feat(gapic): support mTLS certificates when available by daniel-sanche · Pull Request #1467 · googleapis/python-spanner · GitHub
Skip to content
This repository was archived by the owner on Jun 8, 2026. It is now read-only.

feat(gapic): support mTLS certificates when available#1467

Merged
daniel-sanche merged 2 commits into
mainfrom
librarian-20251216T120431Z
Dec 16, 2025
Merged

feat(gapic): support mTLS certificates when available#1467
daniel-sanche merged 2 commits into
mainfrom
librarian-20251216T120431Z

Conversation

@daniel-sanche

@daniel-sanche daniel-sanche commented Dec 16, 2025

Copy link
Copy Markdown
Contributor

feat: update image to us-central1-docker.pkg.dev/cloud-sdk-librarian-prod/images-prod/python-librarian-generator@sha256:b8058df4c45e9a6e07f6b4d65b458d0d059241dd34c814f151c8bf6b89211209

@daniel-sanche
updated librarian files
2ad2335
@daniel-sanche
feat: update image to us-central1-docker.pkg.dev/cloud-sdk-librarian-…
167af2a 
…prod/images-prod/python-librarian-generator@sha256:b8058df4c45e9a6e07f6b4d65b458d0d059241dd34c814f151c8bf6b89211209
@daniel-sanche daniel-sanche requested review from a team December 16, 2025 20:04
@product-auto-label product-auto-label Bot added the size: xl Pull request size is extra large. label Dec 16, 2025
@product-auto-label product-auto-label Bot added the api: spanner Issues related to the googleapis/python-spanner API. label Dec 16, 2025
@gemini-code-assist

gemini-code-assist Bot commented Dec 16, 2025

Copy link
Copy Markdown
Contributor

gemini-code-assist[bot]
gemini-code-assist Bot reviewed Dec 16, 2025
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request appears to be an automated update to add support for Python 3.14 and refresh dependencies. The changes include updating Python versions in noxfile.py, moving OpenTelemetry dependencies to core, and refactoring mTLS client certificate handling.

My main concerns are:

  1. The OpenTelemetry dependencies have been moved from an optional tracing extra to core dependencies. This significantly increases the dependency footprint for all users and should be reverted if unintentional.
  2. There is a large block of duplicated code for version checking in spanner_admin_database_v1/__init__.py and spanner_admin_instance_v1/__init__.py which also uses overly broad exception handling. This should be refactored for better maintainability.
  3. A -s flag was added to pytest calls, which could make CI logs overly verbose.

I've added specific comments with suggestions for these points.

Comment thread .librarian/generator-input/setup.py
Comment thread .librarian/generator-input/setup.py
Comment thread .librarian/generator-input/noxfile.py
session.run(
"py.test",
"--quiet",
"-s",

@gemini-code-assist gemini-code-assist Bot Dec 16, 2025

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The -s flag (short for --capture=no) disables output capturing in pytest. While this can be useful for local debugging, it often makes CI logs excessively verbose. It's generally recommended to avoid this flag in CI configurations to keep logs concise and focused on failures. Please consider removing this flag.

Comment thread google/cloud/spanner_admin_database_v1/__init__.py
Comment on lines +101 to +189
else: # pragma: NO COVER
# An older version of api_core is installed which does not define the
# functions above. We do equivalent checks manually.
try:
import warnings
import sys

_py_version_str = sys.version.split()[0]
_package_label = "google.cloud.spanner_admin_database_v1"
if sys.version_info < (3, 9):
warnings.warn(
"You are using a non-supported Python version "
+ f"({_py_version_str}). Google will not post any further "
+ f"updates to {_package_label} supporting this Python version. "
+ "Please upgrade to the latest Python version, or at "
+ f"least to Python 3.9, and then update {_package_label}.",
FutureWarning,
)
if sys.version_info[:2] == (3, 9):
warnings.warn(
f"You are using a Python version ({_py_version_str}) "
+ f"which Google will stop supporting in {_package_label} in "
+ "January 2026. Please "
+ "upgrade to the latest Python version, or at "
+ "least to Python 3.10, before then, and "
+ f"then update {_package_label}.",
FutureWarning,
)

