Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: promote use of bill of materials in quickstart documentation #1620

Merged
merged 8 commits into from
Jan 20, 2025
+65 −8
Merged

docs: promote use of bill of materials in quickstart documentation #1620

Changes from 4 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
3db0e34
docs: promote use of bill of materials in quickstart documentation
diegomarquezp Jan 16, 2025
fb76d5b
Merge branch 'main' into promote-bom-in-readme
suztomo Jan 17, 2025
d9e9ef2
Update README.md
diegomarquezp Jan 17, 2025
a6adb90
Update README.md
diegomarquezp Jan 17, 2025
ea53f06
add instructions for libraries-bom
diegomarquezp Jan 17, 2025
e22ea48
Merge branch 'promote-bom-in-readme' of https://github.com/googleapis…
diegomarquezp Jan 17, 2025
77655f1
Update README.md
diegomarquezp Jan 20, 2025
121ee13
Update README.md
diegomarquezp Jan 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 42 additions & 8 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,35 +50,69 @@ credentials as well as utility methods to create them and to get Application Def

## Quickstart

### Using Maven
Copy link
Contributor

@lqiu96 lqiu96 Jan 16, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

Thoughts on also mentioning libraries-bom here (perhaps a small section)? We can mention that if you use libraries-bom, then auth-bom is imported as well.

Otherwise, you should manually import the auth-bom (like below)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good. I'll add a section.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, I think it's not as trivial to ensure the snippet with libraries-bom has an up-to-date <version/> since it's not managed in versions.txt.

Other repos such as google-cloud-java use the config yaml.
We also have the case of spring-cloud-gcp which seems to rely on renovate-bot. I think it's better to wait for such PR and otherwise raise an issue to keep it up to date.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah yeah makes sense. Maybe we don't need to have a code reference here. We could just reference this page: https://cloud.google.com/java/docs/bom


#### Google Auth Library Bill of Materials
In order to ensure transitive dependencies and the modules themselves are aligned with each other,
we rely on the Google Auth Library Bill of Materials. Please add this to your dependency management
section as follows:

[//]: # ({x-version-update-start:google-auth-library-bom:released})
```xml
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.google.auth</groupId>
<artifactId>google-auth-library-bom</artifactId>
<version>1.30.1</version>
lqiu96 marked this conversation as resolved.
Show resolved Hide resolved
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
```
[//]: # ({x-version-update-end})

#### Choosing your implementation

If you are using Maven, add this to your pom.xml file (notice that you can replace
`google-auth-library-oauth2-http` with any of `google-auth-library-credentials` and
`google-auth-library-appengine`, depending on your application needs):

[//]: # ({x-version-update-start:google-auth-library-oauth2-http:released})

```xml
<dependency>
<groupId>com.google.auth</groupId>
<!-- Let the BOM manage the transitive dependencies and module version. -->
diegomarquezp marked this conversation as resolved.
Show resolved Hide resolved
<!-- Replace with the module(s) that are needed -->
<artifactId>google-auth-library-oauth2-http</artifactId>
<version>1.19.0</version>
</dependency>
```
[//]: # ({x-version-update-end})


### Using Gradle
If you are using Gradle, add this to your dependencies

[//]: # ({x-version-update-start:google-auth-library-oauth2-http:released})
[//]: # ({x-version-update-start:google-auth-library-bom:released})
```Groovy
implementation 'com.google.auth:google-auth-library-oauth2-http:1.19.0'
dependencies {
// The BOM will manage the module versions and transitive dependencies
implementation platform('com.google.auth:google-auth-library-bom:1.30.1')
lqiu96 marked this conversation as resolved.
Show resolved Hide resolved
// Replace with the module(s) that are needed
implementation 'com.google.auth:google-auth-library-oauth2-http'
}

```
[//]: # ({x-version-update-end})

Unfortunately, SBT [cannot](https://github.com/sbt/sbt/issues/4531) manage dependencies via Maven
Bills of Materials. Therefore, you will have to add the submodule directly. Make sure the module
versions are aligned in case you are using more than one authentication module in order to prevent
transitive dependency conflicts.
If you are using SBT, add this to your dependencies

[//]: # ({x-version-update-start:google-auth-library-oauth2-http:released})
```Scala
libraryDependencies += "com.google.auth" % "google-auth-library-oauth2-http" % "1.19.0"
// Replace this with the implementation module that suits your needs
libraryDependencies += "com.google.auth" % "google-auth-library-oauth2-http" % "1.30.1"
lqiu96 marked this conversation as resolved.
Show resolved Hide resolved
```
[//]: # ({x-version-update-end})

Expand Down
Loading