feat(datastore): Configure both mTLS and TLS endpoints for Datastore client #9653
Conversation
|
🤖 I detect that the PR title and the commit message differ and there's only one commit. To use the PR title for the commit history, you can use Github's automerge feature with squashing, or use -- conventional-commit-lint bot |
d4b81de
to
eb2950b
Compare
datastore/datastore.go
Outdated
| @@ -115,6 +118,7 @@ func NewClientWithDatabase(ctx context.Context, projectID, databaseID string, op | |||
| } else { | |||
| o = []option.ClientOption{ | |||
| option.WithEndpoint(prodAddr), | |||
There was a problem hiding this comment.
Can we use withDefaultEndpoint() in place of WithEndpoint()?
The WithEndpoint() param is treated as an overriding option by the transport layer code, thus preventing the WithDefaultMTLSEndpoint() param from being used. thx
There was a problem hiding this comment.
Compiler warning:
internaloption.WithDefaultEndpoint is deprecated: WithDefaultEndpoint does not support setting the universe domain. Use WithDefaultEndpointTemplate and WithDefaultUniverseDomain to compose the default endpoint instead.
So, used template and domain
There was a problem hiding this comment.
I see looks like things changed recently, but yes you are right, we can use the template and domain instead, e.g. https://github.com/googleapis/google-cloud-go/blob/main/ai/generativelanguage/apiv1/generative_client.go#L61
|
Do not merge until release freeze ends in mid April |
The benefit of the change is so that the transport layer can establish mTLS connection where possible, thus improving security for communication to google apis.
Resolves: b/329657227