def parse_version_to_tuple(version_string: str):
"""Safely converts a semantic version string to a comparable tuple of integers.
Example: "4.25.8" -> (4, 25, 8)
Ignores non-numeric parts and handles common version formats.
Args:
version_string: Version string in the format "x.y.z" or "x.y.z<suffix>"
Returns:
Tuple of integers for the parsed version string.
"""
parts = []
for part in version_string.split("."):
try:
parts.append(int(part))
except ValueError:
# If it's a non-numeric part (e.g., '1.0.0b1' -> 'b1'), stop here.
# This is a simplification compared to 'packaging.parse_version', but sufficient
# for comparing strictly numeric semantic versions.
break
return tuple(parts)

def _get_version(dependency_name):
try:
version_string: str = metadata.version(dependency_name)
parsed_version = parse_version_to_tuple(version_string)
return (parsed_version, version_string)
except Exception:
# Catch exceptions from metadata.version() (e.g., PackageNotFoundError)
# or errors during parse_version_to_tuple
return (None, "--")

_dependency_package = "google.protobuf"
_next_supported_version = "4.25.8"
_next_supported_version_tuple = (4, 25, 8)
_recommendation = " (we recommend 6.x)"
(_version_used, _version_used_string) = _get_version(_dependency_package)
if _version_used and _version_used < _next_supported_version_tuple:
warnings.warn(
f"Package {_package_label} depends on "
+ f"{_dependency_package}, currently installed at version "
+ f"{_version_used_string}. Future updates to "
+ f"{_package_label} will require {_dependency_package} at "
+ f"version {_next_supported_version} or higher{_recommendation}."
+ " Please ensure "
+ "that either (a) your Python environment doesn't pin the "
+ f"version of {_dependency_package}, so that updates to "
+ f"{_package_label} can require the higher version, or "
+ "(b) you manually update your Python environment to use at "
+ f"least version {_next_supported_version} of "
+ f"{_dependency_package}.",
FutureWarning,
)
except Exception:
warnings.warn(
"Could not determine the version of Python "
+ "currently being used. To continue receiving "
+ "updates for {_package_label}, ensure you are "
+ "using a supported version of Python; see "
+ "https://devguide.python.org/versions/"
)

@gemini-code-assist gemini-code-assist Bot Dec 16, 2025

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

This large block of version-checking code is duplicated in google/cloud/spanner_admin_instance_v1/__init__.py. To improve maintainability, this logic should be extracted into a shared utility module.

Additionally, the except Exception: clauses on lines 155 and 181 are too broad. They can hide unexpected errors. Please consider catching more specific exceptions. For example:

  • On line 155, you could catch (AttributeError, ValueError, ImportError).
  • On line 181, you could catch ImportError.

Comment thread google/cloud/spanner_admin_instance_v1/__init__.py
Comment on lines +81 to +169

@gemini-code-assist gemini-code-assist Bot Dec 16, 2025

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

This large block of version-checking code is duplicated from google/cloud/spanner_admin_database_v1/__init__.py. To improve maintainability, this logic should be extracted into a shared utility module.

Additionally, the except Exception: clauses are too broad and can hide unexpected errors. Please consider catching more specific exceptions.

@daniel-sanche daniel-sanche changed the title chore: librarian update image pull request: 20251216T120431Z feat(gapic): support mTLS certificates when available Dec 16, 2025
@daniel-sanche daniel-sanche merged commit df87c3e into main Dec 16, 2025
29 of 30 checks passed
@daniel-sanche daniel-sanche deleted the librarian-20251216T120431Z branch December 16, 2025 20:53
@daniel-sanche daniel-sanche mentioned this pull request Dec 16, 2025
Merged
rahul2393 pushed a commit that referenced this pull request Dec 17, 2025
@daniel-sanche
chore: librarian release pull request: 20251216T134400Z (#1468)
2acea5e 
PR created by the Librarian CLI to initialize a release. Merging this PR
will auto trigger a release.

Librarian Version: v0.7.0
Language Image:
us-central1-docker.pkg.dev/cloud-sdk-librarian-prod/images-prod/python-librarian-generator@sha256:b8058df4c45e9a6e07f6b4d65b458d0d059241dd34c814f151c8bf6b89211209
<details><summary>google-cloud-spanner: 3.61.0</summary>

##
[3.61.0](v3.60.0...v3.61.0)
(2025-12-16)

### Features

* support mTLS certificates when available (#1467)
([df87c3e](df87c3ed))

</details>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

2 more reviewers
@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments
@parthea parthea parthea approved these changes
Reviewers whose approvals may not affect merge requirements

Assignees

@aakashanandg aakashanandg

Labels

api: spanner Issues related to the googleapis/python-spanner API. size: xl Pull request size is extra large.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@daniel-sanche @parthea @aakashanandg