error codes
by raising exceptions. In older releases, these exceptions were located in the
Google::Gax
namespace and were subclasses of the Google::Gax::GaxError
base
exception class, defined in the google-gax
gem. However, these classes were
different from the standard exceptions (subclasses of Google::Cloud::Error
)
thrown by other client libraries such as google-cloud-storage
.
The 2.0 client library now uses the Google::Cloud::Error
exception hierarchy,
for consistency across all the Google Cloud client libraries. In general, these
exceptions have the same name as their counterparts from older releases, but
are located in the Google::Cloud
namespace rather than the Google::Gax
namespace.
Old:
client = Google::Cloud::Kms.new
parent = "projects/my-project/locations/my-location"
begin
response = client.list_key_rings parent, page_size: 10
rescue Google::Gax::Error => e
# Handle exceptions that subclass Google::Gax::Error
end
New:
client = Google::Cloud::Kms.key_management_service
parent = "projects/my-project/locations/my-location"
begin
response = client.list_key_rings parent: parent, page_size: 10
rescue Google::Cloud::Error => e
# Handle exceptions that subclass Google::Cloud::Error
end
Class Namespaces
In older releases, the client object was of classes with names like:
Google::Cloud::Kms::V1::KeyManagementServiceClient
.
In the 2.0 release, the client object is of a different class:
Google::Cloud::Kms::V1::KeyManagementService::Client
.
Note that most users will use the factory methods such as
Google::Cloud::Kms.key_management_service
to create instances of the client object,
so you may not need to reference the actual class directly.
See Creating Clients.
In older releases, the credentials object was of class
Google::Cloud::Kms::V1::Credentials
.
In the 2.0 release, each service has its own credentials class, e.g.
Google::Cloud::Kms::V1::KeyManagementService::Credentials
.
Again, most users will not need to reference this class directly.
See Client Configuration.